From db812732a0d448dc2fa29d77b2928a481cf9f2ba Mon Sep 17 00:00:00 2001
From: Evan Carothers <evan.carothers@gmail.com>
Date: Wed, 26 Oct 2016 11:23:21 -0400
Subject: [PATCH] fix for window.location.protocol checks (moved err to iframe
 page)

---
 dev/xdomain_cookie.dev.js | 4 ----
 dev/xdomain_cookie.html   | 4 ++++
 src/xdomain_cookie.html   | 4 ++++
 src/xdomain_cookie.js     | 4 ----
 src/xdomain_cookie.min.js | 2 +-
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/dev/xdomain_cookie.dev.js b/dev/xdomain_cookie.dev.js
index 44abb1f..783324a 100644
--- a/dev/xdomain_cookie.dev.js
+++ b/dev/xdomain_cookie.dev.js
@@ -19,10 +19,6 @@
 			_secure_only = !!secure_only,							//should cookies be written as HTTPS-only cookies
 			_debug = !!debug;
 
-		if(_secure_only && window.window.location.protocol !== 'https:'){
-			return console.error("xDomainCookie - ERROR, secure_only flag set but page is not loaded over HTTPS:");
-		}	
-
 		function _log(){
 			if(!_debug) return;
 			arguments[0] = ":XDC_PAGE: "+arguments[0];
diff --git a/dev/xdomain_cookie.html b/dev/xdomain_cookie.html
index 3e87b7c..9f03c0c 100644
--- a/dev/xdomain_cookie.html
+++ b/dev/xdomain_cookie.html
@@ -58,6 +58,10 @@
 	        	if(!('msg_type' in data) || data.msg_type !== 'xdsc_write') return; //data is not a xdomainc-cookie payload
 	        	if(!('namespace' in data) || data.namespace !== _namespace) return; //wrong namespace for msg
 
+	        	if(data.secure_only && window.location.protocol !== 'https:'){
+	        		console.error("xDomainCookie - ERROR, secure_only flag set but page is not loaded over HTTPS:");
+	        	}
+	        	
 	        	var expires_days = parseInt(data.expires_days,10);
 		        _set_local_cookie( data.cookie_name, data.cookie_val, expires_days, data.secure_only );
 		        //ping down to page again to update values of xdomain cookie data
diff --git a/src/xdomain_cookie.html b/src/xdomain_cookie.html
index 3e87b7c..9f03c0c 100644
--- a/src/xdomain_cookie.html
+++ b/src/xdomain_cookie.html
@@ -58,6 +58,10 @@
 	        	if(!('msg_type' in data) || data.msg_type !== 'xdsc_write') return; //data is not a xdomainc-cookie payload
 	        	if(!('namespace' in data) || data.namespace !== _namespace) return; //wrong namespace for msg
 
+	        	if(data.secure_only && window.location.protocol !== 'https:'){
+	        		console.error("xDomainCookie - ERROR, secure_only flag set but page is not loaded over HTTPS:");
+	        	}
+	        	
 	        	var expires_days = parseInt(data.expires_days,10);
 		        _set_local_cookie( data.cookie_name, data.cookie_val, expires_days, data.secure_only );
 		        //ping down to page again to update values of xdomain cookie data
diff --git a/src/xdomain_cookie.js b/src/xdomain_cookie.js
index 5ef3364..02407a9 100644
--- a/src/xdomain_cookie.js
+++ b/src/xdomain_cookie.js
@@ -21,10 +21,6 @@
 			_secure_only = !!secure_only,							//should cookies be written as HTTPS-only cookies
 			_debug = !!debug;
 
-		if(_secure_only && window.window.location.protocol !== 'https:'){
-			return console.error("xDomainCookie - ERROR, secure_only flag set but page is not loaded over HTTPS:");
-		}	
-
 		function _log(){
 			if(!_debug) return;
 			arguments[0] = ":XDC_PAGE: "+arguments[0];
diff --git a/src/xdomain_cookie.min.js b/src/xdomain_cookie.min.js
index 55d2625..efae502 100644
--- a/src/xdomain_cookie.min.js
+++ b/src/xdomain_cookie.min.js
@@ -1,3 +1,3 @@
 /* Version 1.0.6 xdomain-cookies (http://contently.github.io/xdomain-cookies/) from Contently (https://github.com/contently) */
 
