Merge pull request #15064 from raisedadead/fix/chrome-unsafe-code-error

fix(code-uri): Chrome iframe error with XSS Auditor

client/commonFramework/code-uri.js

@@ -134,6 +134,20 @@ window.common = (function(global) {
         (location.search || location.hash).replace(queryRegex, ''),
         'run'
       );
+    },
+    removeCodeUri: function(location, history) {
+      if (
+        typeof location.href.split !== 'function' ||
+        typeof history.replaceState !== 'function'
+      ) {
+        return false;
+      }
+      history.replaceState(
+        history.state,
+        null,
+        location.href.split('#')[0]
+      );
+      return true;
     }
   };
 

client/commonFramework/create-editor.js

@@ -103,6 +103,7 @@ window.common = (function(global) {
     let editorValue;
     if (common.codeUri.isAlive()) {
       editorValue = common.codeUri.parse();
+      common.codeUri.removeCodeUri(location, window.history);
     } else {
       editorValue = common.codeStorage.isAlive(common.challengeName) ?
         common.codeStorage.getStoredValue(common.challengeName) :

client/commonFramework/end.js

@@ -24,7 +24,6 @@ $(document).ready(function() {
     code$.subscribe(
         code => {
           common.codeStorage.updateStorage(common.challengeName, code);
-          common.codeUri.querify(code);
         },
         err => console.error(err)
       );
@@ -72,7 +71,6 @@ $(document).ready(function() {
           return common.updateOutputDisplay('' + err);
         }
         common.codeStorage.updateStorage(challengeName, originalCode);
-        common.codeUri.querify(originalCode);
         common.displayTestResults(tests, true);
         common.updateOutputDisplay(output);
         return null;