From 7d92c49f42a239b349bd444521514e9350db4ba8 Mon Sep 17 00:00:00 2001
From: Kevin Abel <kevin.abel.0@gmail.com>
Date: Wed, 15 Apr 2015 12:05:13 -0500
Subject: [PATCH] Add more origins to ignore for search window messages

Messages posted from the same domain or browser exentions will be
ignored.
---
 www/js/search.js | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/www/js/search.js b/www/js/search.js
index f060f41..0b7e1e8 100644
--- a/www/js/search.js
+++ b/www/js/search.js
@@ -259,6 +259,19 @@
 					
 					googleOrigin = /^https?:\/\/www\.google\.com$/,
 					
+					isValidOrigin = function(origin) {
+						if (googleOrigin.test(origin)) {
+							return false;
+						}
+						
+						// don't allow self origin or browser extension origins
+						if (origin == location.origin || /^chrome:/.test(origin)) {
+							return false;
+						}
+						
+						return true;
+					},
+					
 					passiveQuery = function(q, track) {
 						if (query === q) {
 							return;
@@ -330,7 +343,7 @@
 				$(window).on('message', function(e) {
 					var oEvent = e.originalEvent, q;
 					
-					if (googleOrigin.test(oEvent.origin)) {
+					if (!isValidOrigin(oEvent.origin)) {
 						return;
 					}
 					
-- 
GitLab