Closed isc-bsaviano closed 6 months ago
Maybe prudent to restrict this to http(s) only, at least until someone complains.
Good suggestion, John.
I took the beta made from this commit for a spin by dropping the file into my VS Code extensions and restarting. Unfortunately, I still observe the same behavior when after adding the onClick event to the "create new CCR" link on the landing page of the CCR Controls: <A href="#($$CCRServer^%buildccr)#/ccr/create.csp?SiteCode=#($G(^SYS("SourceControl","ItemSetConfig","Org")))#&SystemCode=#($G(^SYS("SourceControl","ItemSetConfig","System")))#&BypassPREP=1" rel="noopener noreferrer" target='_blank' onClick="window.parent.postMessage(this.href, '*')">[create new CCR] Am I missing something so I can make use of this feature?
@isc-egabhart Yeah, your message is a little off. Try this instead:
window.parent.postMessage({ href: this.href }, '*')
@isc-bsaviano Thanks so much! Works like a charm!
This PR fixes #1328
@gjsjohnmurray @isc-rsingh Should I do any input validation on the VS Code side before attempting the
openExternal()
? That failing should be harmless since it's a Thenable and we aren't awaiting it. I doubt a Studio extension page is going to have links to spam web pages.