mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Prevent Node from adding paths outside this app to search paths

Browse source
This commit is contained in:
Cheng Zhao 2015-10-03 20:38:39 +08:00
parent 9fe326ebeb
commit 01d2765e4b
5 changed files with 37 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
atom/browser/lib/init.coffee
View file

@ -7,6 +7,9 @@ Module = require 'module'
# we need to restore it here. # we need to restore it here.
process.argv.splice 1, 1 process.argv.splice 1, 1
# Clear search paths.
require path.resolve(__dirname, '..', '..', 'common', 'lib', 'reset-search-paths')
# Import common settings. # Import common settings.
require path.resolve(__dirname, '..', '..', 'common', 'lib', 'init') require path.resolve(__dirname, '..', '..', 'common', 'lib', 'init')

6
atom/common/lib/init.coffee
View file

@ -9,12 +9,8 @@ process.atomBinding = (name) ->
catch e catch e
process.binding "atom_common_#{name}" if /No such module/.test e.message process.binding "atom_common_#{name}" if /No such module/.test e.message
# Clear node's global search paths.
globalPaths = Module.globalPaths
globalPaths.length = 0
# Add common/api/lib to module search paths. # Add common/api/lib to module search paths.
globalPaths.push path.resolve(__dirname, '..', 'api', 'lib') Module.globalPaths.push path.resolve(__dirname, '..', 'api', 'lib')
# setImmediate and process.nextTick makes use of uv_check and uv_prepare to # setImmediate and process.nextTick makes use of uv_check and uv_prepare to
# run the callbacks, however since we only run uv loop on requests, the # run the callbacks, however since we only run uv loop on requests, the

29
atom/common/lib/reset-search-paths.coffee Normal file
View file

@ -0,0 +1,29 @@
path = require 'path'
Module = require 'module'
# Clear Node's global search paths.
Module.globalPaths.length = 0
# Clear current and parent(init.coffee)'s search paths.
module.paths = []
module.parent.paths = []
# Prevent Node from adding paths outside this app to search paths.
Module._nodeModulePaths = (from) ->
from = path.resolve from
# If "from" is outside the app then we do nothing.
skipOutsidePaths = from.startsWith process.resourcesPath
# Following logoic is copied from module.js.
splitRe = if process.platform is 'win32' then /[\/\\]/ else /\//
paths = []
parts = from.split splitRe
for part, tip in parts by -1
continue if part is 'node_modules'
dir = parts.slice(0, tip + 1).join path.sep
break if skipOutsidePaths and not dir.startsWith process.resourcesPath
paths.push path.join(dir, 'node_modules')
paths

3
atom/renderer/lib/init.coffee
View file

@ -7,6 +7,9 @@ Module = require 'module'
# atom-renderer.js, we need to restore it here. # atom-renderer.js, we need to restore it here.
process.argv.splice 1, 1 process.argv.splice 1, 1
# Clear search paths.
require path.resolve(__dirname, '..', '..', 'common', 'lib', 'reset-search-paths')
# Import common settings. # Import common settings.
require path.resolve(__dirname, '..', '..', 'common', 'lib', 'init') require path.resolve(__dirname, '..', '..', 'common', 'lib', 'init')

1
filenames.gypi
View file

@ -37,6 +37,7 @@
'atom/common/api/lib/native-image.coffee', 'atom/common/api/lib/native-image.coffee',
'atom/common/api/lib/shell.coffee', 'atom/common/api/lib/shell.coffee',
'atom/common/lib/init.coffee', 'atom/common/lib/init.coffee',
'atom/common/lib/reset-search-paths.coffee',
'atom/renderer/lib/chrome-api.coffee', 'atom/renderer/lib/chrome-api.coffee',
'atom/renderer/lib/init.coffee', 'atom/renderer/lib/init.coffee',
'atom/renderer/lib/inspector.coffee', 'atom/renderer/lib/inspector.coffee',