diff --git a/adapters/oidc/js/src/main/resources/keycloak.js b/adapters/oidc/js/src/main/resources/keycloak.js
index 2def1e2..ff7fb6f 100755
--- a/adapters/oidc/js/src/main/resources/keycloak.js
+++ b/adapters/oidc/js/src/main/resources/keycloak.js
@@ -832,11 +832,16 @@
document.body.appendChild(iframe);
var messageCallback = function(event) {
- if (event.origin !== loginIframe.iframeOrigin) {
+ if ((event.origin !== loginIframe.iframeOrigin) || (loginIframe.iframe.contentWindow !== event.source)) {
return;
}
- if (event.data != "unchanged") {
+ if (!(event.data == 'unchanged' || event.data == 'changed' || event.data == 'error')) {
+ return;
+ }
+
+
+ if (event.data != 'unchanged') {
kc.clearToken();
}
@@ -844,7 +849,7 @@
for (var i = callbacks.length - 1; i >= 0; --i) {
var promise = callbacks[i];
- if (event.data == "unchanged") {
+ if (event.data == 'unchanged') {
promise.setSuccess();
} else {
promise.setError();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/BasicConsoleTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/BasicConsoleTest.java
new file mode 100644
index 0000000..1283574
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/BasicConsoleTest.java
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source
+ *
+ * Copyright 2013 Red Hat, Inc. and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.testsuite.console;
+
+import org.junit.Test;
+import org.openqa.selenium.JavascriptExecutor;
+
+import static org.junit.Assert.assertEquals;
+
+public class BasicConsoleTest extends AbstractConsoleTest {
+
+ @Test
+ // KEYCLOAK-4717
+ public void testPostWindowMessage() throws InterruptedException {
+ JavascriptExecutor executor = (JavascriptExecutor) driver;
+ executor.executeScript("window.check = 'check';");
+ Object result = executor.executeScript("return window.check;");
+
+ executor.executeScript("window.postMessage('hello', 'http://localhost:8180');");
+ Thread.sleep(1000);
+ result = executor.executeScript("return window.check;");
+ assertEquals("Expected window not to have reloaded", "check", result);
+ }
+
+}
