abort first sframe boot stage if eval is possible

2022-03-24 14:04:16 +05:30 · 2022-03-24 14:04:16 +05:30 · f495a6cbc8
parent 07afa4640b
commit f495a6cbc8
2 changed files with 19 additions and 17 deletions
--- a/www/common/sframe-boot.js
+++ b/www/common/sframe-boot.js
@ -11,6 +11,25 @@ if (window === window.top) {
        window.alert(s);
    });
 }
+if (typeof(Promise) !== 'function') {
+    return void setTimeout(function () {
+        var s = "Internet Explorer is not supported anymore, including by Microsoft.\n\nMost of CryptPad's collaborative functionality requires a modern browser to work.\n\nWe recommend Mozilla Firefox.";
+        window.alert(s);
+    });
+}
+
+var caughtEval;
+try {
+    eval('true'); // jshint ignore:line
+} catch (err) { caughtEval = true; }
+
+if (!/^\/(sheet|doc|presentation)/.test(window.location.pathname) && !caughtEval) {
+    return void setTimeout(function () {
+        window.alert("aborting because eval should not be permitted.");
+    });
+}
+
+
 var afterLoaded = function (req) {
    req.cfg = req.cfg || {};
    if (req.pfx) {
--- a/www/common/sframe-boot2.js
+++ b/www/common/sframe-boot2.js
@ -43,22 +43,5 @@ define([
        throw e;
    };

-    if (typeof(Promise) !== 'function') {
-        return void setTimeout(function () {
-            var s = "Internet Explorer is not supported anymore, including by Microsoft.\n\nMost of CryptPad's collaborative functionality requires a modern browser to work.\n\nWe recommend Mozilla Firefox.";
-            window.alert(s);
-        });
-    }
-
-    var caughtEval;
-    try {
-        eval('true'); // jshint ignore:line
-    } catch (err) { caughtEval = true; }
-
-    if (!/^\/(sheet|doc|presentation)/.test(window.location.pathname) && !caughtEval) {
-        return void setTimeout(function () {
-            window.alert("aborting because eval should not be permitted.");
-        });
-    }
    require([document.querySelector('script[data-bootload]').getAttribute('data-bootload')]);
 });