feat: warn when remote is used without enableRemoteModule: true (#21546)
* feat: warn when remote is used without enableRemoteModule: true * fix security warning
This commit is contained in:
parent
2f394d46c7
commit
2e1531ad90
4 changed files with 14 additions and 7 deletions
|
@ -321,7 +321,7 @@ const unwrapArgs = function (sender: electron.WebContents, frameId: number, cont
|
||||||
|
|
||||||
const isRemoteModuleEnabledImpl = function (contents: electron.WebContents) {
|
const isRemoteModuleEnabledImpl = function (contents: electron.WebContents) {
|
||||||
const webPreferences = (contents as any).getLastWebPreferences() || {}
|
const webPreferences = (contents as any).getLastWebPreferences() || {}
|
||||||
return !!webPreferences.enableRemoteModule
|
return webPreferences.enableRemoteModule != null ? !!webPreferences.enableRemoteModule : true
|
||||||
}
|
}
|
||||||
|
|
||||||
const isRemoteModuleEnabledCache = new WeakMap()
|
const isRemoteModuleEnabledCache = new WeakMap()
|
||||||
|
|
|
@ -13,6 +13,15 @@ const remoteObjectCache = v8Util.createIDWeakMap()
|
||||||
// An unique ID that can represent current context.
|
// An unique ID that can represent current context.
|
||||||
const contextId = v8Util.getHiddenValue(global, 'contextId')
|
const contextId = v8Util.getHiddenValue(global, 'contextId')
|
||||||
|
|
||||||
|
ipcRendererInternal.invoke('ELECTRON_BROWSER_GET_LAST_WEB_PREFERENCES').then(preferences => {
|
||||||
|
console.log(preferences)
|
||||||
|
if (!preferences.enableRemoteModule) {
|
||||||
|
console.warn('%cElectron Deprecation Warning', 'font-weight: bold', "The 'remote' module is deprecated and will be disabled by default in a future version of Electron. To ensure a smooth upgrade and silence this warning, specify {enableRemoteModule: true} in the WebPreferences for this window.")
|
||||||
|
}
|
||||||
|
}, (err) => {
|
||||||
|
console.error('Failed to get web preferences:', err)
|
||||||
|
})
|
||||||
|
|
||||||
// Notify the main process when current context is going to be released.
|
// Notify the main process when current context is going to be released.
|
||||||
// Note that when the renderer process is destroyed, the message may not be
|
// Note that when the renderer process is destroyed, the message may not be
|
||||||
// sent, we also listen to the "render-view-deleted" event in the main process
|
// sent, we also listen to the "render-view-deleted" event in the main process
|
||||||
|
|
|
@ -268,7 +268,9 @@ const warnAboutAllowedPopups = function () {
|
||||||
// Logs a warning message about the remote module
|
// Logs a warning message about the remote module
|
||||||
|
|
||||||
const warnAboutRemoteModuleWithRemoteContent = function (webPreferences?: Electron.WebPreferences) {
|
const warnAboutRemoteModuleWithRemoteContent = function (webPreferences?: Electron.WebPreferences) {
|
||||||
if (!webPreferences || !webPreferences.enableRemoteModule || isLocalhost()) return
|
if (!webPreferences || isLocalhost()) return
|
||||||
|
const remoteModuleEnabled = webPreferences.enableRemoteModule != null ? !!webPreferences.enableRemoteModule : true
|
||||||
|
if (!remoteModuleEnabled) return
|
||||||
|
|
||||||
if (getIsRemoteProtocol()) {
|
if (getIsRemoteProtocol()) {
|
||||||
const warning = `This renderer process has "enableRemoteModule" enabled
|
const warning = `This renderer process has "enableRemoteModule" enabled
|
||||||
|
|
|
@ -174,10 +174,6 @@ WebContentsPreferences::~WebContentsPreferences() {
|
||||||
}
|
}
|
||||||
|
|
||||||
void WebContentsPreferences::SetDefaults() {
|
void WebContentsPreferences::SetDefaults() {
|
||||||
#if BUILDFLAG(ENABLE_REMOTE_MODULE)
|
|
||||||
SetDefaultBoolIfUndefined(options::kEnableRemoteModule, true);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if (IsEnabled(options::kSandbox)) {
|
if (IsEnabled(options::kSandbox)) {
|
||||||
SetBool(options::kNativeWindowOpen, true);
|
SetBool(options::kNativeWindowOpen, true);
|
||||||
}
|
}
|
||||||
|
@ -331,7 +327,7 @@ void WebContentsPreferences::AppendCommandLineSwitches(
|
||||||
|
|
||||||
#if BUILDFLAG(ENABLE_REMOTE_MODULE)
|
#if BUILDFLAG(ENABLE_REMOTE_MODULE)
|
||||||
// Whether to enable the remote module
|
// Whether to enable the remote module
|
||||||
if (IsEnabled(options::kEnableRemoteModule))
|
if (IsEnabled(options::kEnableRemoteModule, true))
|
||||||
command_line->AppendSwitch(switches::kEnableRemoteModule);
|
command_line->AppendSwitch(switches::kEnableRemoteModule);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue