ember-twiddle icon indicating copy to clipboard operation
ember-twiddle copied to clipboard
verified publisher icon ember-cli

Allow app/twiddle to access localStorage

Open jacobq opened this issue 7 years ago • 5 comments

I was trying to make a repro repo for the ember-localstorage-adapter using ember-twiddle, but it seems that the app is "sandboxed" or otherwise disallowed from accessing localStorage. I assume this is related to some kind of security concern. Is there a way to work around it? (e.g. set a flag in the config or something?)

https://ember-twiddle.com/d526982f42a741ee1379bbb76c2548c1?openFiles=routes.application.js%2C

jacobq avatar Dec 17 '18 22:12 jacobq

Sandboxed iframes cannot access localStorage.

Gaurav0 avatar Dec 18 '18 12:12 Gaurav0

Give codesandbox a try for this scenario.

knownasilya avatar Dec 18 '18 14:12 knownasilya

Sandboxed iframes cannot access localStorage.

And the iframe must always be sandboxed?

jacobq avatar Dec 20 '18 16:12 jacobq

You don't want to worry about opening an evil twiddle that does something to your Github account, right?

Gaurav0 avatar Dec 20 '18 16:12 Gaurav0

You don't want to worry about opening an evil twiddle that does something to your Github account, right?

As long as I had to click an "OK, hack me" button first (or alternatively if it would only allow it for my own twiddles) then I would be OK with that. Ideally, there'd be a way to grant permissions in a more granular way than all or nothing. e.g. allow-storage-access-by-user-activation (see sandbox section of https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe)

jacobq avatar Dec 20 '18 17:12 jacobq