2020-11-10 17:06:03 +00:00
|
|
|
/**
|
|
|
|
* Create and minimally track guest windows at the direction of the renderer
|
|
|
|
* (via window.open). Here, "guest" roughly means "child" — it's not necessarily
|
2022-01-06 17:28:03 +00:00
|
|
|
* emblematic of its process status; both in-process (same-origin) and
|
|
|
|
* out-of-process (cross-origin) are created here. "Embedder" roughly means
|
|
|
|
* "parent."
|
2020-11-10 17:06:03 +00:00
|
|
|
*/
|
2022-08-09 21:57:05 +00:00
|
|
|
import { BrowserWindow } from 'electron/main';
|
2020-11-10 17:06:03 +00:00
|
|
|
import type { BrowserWindowConstructorOptions, Referrer, WebContents, LoadURLOptions } from 'electron/main';
|
2021-11-10 16:54:51 +00:00
|
|
|
import { parseFeatures } from '@electron/internal/browser/parse-features-string';
|
2016-03-18 18:51:02 +00:00
|
|
|
|
2020-11-10 17:06:03 +00:00
|
|
|
type PostData = LoadURLOptions['postData']
|
|
|
|
export type WindowOpenArgs = {
|
|
|
|
url: string,
|
|
|
|
frameName: string,
|
|
|
|
features: string,
|
|
|
|
}
|
2018-03-12 15:28:34 +00:00
|
|
|
|
2024-02-29 15:15:01 +00:00
|
|
|
const frameNamesToWindow = new Map<string, WebContents>();
|
|
|
|
const registerFrameNameToGuestWindow = (name: string, webContents: WebContents) => frameNamesToWindow.set(name, webContents);
|
2020-11-10 17:06:03 +00:00
|
|
|
const unregisterFrameName = (name: string) => frameNamesToWindow.delete(name);
|
2024-02-29 15:15:01 +00:00
|
|
|
const getGuestWebContentsByFrameName = (name: string) => frameNamesToWindow.get(name);
|
2020-11-10 17:06:03 +00:00
|
|
|
|
|
|
|
/**
|
2022-01-06 17:28:03 +00:00
|
|
|
* `openGuestWindow` is called to create and setup event handling for the new
|
|
|
|
* window.
|
2020-11-10 17:06:03 +00:00
|
|
|
*/
|
2024-02-29 15:15:01 +00:00
|
|
|
export function openGuestWindow ({ embedder, guest, referrer, disposition, postData, overrideBrowserWindowOptions, windowOpenArgs, outlivesOpener, createWindow }: {
|
2020-11-10 17:06:03 +00:00
|
|
|
embedder: WebContents,
|
|
|
|
guest?: WebContents,
|
|
|
|
referrer: Referrer,
|
|
|
|
disposition: string,
|
|
|
|
postData?: PostData,
|
|
|
|
overrideBrowserWindowOptions?: BrowserWindowConstructorOptions,
|
|
|
|
windowOpenArgs: WindowOpenArgs,
|
2022-02-23 07:59:50 +00:00
|
|
|
outlivesOpener: boolean,
|
2024-02-29 15:15:01 +00:00
|
|
|
createWindow?: Electron.CreateWindowFunction
|
|
|
|
}): void {
|
2020-11-10 17:06:03 +00:00
|
|
|
const { url, frameName, features } = windowOpenArgs;
|
2022-08-09 21:57:05 +00:00
|
|
|
const { options: parsedOptions } = parseFeatures(features);
|
|
|
|
const browserWindowOptions = {
|
|
|
|
show: true,
|
|
|
|
width: 800,
|
|
|
|
height: 600,
|
|
|
|
...parsedOptions,
|
|
|
|
...overrideBrowserWindowOptions
|
|
|
|
};
|
2020-11-10 17:06:03 +00:00
|
|
|
|
|
|
|
// To spec, subsequent window.open calls with the same frame name (`target` in
|
|
|
|
// spec parlance) will reuse the previous window.
|
|
|
|
// https://html.spec.whatwg.org/multipage/window-object.html#apis-for-creating-and-navigating-browsing-contexts-by-name
|
2024-02-29 15:15:01 +00:00
|
|
|
const existingWebContents = getGuestWebContentsByFrameName(frameName);
|
|
|
|
if (existingWebContents) {
|
|
|
|
if (existingWebContents.isDestroyed()) {
|
2021-10-19 00:57:10 +00:00
|
|
|
// FIXME(t57ser): The webContents is destroyed for some reason, unregister the frame name
|
|
|
|
unregisterFrameName(frameName);
|
|
|
|
} else {
|
2024-02-29 15:15:01 +00:00
|
|
|
existingWebContents.loadURL(url);
|
|
|
|
return;
|
2021-10-19 00:57:10 +00:00
|
|
|
}
|
2016-01-12 02:40:23 +00:00
|
|
|
}
|
2016-03-30 17:51:56 +00:00
|
|
|
|
2024-02-29 15:15:01 +00:00
|
|
|
if (createWindow) {
|
|
|
|
const webContents = createWindow({
|
|
|
|
webContents: guest,
|
|
|
|
...browserWindowOptions
|
|
|
|
});
|
|
|
|
|
|
|
|
if (guest != null) {
|
|
|
|
if (webContents !== guest) {
|
|
|
|
throw new Error('Invalid webContents. Created window should be connected to webContents passed with options object.');
|
|
|
|
}
|
|
|
|
|
|
|
|
handleWindowLifecycleEvents({ embedder, frameName, guest, outlivesOpener });
|
|
|
|
}
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-11-10 17:06:03 +00:00
|
|
|
const window = new BrowserWindow({
|
|
|
|
webContents: guest,
|
|
|
|
...browserWindowOptions
|
|
|
|
});
|
2017-04-21 17:59:33 +00:00
|
|
|
|
2022-05-11 18:34:33 +00:00
|
|
|
if (!guest) {
|
|
|
|
// When we open a new window from a link (via OpenURLFromTab),
|
|
|
|
// the browser process is responsible for initiating navigation
|
|
|
|
// in the new window.
