From 9d2e23413e9943b2cf1af78c321a1451110370fb Mon Sep 17 00:00:00 2001 From: Paul Frazee Date: Fri, 11 Nov 2016 13:10:54 -0600 Subject: [PATCH] add {secure:} opt to protocol.registerStandardSchemes --- atom/app/atom_content_client.cc | 14 ++++++++++++++ atom/app/atom_content_client.h | 3 +++ atom/browser/api/atom_api_protocol.cc | 13 +++++++++++-- atom/browser/api/atom_api_protocol.h | 2 +- atom/common/options_switches.cc | 3 +++ atom/common/options_switches.h | 1 + 6 files changed, 33 insertions(+), 3 deletions(-) diff --git a/atom/app/atom_content_client.cc b/atom/app/atom_content_client.cc index 40a6e1f5268d..f1528b09e8d9 100644 --- a/atom/app/atom_content_client.cc +++ b/atom/app/atom_content_client.cc @@ -204,4 +204,18 @@ void AtomContentClient::AddServiceWorkerSchemes( service_worker_schemes->insert(url::kFileScheme); } +void AtomContentClient::AddSecureSchemesAndOrigins( + std::set* secure_schemes, + std::set* secure_origins) { + std::vector schemes; + ConvertStringWithSeparatorToVector(&schemes, ",", + switches::kRegisterSecureSchemes); + if (!schemes.empty()) { + for (const std::string& scheme : schemes) { + secure_schemes->insert(scheme); + } + } +} + + } // namespace atom diff --git a/atom/app/atom_content_client.h b/atom/app/atom_content_client.h index f31a14605723..e396dc23c8e9 100644 --- a/atom/app/atom_content_client.h +++ b/atom/app/atom_content_client.h @@ -31,6 +31,9 @@ class AtomContentClient : public brightray::ContentClient { std::vector* plugins) override; void AddServiceWorkerSchemes( std::set* service_worker_schemes) override; + void AddSecureSchemesAndOrigins( + std::set* secure_schemes, + std::set* secure_origins) override; private: DISALLOW_COPY_AND_ASSIGN(AtomContentClient); diff --git a/atom/browser/api/atom_api_protocol.cc b/atom/browser/api/atom_api_protocol.cc index fd2485063a2a..33ad0cb77381 100644 --- a/atom/browser/api/atom_api_protocol.cc +++ b/atom/browser/api/atom_api_protocol.cc @@ -46,7 +46,7 @@ std::vector GetStandardSchemes() { return g_standard_schemes; } -void RegisterStandardSchemes(const std::vector& schemes) { +void RegisterStandardSchemes(const std::vector& schemes, mate::Arguments* args) { g_standard_schemes = schemes; auto* policy = content::ChildProcessSecurityPolicy::GetInstance(); @@ -55,8 +55,17 @@ void RegisterStandardSchemes(const std::vector& schemes) { policy->RegisterWebSafeScheme(scheme); } + // add switches to register as standard base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( atom::switches::kStandardSchemes, base::JoinString(schemes, ",")); + + mate::Dictionary opts; + bool secure = false; + if (args->GetNext(&opts) && opts.Get("secure", &secure) && secure) { + // add switches to register as secure + base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( + atom::switches::kRegisterSecureSchemes, base::JoinString(schemes, ",")); + } } Protocol::Protocol(v8::Isolate* isolate, AtomBrowserContext* browser_context) @@ -220,7 +229,7 @@ void RegisterStandardSchemes( return; } - atom::api::RegisterStandardSchemes(schemes); + atom::api::RegisterStandardSchemes(schemes, args); } void Initialize(v8::Local exports, v8::Local unused, diff --git a/atom/browser/api/atom_api_protocol.h b/atom/browser/api/atom_api_protocol.h index 3ad039c1b803..bfbf998546f1 100644 --- a/atom/browser/api/atom_api_protocol.h +++ b/atom/browser/api/atom_api_protocol.h @@ -29,7 +29,7 @@ namespace atom { namespace api { std::vector GetStandardSchemes(); -void RegisterStandardSchemes(const std::vector& schemes); +void RegisterStandardSchemes(const std::vector& schemes, mate::Arguments* args); class Protocol : public mate::TrackableObject { public: diff --git a/atom/common/options_switches.cc b/atom/common/options_switches.cc index 70aeccfc9bc7..12e097a500c0 100644 --- a/atom/common/options_switches.cc +++ b/atom/common/options_switches.cc @@ -144,6 +144,9 @@ const char kStandardSchemes[] = "standard-schemes"; // Register schemes to handle service worker. const char kRegisterServiceWorkerSchemes[] = "register-service-worker-schemes"; +// Register schemes as secure. +const char kRegisterSecureSchemes[] = "register-secure-schemes"; + // The minimum SSL/TLS version ("tls1", "tls1.1", or "tls1.2") that // TLS fallback will accept. const char kSSLVersionFallbackMin[] = "ssl-version-fallback-min"; diff --git a/atom/common/options_switches.h b/atom/common/options_switches.h index 3c9abebf4ce4..4ca7f61a4287 100644 --- a/atom/common/options_switches.h +++ b/atom/common/options_switches.h @@ -76,6 +76,7 @@ extern const char kPpapiFlashVersion[]; extern const char kDisableHttpCache[]; extern const char kStandardSchemes[]; extern const char kRegisterServiceWorkerSchemes[]; +extern const char kRegisterSecureSchemes[]; extern const char kSSLVersionFallbackMin[]; extern const char kCipherSuiteBlacklist[]; extern const char kAppUserModelId[];