benroot
commented
4 years ago Could include if(typeof e.data === 'string')
to messages.js:60
Open benroot opened 4 years ago
benroot
commented
4 years ago Could include if(typeof e.data === 'string')
to messages.js:60
stale[bot]
commented
2 years ago Thanks for contributing to this issue. As it has been 2 years since the last activity, we are automatically closing the issue in 30 days. This is often because the request was already solved in some way and it just wasn't updated or it's no longer applicable. If that's not the case, please respond before the issue is closed, or post a message on the mailing list. We'll gladly take a look again!
Summary:
When an Iframe sends a message to the host using window.parent.postMessage with object data instead of string data Canvas tries to parse the message and posts an error to the console.
In our Canvas instance we embed iframes from publishers and other services and sometimes these iframes send messages. Canvas should check if the data is an object before trying to parse it and causing an exception.
Steps to reproduce:
<script> window.parent.postMessage({}, '*'); </script>Expected behavior:
Silently ignore messages from iframes that are formatted specifically for Canvas to use.
Actual behavior:
Additional notes:
This error occurs when embedding an H5P object into Canvas. H5P iframes can be set up to interact with hosted Javascript which will allow for smart resizing of the iframe depending on the size of the host window. When this is activated the console receives hundreds of errors. Is it possible that these two systems can work together better if Canvas checks for presence of an object in in the message instead of assuming JSON?