-!function(exports){"use strict";var xDomainCookie=function(iframe_path,namespace,xdomain_only,iframe_load_timeout_ms,secure_only,debug){function _log(){_debug&&(arguments[0]=":XDC_PAGE: "+arguments[0],console.log.apply(console,arguments))}function _inbound_postmessage(event){_log("_inbound_postmessage",event.origin,event.data);var origin=event.origin||event.originalEvent.origin;if(origin===iframe_path&&"string"==typeof event.data){var data=null;try{data=JSON.parse(event.data)}catch(e){}"object"!=typeof data||data instanceof Array||"msg_type"in data&&"xdsc_read"===data.msg_type&&"namespace"in data&&data.namespace===_namespace&&(_xdomain_cookie_data=data.cookies,_iframe_ready=!0,_fire_pending_callbacks())}}function _iframe_load_error_occured(){_log("_iframe_load_error_occured"),_iframe_load_error=!0,_fire_pending_callbacks()}function _on_iframe_ready_or_error(cb){_callbacks.push(cb),_fire_pending_callbacks()}function _fire_pending_callbacks(){if(_iframe_load_error||_iframe_ready)for(;_callbacks.length>0;)_callbacks.pop()(_iframe_load_error)}function _set_cookie_in_iframe(cookie_name,cookie_value,expires_days){var data={namespace:_namespace,msg_type:"xdsc_write",cookie_name:cookie_name,cookie_val:cookie_value,expires_days:expires_days,secure_only:_secure_only};_log("_set_cookie_in_iframe",data),document.getElementById("xdomain_cookie_"+_id).contentWindow.postMessage(JSON.stringify(data),iframe_path)}function _get_local_cookie(cookie_name){for(var name=cookie_name+"=",ca=document.cookie.split(";"),i=0;i<ca.length;i++){var c=ca[i].trim();if(0===c.indexOf(name))return decodeURIComponent(c.substring(name.length,c.length))}return""}function _set_local_cookie(cookie_name,cookie_value,expires_days){var d=new Date;d.setTime(d.getTime()+1e3*expires_days*60*60*24);var cookie_val=cookie_name+"="+cookie_value+"; expires="+d.toUTCString()+(_secure_only?";secure":"");_log("_set_local_cookie",cookie_val),document.cookie=cookie_val}function _set_xdomain_cookie_value(cookie_name,cookie_value,expires_days){return _iframe_ready||_iframe_load_error?(expires_days=expires_days||_default_expires_days,expires_days=null===cookie_value||void 0===cookie_value?-100:expires_days,_xdomain_only||_set_local_cookie(cookie_name,cookie_value,expires_days),_iframe_load_error||_set_cookie_in_iframe(cookie_name,cookie_value,expires_days),void(_xdomain_cookie_data[cookie_name]=cookie_value)):_callbacks.push(function(){_set_xdomain_cookie_value(cookie_name,cookie_value,expires_days)})}function _get_xdomain_cookie_value(cookie_name,callback,expires_days){function _cb(xdomain_success,cookie_val,callback){_log("_get_xdomain_cookie_value D",xdomain_success,cookie_val),_set_xdomain_cookie_value(cookie_name,cookie_val,expires_days),"function"==typeof callback&&callback(cookie_val)}if(expires_days=expires_days||_default_expires_days,_log("_get_xdomain_cookie_value A",cookie_name),!_xdomain_only){var _existing_local_cookie_val=_get_local_cookie(cookie_name);if(_existing_local_cookie_val)return _log("_get_xdomain_cookie_value B",_existing_local_cookie_val),_on_iframe_ready_or_error(function(is_err){_cb(!is_err,_existing_local_cookie_val)}),callback(_existing_local_cookie_val)}_on_iframe_ready_or_error(function(is_err){if(_log("_get_xdomain_cookie_value C",is_err),is_err)return _cb(!1,null,callback);var _current_cookie_val=cookie_name in _xdomain_cookie_data?_xdomain_cookie_data[cookie_name]:null;_cb(!is_err,_current_cookie_val,callback)})}"//"===iframe_path.substr(0,2)&&(iframe_path=("https:"===window.location.protocol?"https:":"http:")+iframe_path);var _namespace=namespace||"xdsc",_load_wait_ms=iframe_load_timeout_ms||6e3,_iframe_ready=!1,_iframe_load_error=!1,_callbacks=[],_xdomain_cookie_data={},_id=(new Date).getTime(),_default_expires_days=30,_xdomain_only=!!xdomain_only,_secure_only=!!secure_only,_debug=!!debug;if(_secure_only&&"https:"!==window.window.location.protocol)return console.error("xDomainCookie - ERROR, secure_only flag set but page is not loaded over HTTPS:");window.addEventListener("message",_inbound_postmessage);var ifr=document.createElement("iframe");ifr.style.display="none",ifr.id="xdomain_cookie_"+_id;var data={namespace:_namespace,window_origin:window.location.origin,iframe_origin:iframe_path,debug:_debug};return ifr.src=iframe_path+"/xdomain_cookie.html#"+encodeURIComponent(JSON.stringify(data)),document.body.appendChild(ifr),_log("creating iframe",ifr.src),setTimeout(function(){_iframe_ready||_iframe_load_error_occured()},_load_wait_ms),{get:_get_xdomain_cookie_value,set:_set_xdomain_cookie_value}};exports.xDomainCookie=xDomainCookie}(this);