|
|
|
|
window.loadURL(url, {
|
|
|
|
httpReferrer: referrer,
|
|
|
|
...(postData && {
|
|
|
|
postData,
|
|
|
|
extraHeaders: formatPostDataHeaders(postData as Electron.UploadRawData[])
|
|
|
|
})
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2024-02-29 15:15:01 +00:00
|
|
|
handleWindowLifecycleEvents({ embedder, frameName, guest: window.webContents, outlivesOpener });
|
2016-09-29 13:43:40 +00:00
|
|
|
|
2021-04-19 22:46:54 +00:00
|
|
|
embedder.emit('did-create-window', window, { url, frameName, options: browserWindowOptions, disposition, referrer, postData });
|
2020-03-26 18:05:45 +00:00
|
|
|
}
|
|
|
|
|
2020-11-10 17:06:03 +00:00
|
|
|
/**
|
|
|
|
* Manage the relationship between embedder window and guest window. When the
|
|
|
|
* guest is destroyed, notify the embedder. When the embedder is destroyed, so
|
|
|
|
* too is the guest destroyed; this is Electron convention and isn't based in
|
|
|
|
* browser behavior.
|
|
|
|
*/
|
2022-02-23 07:59:50 +00:00
|
|
|
const handleWindowLifecycleEvents = function ({ embedder, guest, frameName, outlivesOpener }: {
|
2020-11-10 17:06:03 +00:00
|
|
|
embedder: WebContents,
|
2024-02-29 15:15:01 +00:00
|
|
|
guest: WebContents,
|
2022-02-23 07:59:50 +00:00
|
|
|
frameName: string,
|
|
|
|
outlivesOpener: boolean
|
2020-11-10 17:06:03 +00:00
|
|
|
}) {
|
2016-06-09 17:35:48 +00:00
|
|
|
const closedByEmbedder = function () {
|
2024-02-29 15:15:01 +00:00
|
|
|
guest.removeListener('destroyed', closedByUser);
|
2016-06-09 17:35:48 +00:00
|
|
|
guest.destroy();
|
2016-03-24 20:15:04 +00:00
|
|
|
};
|
2020-11-10 17:06:03 +00:00
|
|
|
|
2016-06-09 17:35:48 +00:00
|
|
|
const closedByUser = function () {
|
2022-02-23 07:59:50 +00:00
|
|
|
// Embedder might have been closed
|
|
|
|
if (!embedder.isDestroyed() && !outlivesOpener) {
|
|
|
|
embedder.removeListener('current-render-view-deleted' as any, closedByEmbedder);
|
|
|
|
}
|
2016-03-24 20:15:04 +00:00
|
|
|
};
|
2022-02-23 07:59:50 +00:00
|
|
|
if (!outlivesOpener) {
|
|
|
|
embedder.once('current-render-view-deleted' as any, closedByEmbedder);
|
|
|
|
}
|
2024-02-29 15:15:01 +00:00
|
|
|
guest.once('destroyed', closedByUser);
|
2020-11-10 17:06:03 +00:00
|
|
|
|
2016-01-12 02:40:23 +00:00
|
|
|
if (frameName) {
|
2020-11-10 17:06:03 +00:00
|
|
|
registerFrameNameToGuestWindow(frameName, guest);
|
2024-02-29 15:15:01 +00:00
|
|
|
guest.once('destroyed', function () {
|
2020-11-10 17:06:03 +00:00
|
|
|
unregisterFrameName(frameName);
|
2016-03-24 20:15:04 +00:00
|
|
|
});
|
2016-01-12 02:40:23 +00:00
|
|
|
}
|
2016-03-24 20:15:04 +00:00
|
|
|
};
|
2016-01-12 02:40:23 +00:00
|
|
|
|
2020-11-10 17:06:03 +00:00
|
|
|
// Security options that child windows will always inherit from parent windows
|
|
|
|
const securityWebPreferences: { [key: string]: boolean } = {
|
|
|
|
contextIsolation: true,
|
|
|
|
javascript: false,
|
|
|
|
nodeIntegration: false,
|
|
|
|
sandbox: true,
|
|
|
|
webviewTag: false,
|
|
|
|
nodeIntegrationInSubFrames: false,
|
|
|
|
enableWebSQL: false
|
2019-07-08 23:43:49 +00:00
|
|
|
};
|
2016-01-12 02:40:23 +00:00
|
|
|
|
2021-04-21 17:55:17 +00:00
|
|
|
export function makeWebPreferences ({ embedder, secureOverrideWebPreferences = {}, insecureParsedWebPreferences: parsedWebPreferences = {} }: {
|
2020-11-10 17:06:03 +00:00
|
|
|
embedder: WebContents,
|
|
|
|
insecureParsedWebPreferences?: ReturnType<typeof parseFeatures>['webPreferences'],
|
|
|
|
// Note that override preferences are considered elevated, and should only be
|
|
|
|
// sourced from the main process, as they override security defaults. If you
|
|
|
|
// have unvetted prefs, use parsedWebPreferences.
