crave-ca.js (1612B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 5 "use strict"; 6 7 /* 8 * Bug 1746439 - crave.ca login broken with dFPI enabled 9 * 10 * Crave.ca relies upon a login page that is out-of-origin. That login page 11 * sets a cookie for https://www.crave.ca, which is then used as an proof of 12 * authentication on redirect back to the main site. This shim adds a request 13 * for storage access for https://www.crave.ca when the user tries to log in. 14 */ 15 16 console.warn( 17 `When logging in, Firefox calls the Storage Access API on behalf of the site. See https://bugzilla.mozilla.org/show_bug.cgi?id=1746439 for details.` 18 ); 19 20 // Third-party origin we need to request storage access for. 21 const STORAGE_ACCESS_ORIGIN = "https://www.crave.ca"; 22 23 document.documentElement.addEventListener( 24 "click", 25 e => { 26 const { target, isTrusted } = e; 27 if (!isTrusted) { 28 return; 29 } 30 const button = target.closest("button"); 31 if (!button) { 32 return; 33 } 34 const form = target.closest(".login-form"); 35 if (!form) { 36 return; 37 } 38 39 console.warn( 40 "Calling the Storage Access API on behalf of " + STORAGE_ACCESS_ORIGIN 41 ); 42 button.disabled = true; 43 e.stopPropagation(); 44 e.preventDefault(); 45 document 46 .requestStorageAccessForOrigin(STORAGE_ACCESS_ORIGIN) 47 .then(() => { 48 button.disabled = false; 49 target.click(); 50 }) 51 .catch(() => { 52 button.disabled = false; 53 }); 54 }, 55 true 56 );