feat: move webFrame scheme privilege methods to main process (#16416)

* chore: deprecate webFrame.registerURLSchemeAsPrivileged

* Add register schemes protocol api

* update branch to enable browser process API

* Revert deprecation changes

* Fetch API support

* Updated api to take an array, still working on tests

* Update tests

* Remove web frame API

* Minor changes

* update scheme registrations on browser and renderer process

* fix: enable ses.getBlobData spec

* Update breaking changes doc

spec/api-protocol-spec.js

@@ -1087,7 +1087,7 @@ describe('protocol module', () => {
     })
   })
 
-  describe('protocol.registerStandardSchemes', () => {
+  describe('protocol.registerSchemesAsPrivileged standard', () => {
     const standardScheme = remote.getGlobal('standardScheme')
     const origin = `${standardScheme}://fake-host`
     const imageURL = `${origin}/test.png`
@@ -1189,4 +1189,102 @@ describe('protocol module', () => {
       })
     })
   })
+
+  describe('protocol.registerSchemesAsPrivileged cors-fetch', function () {
+    const standardScheme = remote.getGlobal('standardScheme')
+    const fixtures = path.resolve(__dirname, 'fixtures')
+    let w = null
+
+    beforeEach((done) => {
+      protocol.unregisterProtocol(standardScheme, () => done())
+    })
+
+    afterEach((done) => {
+      closeWindow(w).then(() => {
+        w = null
+        done()
+      })
+    })
+
+    it('supports fetch api by default', (done) => {
+      const url = 'file://' + fixtures + '/assets/logo.png'
+      window.fetch(url)
+        .then(function (response) {
+          assert(response.ok)
+          done()
+        })
+        .catch(function (err) {
+          done('unexpected error : ' + err)
+        })
+    })
+
+    it('allows CORS requests by default', (done) => {
+      allowsCORSRequests('cors', 200, `<html>
+        <script>
+        const {ipcRenderer} = require('electron')
+        fetch('cors://myhost').then(function (response) {
+          ipcRenderer.send('response', response.status)
+        }).catch(function (response) {
+          ipcRenderer.send('response', 'failed')
+        })
+        </script>
+        </html>`, done)
+    })
+
+    it('disallows CORS, but allows fetch requests, when specified', (done) => {
+      allowsCORSRequests('no-cors', 'failed', `<html>
+        <script>
+        const {ipcRenderer} = require('electron')
+        fetch('no-cors://myhost').then(function (response) {
+          ipcRenderer.send('response', response.status)
+        }).catch(function (response) {
+          ipcRenderer.send('response', 'failed')
+        })
+        </script>
+        </html>`, done)
+    })
+
+    it('allows CORS, but disallows fetch requests, when specified', (done) => {
+      allowsCORSRequests('no-fetch', 'failed', `<html>
+        <script>
+        const {ipcRenderer} = require('electron')
+        fetch('no-fetch://myhost').then(function
+        (response) {
+          ipcRenderer.send('response', response.status)
+        }).catch(function (response) {
+          ipcRenderer.send('response', 'failed')
+        })
+        </script>
+        </html>`, done)
+    })
+
+    function allowsCORSRequests (corsScheme, expected, content, done) {
+      const url = standardScheme + '://fake-host'
+      w = new BrowserWindow({
+        show: false,
+        webPreferences: {
+          nodeIntegration: true
+        }
+      })
+
+      const handler = (request, callback) => {
+        callback({ data: content, mimeType: 'text/html' })
+      }
+      protocol.registerStringProtocol(standardScheme, handler, (error) => {
+        if (error) { return done(error) }
+      })
+
+      protocol.registerStringProtocol(corsScheme,
+        (request, callback) => {
+          callback('')
+        }, (error) => {
+          if (error) { return done(error) }
+          ipcMain.once('response', function (event, status) {
+            assert.strictEqual(status, expected)
+            protocol.unregisterProtocol(corsScheme, () => done())
+          })
+          w.loadURL(url)
+        })
+    }
+  })
 })