Skip to content

Prevent uncaught SecurityError in extensionHostFrame

Warren Gifford requested to merge extension-host-frame-xorigin into master

Created by: lguychard

When the integration assets are self-hosted by the code host, accessing window.parent.SOURCEGRAPH_ASSETS_URL is not an issue. However, when fetching extensionHostFrame from the sourcegraph instance, window.parent is cross-origin, and accessing it will throw a SecurityError.

Merge request reports

Loading