xpra icon
Bug tracker and wiki

Opened 8 weeks ago

Closed 7 weeks ago

#2123 closed defect (fixed)

use html5 client inside an iframe

Reported by: Dušan Vejnovič Owned by: Dušan Vejnovič
Priority: trivial Milestone: 2.5
Component: html5 Version: 2.4.x
Keywords: Cc:

Description (last modified by Antoine Martin)

I got error if want to use Xpra html5 inside iframe element:
Uncaught DOMException: Failed to read the 'sessionStorage' property from 'Window': Access is denied for this document.


Browser stopped, nothing to see. It appears in file 'Utilities.js', about in 436 line. If I catch error then everything works normally. So, the modification looks:

var value = getParameter(prop);
try {
   if (value === undefined && typeof(sessionStorage) !== undefined)
       value = sessionStorage.getItem(prop);
} catch (e) {
   // nothig to catch
}
return value;



I use Debian Stretch packages for version 2.4.3.

Change History (11)

comment:1 Changed 8 weeks ago by Dušan Vejnovič

'nothig to catch' is a comment.

comment:2 Changed 8 weeks ago by Antoine Martin

Description: modified (diff)
Owner: changed from Antoine Martin to Dušan Vejnovič
Summary: USE XPRA HTML5 INSIDE IFRAME ELEMENTuse html5 client inside an iframe

I would expect the connect page to also produce errors with sessionStorage access.
In which case you won't be able to pass settings to the index page.

As per sessionStorage in iframe, you can use the sessionStorage if the client runs from the same domain. Maybe you can do that instead?

Last edited 8 weeks ago by Antoine Martin (previous) (diff)

comment:3 Changed 8 weeks ago by Dušan Vejnovič

I cannot run xpra html5 in the same domain.
What do you think about this solution:
https://michalzalecki.com/why-using-localStorage-directly-is-a-bad-idea/

Version 0, edited 8 weeks ago by Dušan Vejnovič (next)

comment:4 Changed 8 weeks ago by Antoine Martin

Using in-memory storage won't work across pages.
r21499 does merge the more thorough test for sessionStorage, so we won't try to use it when it is defined but not usable (ie: because of chrome content settings).
In most cases, using URI will work the same as sessionStorage - just exposing all the settings in the URL bar, but you will not be able to use the password field of the connect page without also agreeing to use Insecure plain-text passwords settings.

Please close if that works for you.

comment:5 Changed 8 weeks ago by Antoine Martin

Oops, you also need the r21500 fixup.

comment:6 Changed 8 weeks ago by Dušan Vejnovič

You can also change 439 line in Utilities.js from

if (value === undefined && typeof(sessionStorage) !== undefined) {

to

if (value === undefined && Utilities.hasSessionStorage()) {

If you do so, xpra html5 now works in iframe without error.
You may now close this ticket.

comment:7 Changed 8 weeks ago by Antoine Martin

Resolution: fixed
Status: newclosed

I've gone for a slightly different solution in r21506.

comment:8 Changed 7 weeks ago by Dušan Vejnovič

Resolution: fixed
Status: closedreopened

Your solution does not work because the error is still present in line 439. So move line 439 in below try/catch block.
Example:

value = sessionStorage.getItem(prop);
try {
    if (value === undefined && typeof(sessionStorage) !== undefined) {
        value = sessionStorage.getItem(prop);
    }
}
catch (e) {
    value = null;
}
return value;
Last edited 7 weeks ago by Dušan Vejnovič (previous) (diff)

comment:9 Changed 7 weeks ago by Antoine Martin

I don't understand why javascript would throw an exception running typeof(sessionStorage), but whatever, merged in r21519.
What is the error that you saw?

comment:10 in reply to:  9 Changed 7 weeks ago by Dušan Vejnovič

Replying to Antoine Martin:

I don't understand why javascript would throw an exception running typeof(sessionStorage), but whatever, merged in r21519.
What is the error that you saw?

Uncaught DOMException: Failed to read the 'sessionStorage' property from 'Window': Access is denied for this document.

comment:11 Changed 7 weeks ago by Antoine Martin

Resolution: fixed
Status: reopenedclosed

Ah, thanks, got it.

Note: See TracTickets for help on using tickets.