The SES lockdown logic for the iframe execution environment should be updated to match the extension. This should be accomplished by prepending a script tag comprised of this followed by this to index.html. If either step fails, the iframe should ideally blow up, or at the very least prevent further code from executing. If we can't find an elegant solution, entering into an infinite loop in the catch block is preferable to the rest of the EE code executing.
As part of this change, we should also update the ses package to the latest version. Note that we should use the file node_modules/ses/dist/lockdown.min.umd.js directly and not attempt to import ses in our own code.
The SES lockdown logic for the iframe execution environment should be updated to match the extension. This should be accomplished by prepending a
script
tag comprised of this followed by this toindex.html
. If either step fails, the iframe should ideally blow up, or at the very least prevent further code from executing. If we can't find an elegant solution, entering into an infinite loop in the catch block is preferable to the rest of the EE code executing.As part of this change, we should also update the ses package to the latest version. Note that we should use the file
node_modules/ses/dist/lockdown.min.umd.js
directly and not attempt to importses
in our own code.