From 679a94f8e030d58c193c54ec982cb341cfe5d1e2 Mon Sep 17 00:00:00 2001 From: MosheMaorKaltura Date: Wed, 23 Oct 2024 12:09:30 +0300 Subject: [PATCH 1/3] FEC-14189: ignore referrer kaltura.com from friendly iframe --- src/common/utils/kaltura-params.ts | 4 ++ .../e2e/common/plugin/plugins-config.spec.ts | 38 +++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/src/common/utils/kaltura-params.ts b/src/common/utils/kaltura-params.ts index 78a7e35f9..9b7919fb8 100644 --- a/src/common/utils/kaltura-params.ts +++ b/src/common/utils/kaltura-params.ts @@ -115,6 +115,10 @@ function getReferrer(): string { let referrer; try { referrer = window.parent.document.URL; + //Ignore referrer from friendly iframe that contains kaltura.com + if (referrer.toLowerCase().includes('kaltura.com')) { + throw new Error('ignoring referrer:' + referrer); + } } catch (e) { // unfriendly iframe diff --git a/tests/e2e/common/plugin/plugins-config.spec.ts b/tests/e2e/common/plugin/plugins-config.spec.ts index ee77f3a3a..2cf5737a4 100644 --- a/tests/e2e/common/plugin/plugins-config.spec.ts +++ b/tests/e2e/common/plugin/plugins-config.spec.ts @@ -1,6 +1,7 @@ // eslint-disable-next-line @typescript-eslint/ban-ts-comment // @ts-nocheck import { ConfigEvaluator, getEncodedReferrer } from '../../../../src/common/plugins'; +import { getReferrer } from '../../../../src/common/utils/kaltura-params'; const sandbox = sinon.createSandbox(); @@ -149,6 +150,43 @@ describe('getEncodedReferrer', () => { sandbox.stub(window.parent.document, 'URL').get(() => { return 'http://localhost:3000/?debugKalturaPlayer'; }); + window.parent.document.URL.should.be.equal('http://localhost:3000/?debugKalturaPlayer'); getEncodedReferrer().should.be.equal('http%3A%2F%2Flocalhost%3A3000%2F%3FdebugKalturaPlayer'); }); }); + +describe('testReferrerLogic', () => { + before(() => { + window.originalRequestReferrer = undefined; + }); + + it('no referrer on parent', () => { + sandbox.stub(window, 'parent').get(() => undefined); + sandbox.stub(document, 'referrer').get(() => 'localRef'); + getReferrer().should.equal('localRef'); + }); + + it('referrer on parent', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'parentRef'}}}); + getReferrer().should.equal('parentRef'); + }); + + it('no referrer on parent and backend supplied referrer', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : undefined}}}); + sandbox.stub(window, 'originalRequestReferrer').get(() => "backendRef"); + getReferrer().should.equal('backendRef'); + }); + + it('if parent referrer contains kaltura.com and backend supplied referrer', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); + sandbox.stub(window, 'originalRequestReferrer').get(() => "test-kaltura.com"); + getReferrer().should.equal('test-kaltura.com'); + }); + + it('if parent referrer contains kaltura.com and backend does not supplied referrer', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); + sandbox.stub(document, 'referrer').get(() => 'localRef'); + sandbox.stub(window, 'originalRequestReferrer').get(() => undefined); + getReferrer().should.equal('localRef'); + }); +}); From 612c1004912954c254d585e4e7ca2ae275ec9211 Mon Sep 17 00:00:00 2001 From: MosheMaorKaltura Date: Wed, 23 Oct 2024 12:19:43 +0300 Subject: [PATCH 2/3] FEC-14189: ingore referrer that contains Kaltura.com in iframe --- .../e2e/common/plugin/plugins-config.spec.ts | 37 ------------------- tests/e2e/common/utils/kaltura-params.spec.ts | 37 +++++++++++++++++++ 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/tests/e2e/common/plugin/plugins-config.spec.ts b/tests/e2e/common/plugin/plugins-config.spec.ts index 2cf5737a4..9a449c4b2 100644 --- a/tests/e2e/common/plugin/plugins-config.spec.ts +++ b/tests/e2e/common/plugin/plugins-config.spec.ts @@ -1,7 +1,6 @@ // eslint-disable-next-line @typescript-eslint/ban-ts-comment // @ts-nocheck import { ConfigEvaluator, getEncodedReferrer } from '../../../../src/common/plugins'; -import { getReferrer } from '../../../../src/common/utils/kaltura-params'; const sandbox = sinon.createSandbox(); @@ -154,39 +153,3 @@ describe('getEncodedReferrer', () => { getEncodedReferrer().should.be.equal('http%3A%2F%2Flocalhost%3A3000%2F%3FdebugKalturaPlayer'); }); }); - -describe('testReferrerLogic', () => { - before(() => { - window.originalRequestReferrer = undefined; - }); - - it('no referrer on parent', () => { - sandbox.stub(window, 'parent').get(() => undefined); - sandbox.stub(document, 'referrer').get(() => 'localRef'); - getReferrer().should.equal('localRef'); - }); - - it('referrer on parent', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'parentRef'}}}); - getReferrer().should.equal('parentRef'); - }); - - it('no referrer on parent and backend supplied referrer', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : undefined}}}); - sandbox.stub(window, 