\ No newline at end of file
+!function(exports){"use strict";var xDomainCookie=function(iframe_path,namespace,xdomain_only,iframe_load_timeout_ms,secure_only,debug){function _log(){_debug&&(arguments[0]=":XDC_PAGE: "+arguments[0],console.log.apply(console,arguments))}function _inbound_postmessage(event){_log("_inbound_postmessage",event.origin,event.data);var origin=event.origin||event.originalEvent.origin;if(origin===iframe_path&&"string"==typeof event.data){var data=null;try{data=JSON.parse(event.data)}catch(e){}"object"!=typeof data||data instanceof Array||"msg_type"in data&&"xdsc_read"===data.msg_type&&"namespace"in data&&data.namespace===_namespace&&(_xdomain_cookie_data=data.cookies,_iframe_ready=!0,_fire_pending_callbacks())}}function _iframe_load_error_occured(){_log("_iframe_load_error_occured"),_iframe_load_error=!0,_fire_pending_callbacks()}function _on_iframe_ready_or_error(cb){_callbacks.push(cb),_fire_pending_callbacks()}function _fire_pending_callbacks(){if(_iframe_load_error||_iframe_ready)for(;_callbacks.length>0;)_callbacks.pop()(_iframe_load_error)}function _set_cookie_in_iframe(cookie_name,cookie_value,expires_days){var data={namespace:_namespace,msg_type:"xdsc_write",cookie_name:cookie_name,cookie_val:cookie_value,expires_days:expires_days,secure_only:_secure_only};_log("_set_cookie_in_iframe",data),document.getElementById("xdomain_cookie_"+_id).contentWindow.postMessage(JSON.stringify(data),iframe_path)}function _get_local_cookie(cookie_name){for(var name=cookie_name+"=",ca=document.cookie.split(";"),i=0;i<ca.length;i++){var c=ca[i].trim();if(0===c.indexOf(name))return decodeURIComponent(c.substring(name.length,c.length))}return""}function _set_local_cookie(cookie_name,cookie_value,expires_days){var d=new Date;d.setTime(d.getTime()+1e3*expires_days*60*60*24);var cookie_val=cookie_name+"="+cookie_value+"; expires="+d.toUTCString()+(_secure_only?";secure":"");_log("_set_local_cookie",cookie_val),document.cookie=cookie_val}function _set_xdomain_cookie_value(cookie_name,cookie_value,expires_days){return _iframe_ready||_iframe_load_error?(expires_days=expires_days||_default_expires_days,expires_days=null===cookie_value||void 0===cookie_value?-100:expires_days,_xdomain_only||_set_local_cookie(cookie_name,cookie_value,expires_days),_iframe_load_error||_set_cookie_in_iframe(cookie_name,cookie_value,expires_days),void(_xdomain_cookie_data[cookie_name]=cookie_value)):_callbacks.push(function(){_set_xdomain_cookie_value(cookie_name,cookie_value,expires_days)})}function _get_xdomain_cookie_value(cookie_name,callback,expires_days){function _cb(xdomain_success,cookie_val,callback){_log("_get_xdomain_cookie_value D",xdomain_success,cookie_val),_set_xdomain_cookie_value(cookie_name,cookie_val,expires_days),"function"==typeof callback&&callback(cookie_val)}if(expires_days=expires_days||_default_expires_days,_log("_get_xdomain_cookie_value A",cookie_name),!_xdomain_only){var _existing_local_cookie_val=_get_local_cookie(cookie_name);if(_existing_local_cookie_val)return _log("_get_xdomain_cookie_value B",_existing_local_cookie_val),_on_iframe_ready_or_error(function(is_err){_cb(!is_err,_existing_local_cookie_val)}),callback(_existing_local_cookie_val)}_on_iframe_ready_or_error(function(is_err){if(_log("_get_xdomain_cookie_value C",is_err),is_err)return _cb(!1,null,callback);var _current_cookie_val=cookie_name in _xdomain_cookie_data?_xdomain_cookie_data[cookie_name]:null;_cb(!is_err,_current_cookie_val,callback)})}"//"===iframe_path.substr(0,2)&&(iframe_path=("https:"===window.location.protocol?"https:":"http:")+iframe_path);var _namespace=namespace||"xdsc",_load_wait_ms=iframe_load_timeout_ms||6e3,_iframe_ready=!1,_iframe_load_error=!1,_callbacks=[],_xdomain_cookie_data={},_id=(new Date).getTime(),_default_expires_days=30,_xdomain_only=!!xdomain_only,_secure_only=!!secure_only,_debug=!!debug;window.addEventListener("message",_inbound_postmessage);var ifr=document.createElement("iframe");ifr.style.display="none",ifr.id="xdomain_cookie_"+_id;var data={namespace:_namespace,window_origin:window.location.origin,iframe_origin:iframe_path,debug:_debug};return ifr.src=iframe_path+"/xdomain_cookie.html#"+encodeURIComponent(JSON.stringify(data)),document.body.appendChild(ifr),_log("creating iframe",ifr.src),setTimeout(function(){_iframe_ready||_iframe_load_error_occured()},_load_wait_ms),{get:_get_xdomain_cookie_value,set:_set_xdomain_cookie_value}};exports.xDomainCookie=xDomainCookie}(this);
\ No newline at end of file