|
|
|
|
secureOverrideWebPreferences?: BrowserWindowConstructorOptions['webPreferences'],
|
|
|
|
}) {
|
2021-07-27 05:48:12 +00:00
|
|
|
const parentWebPreferences = embedder.getLastWebPreferences()!;
|
2021-01-29 20:41:59 +00:00
|
|
|
const securityWebPreferencesFromParent = (Object.keys(securityWebPreferences).reduce((map, key) => {
|
|
|
|
if (securityWebPreferences[key] === parentWebPreferences[key as keyof Electron.WebPreferences]) {
|
|
|
|
(map as any)[key] = parentWebPreferences[key as keyof Electron.WebPreferences];
|
2020-11-10 17:06:03 +00:00
|
|
|
}
|
|
|
|
return map;
|
2021-01-29 20:41:59 +00:00
|
|
|
}, {} as Electron.WebPreferences));
|
2018-12-04 15:12:21 +00:00
|
|
|
|
2020-11-10 17:06:03 +00:00
|
|
|
return {
|
|
|
|
...parsedWebPreferences,
|
|
|
|
// Note that order is key here, we want to disallow the renderer's
|
|
|
|
// ability to change important security options but allow main (via
|
|
|
|
// setWindowOpenHandler) to change them.
|
|
|
|
...securityWebPreferencesFromParent,
|
2022-01-06 17:28:03 +00:00
|
|
|
...secureOverrideWebPreferences
|
2020-11-10 17:06:03 +00:00
|
|
|
};
|
|
|
|
}
|
2019-08-23 22:45:50 +00:00
|
|
|
|
2022-05-11 18:34:33 +00:00
|
|
|
function formatPostDataHeaders (postData: PostData) {
|
|
|
|
if (!postData) return;
|
|
|
|
|
|
|
|
const { contentType, boundary } = parseContentTypeFormat(postData);
|
|
|
|
if (boundary != null) { return `content-type: ${contentType}; boundary=${boundary}`; }
|
|
|
|
|
|
|
|
return `content-type: ${contentType}`;
|
|
|
|
}
|
|
|
|
|
2021-04-06 16:54:05 +00:00
|
|
|
const MULTIPART_CONTENT_TYPE = 'multipart/form-data';
|
|
|
|
const URL_ENCODED_CONTENT_TYPE = 'application/x-www-form-urlencoded';
|
|
|
|
|
|
|
|
// Figure out appropriate headers for post data.
|
2021-04-13 19:35:27 +00:00
|
|
|
export const parseContentTypeFormat = function (postData: Exclude<PostData, undefined>) {
|
2021-04-06 16:54:05 +00:00
|
|
|
if (postData.length) {
|
|
|
|
if (postData[0].type === 'rawData') {
|
|
|
|
// For multipart forms, the first element will start with the boundary
|
|
|
|
// notice, which looks something like `------WebKitFormBoundary12345678`
|
|
|
|
// Note, this regex would fail when submitting a urlencoded form with an
|
|
|
|
// input attribute of name="--theKey", but, uhh, don't do that?
|
|
|
|
const postDataFront = postData[0].bytes.toString();
|
|
|
|
const boundary = /^--.*[^-\r\n]/.exec(postDataFront);
|
|
|
|
if (boundary) {
|
|
|
|
return {
|
|
|
|
boundary: boundary[0].substr(2),
|
|
|
|
contentType: MULTIPART_CONTENT_TYPE
|
|
|
|
};
|
|
|
|
}
|
2020-11-10 17:06:03 +00:00
|
|
|
}
|
2016-11-25 18:03:47 +00:00
|
|
|
}
|
2021-04-06 16:54:05 +00:00
|
|
|
// Either the form submission didn't contain any inputs (the postData array
|
|
|
|
// was empty), or we couldn't find the boundary and thus we can assume this is
|
|
|
|
// a key=value style form.
|
|
|
|
return {
|
|
|
|
contentType: URL_ENCODED_CONTENT_TYPE
|
|
|
|
};
|
|
|
|
};
|