From 888525a66f9e7bea2e0acbc066f5a215847b8ffd Mon Sep 17 00:00:00 2001
From: connie <connienguyen@users.noreply.github.com>
Date: Thu, 10 Apr 2025 22:42:00 -0700
Subject: [PATCH] Potential fix for code scanning alert no. 142: Missing origin
 verification in `postMessage` handler

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 docs/assets/js/asciinema-player.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/assets/js/asciinema-player.js b/docs/assets/js/asciinema-player.js
index 0d14b0dfcb..bbb3f569e7 100644
--- a/docs/assets/js/asciinema-player.js
+++ b/docs/assets/js/asciinema-player.js
@@ -146,7 +146,8 @@
     } else {
       var h = [], g = String(Math.random());
       window.addEventListener("message", function (e) {
-        if (e.data === g) {
+        var trustedOrigins = ['https://www.example.com']; // Add your trusted origins here
+        if (trustedOrigins.includes(e.origin) && e.data === g) {
           var t = h;
           h = [], t.forEach(function (e) {
             e()