'originalRequestReferrer').get(() => "backendRef"); - getReferrer().should.equal('backendRef'); - }); - - it('if parent referrer contains kaltura.com and backend supplied referrer', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); - sandbox.stub(window, 'originalRequestReferrer').get(() => "test-kaltura.com"); - getReferrer().should.equal('test-kaltura.com'); - }); - - it('if parent referrer contains kaltura.com and backend does not supplied referrer', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); - sandbox.stub(document, 'referrer').get(() => 'localRef'); - sandbox.stub(window, 'originalRequestReferrer').get(() => undefined); - getReferrer().should.equal('localRef'); - }); -}); diff --git a/tests/e2e/common/utils/kaltura-params.spec.ts b/tests/e2e/common/utils/kaltura-params.spec.ts index 7edcd2523..d1d754ab3 100644 --- a/tests/e2e/common/utils/kaltura-params.spec.ts +++ b/tests/e2e/common/utils/kaltura-params.spec.ts @@ -10,6 +10,7 @@ import { updateSessionIdInUrl } from '../../../../src/common/utils/kaltura-params'; import { SessionIdGenerator } from '../../../../src/common/utils/session-id-generator'; +const sandbox = sinon.createSandbox(); class Player { public set sessionId(s) { @@ -377,3 +378,39 @@ describe('addClientTag', () => { source.url.should.be.equal('a/b/c/playmanifest/source?a&clientTag=html5:v' + __VERSION__); }); }); + +describe('testReferrerLogic', () => { + before(() => { + window.originalRequestReferrer = undefined; + }); + + it('no referrer on parent', () => { + sandbox.stub(window, 'parent').get(() => undefined); + sandbox.stub(document, 'referrer').get(() => 'localRef'); + getReferrer().should.equal('localRef'); + }); + + it('referrer on parent', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'parentRef'}}}); + getReferrer().should.equal('parentRef'); + }); + + it('no referrer on parent and backend supplied referrer', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : undefined}}}); + sandbox.stub(window, 'originalRequestReferrer').get(() => "backendRef"); + getReferrer().should.equal('backendRef'); + }); + + it('if parent referrer contains kaltura.com and backend supplied referrer', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); + sandbox.stub(window, 'originalRequestReferrer').get(() => "test-kaltura.com"); + getReferrer().should.equal('test-kaltura.com'); + }); + + it('if parent referrer contains kaltura.com and backend does not supplied referrer', () => { + sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); + sandbox.stub(document, 'referrer').get(() => 'localRef'); + sandbox.stub(window, 'originalRequestReferrer').get(() => undefined); + getReferrer().should.equal('localRef'); + }); +}); From 0af124ded2ce7d4bbed1359002ad63956411c64a Mon Sep 17 00:00:00 2001 From: MosheMaorKaltura Date: Sun, 27 Oct 2024 09:24:14 +0200 Subject: [PATCH 3/3] FEC-14189: lint fix in test files --- tests/e2e/common/utils/kaltura-params.spec.ts | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/tests/e2e/common/utils/kaltura-params.spec.ts b/tests/e2e/common/utils/kaltura-params.spec.ts index d1d754ab3..dabfd78b3 100644 --- a/tests/e2e/common/utils/kaltura-params.spec.ts +++ b/tests/e2e/common/utils/kaltura-params.spec.ts @@ -391,24 +391,32 @@ describe('testReferrerLogic', () => { }); it('referrer on parent', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'parentRef'}}}); + sandbox.stub(window, 'parent').get(() => { + return { document: { URL: 'parentRef' } }; + }); getReferrer().should.equal('parentRef'); }); it('no referrer on parent and backend supplied referrer', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : undefined}}}); - sandbox.stub(window, 'originalRequestReferrer').get(() => "backendRef"); + sandbox.stub(window, 'parent').get(() => { + return { document: { URL: undefined } }; + }); + sandbox.stub(window, 'originalRequestReferrer').get(() => 'backendRef'); getReferrer().should.equal('backendRef'); }); it('if parent referrer contains kaltura.com and backend supplied referrer', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); - sandbox.stub(window, 'originalRequestReferrer').get(() => "test-kaltura.com"); + sandbox.stub(window, 'parent').get(() => { + return { document: { URL: 'bla.kaltura.com' } }; + }); + sandbox.stub(window, 'originalRequestReferrer').get(() => 'test-kaltura.com'); getReferrer().should.equal('test-kaltura.com'); }); it('if parent referrer contains kaltura.com and backend does not supplied referrer', () => { - sandbox.stub(window, 'parent').get(() => {return { document : {URL : 'bla.kaltura.com'}}}); + sandbox.stub(window, 'parent').get(() => { + return { document: { URL: 'bla.kaltura.com' } }; + }); sandbox.stub(document, 'referrer').get(() => 'localRef'); sandbox.stub(window, 'originalRequestReferrer').get(() => undefined); getReferrer().should.equal('localRef');