Add latest changes from gitlab-org/gitlab@16-0-stable-eev16.0.0-rc42

1 files changed, 6 insertions, 0 deletions

diff --git a/app/assets/javascripts/jira_connect/subscriptions/components/sign_in_oauth_button.vue b/app/assets/javascripts/jira_connect/subscriptions/components/sign_in_oauth_button.vue
index 65c69bcfa82..bc8cdf35701 100644
--- a/app/assets/javascripts/jira_connect/subscriptions/components/sign_in_oauth_button.vue
+++ b/app/assets/javascripts/jira_connect/subscriptions/components/sign_in_oauth_button.vue
@@ -12,6 +12,7 @@ import {
   I18N_OAUTH_FAILED_MESSAGE,
   OAUTH_SELF_MANAGED_DOC_LINK,
   OAUTH_WINDOW_OPTIONS,
+  OAUTH_CALLBACK_MESSAGE_TYPE,
   PKCE_CODE_CHALLENGE_DIGEST_ALGORITHM,
 } from '~/jira_connect/subscriptions/constants';
 import { fetchOAuthApplicationId, fetchOAuthToken } from '~/jira_connect/subscriptions/api';
@@ -130,6 +131,11 @@ export default {
       }
     },
     async handleWindowMessage(event) {
+      // Make sure this ia a message from the OAuth flow in pages/jira_connect/oauth_callbacks/index.js
+      if (event.data?.type !== OAUTH_CALLBACK_MESSAGE_TYPE) {
+        return;
+      }
+
       if (window.origin !== event.origin) {
         this.loading = false;
         return;