feat: verify message event origin

2025-04-10 14:24:15 +05:30
parent 411068d2c3
commit fca4db4ba1
1 changed files with 2 additions and 2 deletions
--- a/src/components/robot/RecordingsTable.tsx
+++ b/src/components/robot/RecordingsTable.tsx
@@ -187,7 +187,7 @@ export const RecordingsTable = ({

  useEffect(() => {
    const handleMessage = (event: any) => {
-      if (event.data && event.data.type === 'recording-notification') {
+      if (event.origin === window.location.origin && event.data && event.data.type === 'recording-notification') {
        const notificationData = event.data.notification;
        if (notificationData) {
          notify(notificationData.type, notificationData.message);
@@ -201,7 +201,7 @@ export const RecordingsTable = ({
        }
      }

-      if (event.data && event.data.type === 'session-data-clear') {
+      if (event.origin === window.location.origin && event.data && event.data.type === 'session-data-clear') {
        window.sessionStorage.removeItem('browserId');
        window.sessionStorage.removeItem('robotToRetrain');
        window.sessionStorage.removeItem('robotName');