diff options
author | Tim-Hinnerk Heuer <tim@innocraft.com> | 2021-08-13 11:21:57 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-13 11:21:57 +0300 |
commit | 397badec453c021473baaf5f6c84211536c7f71e (patch) | |
tree | 9d62b08fc28ebb251ad09546ed487816fecaba5c /plugins/Overlay | |
parent | 9d436c49ec32c9529bf3009bca46f0ed18a1c3d9 (diff) |
add token_auth to overlay requests where necessary (#17851)
* add token_auth to overlay requests where necessary #17640
* ensure all links on overlay page work as expected both, with token_auth and when logged in #17640
* DRY force_api_session=1 and token_auth parameters in broadcast.js and correct in other code for convenience #17640
* polish logic for overlay with token_auth and change minimal logic in client side while validating token_auth in View::shouldPropagateTokenAuthInAjaxRequests() #17640
* use 'string' as string parameter #17640
* simplify token_auth check #17640
* revert git submodule to 4.x-dev version #17640
* return $tokenAuth string (truthy) only, simplify condition, ensure & is prepended to token_auth url param #17640
* revert submodule change
* Update core/View.php
Co-authored-by: Stefan Giehl <stefan@matomo.org>
Co-authored-by: sgiehl <stefan@matomo.org>
Diffstat (limited to 'plugins/Overlay')
-rw-r--r-- | plugins/Overlay/javascripts/Overlay_Helper.js | 5 | ||||
-rw-r--r-- | plugins/Overlay/javascripts/Piwik_Overlay.js | 1 | ||||
-rw-r--r-- | plugins/Overlay/templates/index.twig | 5 | ||||
-rw-r--r-- | plugins/Overlay/templates/index_noframe.twig | 5 |
4 files changed, 13 insertions, 3 deletions
diff --git a/plugins/Overlay/javascripts/Overlay_Helper.js b/plugins/Overlay/javascripts/Overlay_Helper.js index 6e843df816..d095768908 100644 --- a/plugins/Overlay/javascripts/Overlay_Helper.js +++ b/plugins/Overlay/javascripts/Overlay_Helper.js @@ -29,7 +29,10 @@ var Overlay_Helper = { var token_auth = piwik.broadcast.getValueFromUrl("token_auth"); if (token_auth.length && piwik.shouldPropagateTokenAuth) { - url += '&force_api_session=1&token_auth=' + encodeURIComponent(token_auth); + if (!piwik.broadcast.isWidgetizeRequestWithoutSession()) { + url += '&force_api_session=1'; + } + url += '&token_auth=' + encodeURIComponent(token_auth); } if (link) { diff --git a/plugins/Overlay/javascripts/Piwik_Overlay.js b/plugins/Overlay/javascripts/Piwik_Overlay.js index 49e5c95401..f33382fceb 100644 --- a/plugins/Overlay/javascripts/Piwik_Overlay.js +++ b/plugins/Overlay/javascripts/Piwik_Overlay.js @@ -50,6 +50,7 @@ var Piwik_Overlay = (function () { globalAjaxQueue.abort(); var ajaxRequest = new ajaxHelper(); ajaxRequest.addParams(params, 'get'); + ajaxRequest.withTokenInUrl(); // needed because it is calling a controller and not the API ajaxRequest.setCallback( function (response) { hideLoading(); diff --git a/plugins/Overlay/templates/index.twig b/plugins/Overlay/templates/index.twig index e4a4c77441..a618224ce5 100644 --- a/plugins/Overlay/templates/index.twig +++ b/plugins/Overlay/templates/index.twig @@ -73,7 +73,10 @@ var iframeSrc = 'index.php?module=Overlay&action=startOverlaySession&idSite={{ idSite }}&period={{ period }}&date={{ rawDate }}&segment={{ segment }}'; if (piwik.shouldPropagateTokenAuth) { - iframeSrc += '&force_api_session=1&token_auth=' + piwik.token_auth; + if (!piwik.broadcast.isWidgetizeRequestWithoutSession()) { + iframeSrc += '&force_api_session=1'; + } + iframeSrc += '&token_auth=' + piwik.token_auth; } Piwik_Overlay.init(iframeSrc, '{{ idSite }}', '{{ period }}', '{{ rawDate }}', '{{ segment }}'); diff --git a/plugins/Overlay/templates/index_noframe.twig b/plugins/Overlay/templates/index_noframe.twig index c3f32be6b6..2c8f63dc75 100644 --- a/plugins/Overlay/templates/index_noframe.twig +++ b/plugins/Overlay/templates/index_noframe.twig @@ -8,7 +8,10 @@ <script type="text/javascript"> var newLocation = 'index.php?module=Overlay&action=startOverlaySession&idSite={{ idSite }}&period={{ period }}&date={{ date }}&segment={{ segment }}'; if (piwik.shouldPropagateTokenAuth) { - newLocation += '&force_api_session=1&token_auth=' + piwik.token_auth; + if (!piwik.broadcast.isWidgetizeRequestWithoutSession()) { + newLocation += '&force_api_session=1'; + } + newLocation += '&token_auth=' + piwik.token_auth; } var locationParts = window.location.href.split('#'); |