From 461b2e3e0a08d23d6b4cace167cd529961f2dd63 Mon Sep 17 00:00:00 2001
From: Ralf Becker <RalfBecker@outdoor-training.de>
Date: Wed, 8 Mar 2017 14:21:29 +0100
Subject: [PATCH] same story for framework: ignore security exception if
 window.top is in a different security context eg. because SiteMgr
 contact-form is running in an iframe

---
 api/js/jsapi/egw.js | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/api/js/jsapi/egw.js b/api/js/jsapi/egw.js
index 786c6f9fa6..9936e483fc 100644
--- a/api/js/jsapi/egw.js
+++ b/api/js/jsapi/egw.js
@@ -118,17 +118,19 @@
 		catch(e) {
 			// ignore SecurityError exception if opener is different security context / cross-origin
 		}
-		if (typeof window.framework != 'undefined')
-		{
-			// set in above try block
+		try {
+			if (typeof window.framework == 'undefined' && window.top && typeof window.top.framework != 'undefined')
+			{
+				window.framework = window.top.framework;
+				if (debug) console.log('found framework object in top');
+			}
 		}
-		else if (window.top && typeof window.top.framework != 'undefined')
-		{
-			window.framework = window.top.framework;
-			if (debug) console.log('found framework object in top');
+		catch(e) {
+			// ignore SecurityError exception if top is different security context / cross-origin
 		}
 		// if framework not found, but requested to check for it, redirect to cd=yes to create it
-		else if (egw_script.getAttribute('data-check-framework') && !window.location.search.match(/[&?]cd=/))
+		if (typeof window.framework == 'undefined' && egw_script.getAttribute('data-check-framework') &&
+			!window.location.search.match(/[&?]cd=/))
 		{
 			window.location.search += window.location.search ? "&cd=yes" : "?cd=yes";
 		}