feat: Allow control of pop-ups from iframes in Twilio Flex in config-…

…builder AB#32724
global-121 · Jan 15, 2025 · 5ce6d34 · 5ce6d34
1 parent c748edd
commit 5ce6d34
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 0 deletions.
diff --git a/interfaces/Portalicious/_build-deployment-configuration.mjs b/interfaces/Portalicious/_build-deployment-configuration.mjs
@@ -94,6 +94,18 @@ if (process.env.USE_IN_TWILIO_FLEX_IFRAME === 'true') {
   ]);
 }
 
+if (
+  process.env.USE_SSO_AZURE_ENTRA === 'true' &&
+  process.env.USE_IN_TWILIO_FLEX_IFRAME === 'true'
+) {
+  console.info(
+    '✅ Allow control of pop-ups for SSO when the Portal is in an iframe on Twilio Flex',
+  );
+
+  swaConfig.globalHeaders['Cross-Origin-Opener-Policy'] =
+    'same-origin-allow-popups';
+}
+
 // Feature: PowerBI Dashboard(s)
 if (process.env.USE_POWERBI_DASHBOARDS === 'true') {
   console.info('✅ Allow loading Power BI-dashboards');

diff --git a/interfaces/Portalicious/_test-deployment-configuration.mjs b/interfaces/Portalicious/_test-deployment-configuration.mjs
@@ -55,6 +55,19 @@ test('Content-Security-Policy configuration for loading as iframe in Twilio Flex
   }
 });
 
+test('Configuration to control pop-ups for SSO when the Portal is in an iframe on Twilio Flex', () => {
+  const openerPolicy = swaConfig.globalHeaders['Cross-Origin-Opener-Policy'];
+
+  if (
+    process.env.USE_IN_TWILIO_FLEX_IFRAME === 'true' &&
+    process.env.USE_SSO_AZURE_ENTRA === 'true'
+  ) {
+    match(openerPolicy, 'same-origin-allow-popups');
+  } else {
+    match(openerPolicy, 'same-origin');
+  }
+});
+
 test('Content-Security-Policy configuration to load PowerBI dashboard(s) in iframe', () => {
   const frameSrcCondition = /frame-src[^;]* https:\/\/app\.powerbi\.com/;
 

diff --git a/interfaces/Portalicious/_verify-deployment-configuration.mjs b/interfaces/Portalicious/_verify-deployment-configuration.mjs
@@ -63,6 +63,19 @@ test('Content-Security-Policy set for loading as iframe in Twilio Flex', () => {
   }
 });
 
+test('Configuration set to control pop-ups for SSO when the Portal is in an iframe on Twilio Flex', () => {
+  const openerPolicy = response.headers.get('Cross-Origin-Opener-Policy');
+
+  if (
+    process.env.USE_IN_TWILIO_FLEX_IFRAME === 'true' &&
+    process.env.USE_SSO_AZURE_ENTRA === 'true'
+  ) {
+    match(openerPolicy, 'same-origin-allow-popups');
+  } else {
+    match(openerPolicy, 'same-origin');
+  }
+});
+
 test('Content-Security-Policy set to load PowerBI dashboard(s) in iframe', () => {
   const frameSrcCondition = /frame-src[^;]* https:\/\/app\.powerbi\.com/;