safe-react icon indicating copy to clipboard operation
safe-react copied to clipboard

Published 20 hours ago verified publisher icon safe-global

Research changing origins in Safe Apps iframe

Open mmv08 opened this issue 3 years ago • 0 comments

What is this feature about? (1 sentence)

Researching possible improvement for https://github.com/gnosis/safe-react/pull/2188#discussion_r621119174

Why is it needed? What is the value? For whom do we build it?

To make the Safe even more secure

High-level overview of the feature

Possible improvements:

  • Before doing a postMessage, prompt the user when the URL isn't the app URL
  • pass URL in sdk message
  • Apps to define their allowed URLs in the app's manifest.json

mmv08 avatar Apr 27 '21 12:04 mmv08