provide a SANE default in case httpUnsafeOrigin is not provided

6 years ago · 1629d7bb1d
parent bcbec0144c
commit 1629d7bb1d
1 changed files with 1 additions and 1 deletions
--- a/www/common/outer/login-block.js
+++ b/www/common/outer/login-block.js
@ -107,7 +107,7 @@ define([
        // if we want to make CryptPad work in server subfolders, we'll need
        // to update this path derivation
        return (typeof(ApiConfig.httpUnsafeOrigin) !== 'undefined'?
-            ApiConfig.httpUnsafeOrigin: window.location.origin)
+            ApiConfig.httpUnsafeOrigin: window.location.origin + '/')
            + 'block/' + publicKey.slice(0, 2) + '/' +  publicKey;
    };