fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-368 Security Avoid the problem of overwriting session data opening multiple browser tabs or multiple browser instances

Browse Source 
up observations

active or desactive block tab
This commit is contained in:
Ronald Q
2016-03-08 18:37:38 -04:00
parent 5af732c912
commit 00885f541e
16 changed files with 177 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
workflow/engine/js/src/PM.js Normal file
View File

@@ -0,0 +1,5 @@
var PM = PM || {};
(function() {
PM.version = '3.0.1.8';
}());

3
workflow/engine/js/src/Register.js Normal file
View File

@@ -0,0 +1,3 @@
PM.Sessions.register();
localStorage.setItem('ID_BLOCKER_MSG', PM.Sessions.getCookie('PM-Warning'));

118
workflow/engine/js/src/Sessions.js Normal file
View File

@@ -0,0 +1,118 @@
PM.Sessions = (function () {
var Sessions = function () {
if (window.location.pathname.indexOf("login") === -1 &&
window.location.pathname.indexOf("sysLogin") === -1 &&
this.getCookie('PM-TabPrimary') != 101010010) {
this.checkTab();
}
};
Sessions.prototype.register = function () {
window.name = this.getCookie('PM-TabPrimary');
};
Sessions.prototype.checkTab = function () {
var ieVersion,
msg;
if (parent.parent.parent.window.name !== this.getCookie('PM-TabPrimary') && parent.parent.parent.window.name.indexOf(this.getCookie('PM-TabPrimary')) === -1 ) {
ieVersion = this.detectBrowser();
msg = this.getLabel('ID_BLOCKER_MSG');
if (ieVersion && ieVersion <= 11) {
window.open('', '_self', '');
window.document.execCommand('Stop');
if (confirm(msg)) {
window.close();
}
} else if (ieVersion && ieVersion <= 12) {
window.open('', '_self', '');
window.document.execCommand('Stop');
if (confirm(msg)) {
window.close();
}
} else {
window.open('', '_self', '');
window.stop();
if (confirm(msg)) {
window.close();
}
}
}
};
Sessions.prototype.detectBrowser = function() {
var ua = window.navigator.userAgent,
msie = ua.indexOf('MSIE '),
trident = ua.indexOf('Trident/'),
edge = ua.indexOf('Edge/');
// Test values; Uncomment to check result …
// IE 10
// ua = 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)';
// IE 11
// ua = 'Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko';
// IE 12 / Spartan
// ua = 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36 Edge/12.0';
// Edge (IE 12+)
// ua = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586';
if (msie > 0) {
// IE 10 or older => return version number
return parseInt(ua.substring(msie + 5, ua.indexOf('.', msie)), 10);
}
if (trident > 0) {
// IE 11 => return version number
var rv = ua.indexOf('rv:');
return parseInt(ua.substring(rv + 3, ua.indexOf('.', rv)), 10);
}
if (edge > 0) {
// Edge (IE 12+) => return version number
return parseInt(ua.substring(edge + 5, ua.indexOf('.', edge)), 10);
}
// other browser
return false;
};
Sessions.prototype.getCookie = function (cname) {
var name = cname + "=",
c,
ca = document.cookie.split(';');
for (var i = 0; i < ca.length; i++) {
c = ca[i];
while (c.charAt(0) == ' ') c = c.substring(1);
if (c.indexOf(name) == 0) return c.substring(name.length, c.length);
}
return "";
};
Sessions.prototype.createCookie = function(name, value, days) {
var date,
expires;
if (days) {
date = new Date();
date.setTime(date.getTime()+(days*24*60*60*1000));
expires = "; expires="+date.toGMTString();
} else {
expires = "";
}
document.cookie = name+"="+value+expires+"; path=/";
};
Sessions.prototype.eraseCookie = function(name) {
this.createCookie(name,"",-1);
};
Sessions.prototype.setLabel = function(nameLabel) {
localStorage.setItem(nameLabel, _(nameLabel));
};
Sessions.prototype.getLabel = function(nameLabel) {
return localStorage.getItem(nameLabel);
};
return new Sessions();
})();