Adyen · sponglord · Dec 6, 2023 · Nov 30, 2023 · Dec 4, 2023 · Dec 4, 2023
@@ -0,0 +1,6 @@
+---
+'@adyen/adyen-web': patch
+---
+
+Renaming detectInIframe to the more accurate, but lengthy, detectInIframeInAccessibleDomain.
+Now the functionality only considers itself to be running in an iframe _if_ it is possible to access the parent domain and thus be able to redirect the top, parent, window
@@ -4,7 +4,7 @@ import Redirect from './Redirect';
 import RedirectShopper from './components/RedirectShopper';
 import RedirectElement from './Redirect';
 
-jest.mock('../../utils/detectInIframe', () => {
+jest.mock('../../utils/detectInIframeInAccessibleDomain', () => {
     return jest.fn().mockImplementation(() => {
         return true;
     });

@@ -1,5 +1,5 @@
 import { Component, h } from 'preact';
-import detectInIframe from '../../../../utils/detectInIframe';
+import detectInIframeInAccessibleDomain from '../../../../utils/detectInIframeInAccessibleDomain';
 
 interface RedirectShopperProps {
     beforeRedirect: (resolve, reject, url) => Promise<void>;
@@ -21,7 +21,7 @@ class RedirectShopper extends Component<RedirectShopperProps> {
             if (this.postForm) {
                 this.postForm.submit();
             } else {
-                if (this.props.redirectFromTopWhenInIframe && detectInIframe()) {
+                if (this.props.redirectFromTopWhenInIframe && detectInIframeInAccessibleDomain()) {
                     // if in an iframe and the config prop allows it - try to redirect from the top level window
                     window.top.location.assign?.(this.props.url);
                 } else {
@@ -51,7 +51,7 @@ class RedirectShopper extends Component<RedirectShopperProps> {
                     ref={ref => {
                         this.postForm = ref;
                     }}
-                    {...(this.props.redirectFromTopWhenInIframe && detectInIframe() && { target: '_top' })}
+                    {...(this.props.redirectFromTopWhenInIframe && detectInIframeInAccessibleDomain() && { target: '_top' })}
                 >
                     {Object.keys(data).map(key => (
                         <input type="hidden" name={key} key={key} value={data[key]} />

diff --git a/packages/lib/src/utils/detectInIframeInAccessibleDomain.ts b/packages/lib/src/utils/detectInIframeInAccessibleDomain.ts
@@ -0,0 +1,7 @@
+// Returns true if the page is being run in an iframe (in a domain we have access to)
+export default () => {
+    if (window.parent.location instanceof Location) {
+        return window.location !== window.parent.location;
+    }
+    return false; // we cannot access window.parent.location - so consider us "not to be in an iframe" for the purpose of Redirects
+};