* Returns the custom base URL for 3p bootstrap iframes if it exists. * Otherwise null. * @param {!Window} parentWindow * @param {!./service/ampdoc-impl.AmpDoc} ampdoc * @param {boolean=} opt_strictForUnitTest * @return {?string}
( parentWindow, ampdoc, opt_strictForUnitTest )
| 342 | * @return {?string} |
| 343 | */ |
| 344 | function getCustomBootstrapBaseUrl( |
| 345 | parentWindow, |
| 346 | ampdoc, |
| 347 | opt_strictForUnitTest |
| 348 | ) { |
| 349 | const meta = ampdoc.getMetaByName('amp-3p-iframe-src'); |
| 350 | if (!meta) { |
| 351 | return null; |
| 352 | } |
| 353 | const url = assertHttpsUrl(meta, 'meta[name="amp-3p-iframe-src"]'); |
| 354 | userAssert( |
| 355 | url.indexOf('?') == -1, |
| 356 | '3p iframe url must not include query string %s in element %s.', |
| 357 | url, |
| 358 | meta |
| 359 | ); |
| 360 | // This is not a security primitive, we just don't want this to happen in |
| 361 | // practice. People could still redirect to the same origin, but they cannot |
| 362 | // redirect to the proxy origin which is the important one. |
| 363 | const parsed = parseUrlDeprecated(url); |
| 364 | userAssert( |
| 365 | (parsed.hostname == 'localhost' && !opt_strictForUnitTest) || |
| 366 | parsed.origin != parseUrlDeprecated(parentWindow.location.href).origin, |
| 367 | '3p iframe url must not be on the same origin as the current document ' + |
| 368 | '%s (%s) in element %s. See https://github.com/ampproject/amphtml' + |
| 369 | '/blob/main/docs/spec/amp-iframe-origin-policy.md for details.', |
| 370 | url, |
| 371 | parsed.origin, |
| 372 | meta |
| 373 | ); |
| 374 | return `${url}?${mode.version()}`; |
| 375 | } |
| 376 | |
| 377 | /** |
| 378 | * Applies a sandbox to the iframe, if the required flags can be allowed. |
no test coverage detected