PR comments

packages/account-portal

@@ -1 +1 @@
-Subproject commit 32b8fa4643b4f0f74ee89760deffe431ab347ad9
+Subproject commit 851072fce67c48173aa03e8c5ac549d6fd20628e

packages/builder/src/dataBinding.js

@@ -829,7 +829,6 @@ const getEmbedBindings = () => {
       readableBinding: `ParentWindow`,
       category: "Embed",
       icon: "DistributeVertically",
-      display: { type: "object", name: "Parent Window" },
     },
   ]
   return bindings

packages/client/src/components/context/EmbedProvider.svelte

@@ -4,20 +4,20 @@
 
   let data = {}
 
-  export function extractDomainFromUrl(url) {
+  function extractDomainFromUrl(url) {
     const { hostname } = new URL(url)
     const parts = hostname.split('.');
     const tld = parts.slice(-2).join(".")
     return tld
   }
 
-  export function handleMessage(event) {
+  function handleMessage(event) {
     // Validate the event origin to ensure it's coming from a trusted source
     // Allow different subdomains but must match TLD
     const appOrigin = extractDomainFromUrl(window.location.origin)
     const eventOrigin = extractDomainFromUrl(event.origin)
 
-    if (appOrigin !== eventOrigin) {
+    if (appOrigin === eventOrigin) {
       data = event.data
     } else {
       console.error(