fix: security: don't allow arbitrary methods to be invoked on webContents via IPC (#15919)
This commit is contained in:
Milan Burda
Alexey Kuzmin
parent
0a23c0b032
commit
aa2b2f7c8f
7 changed files with 115 additions and 90 deletions
|
|
@ -146,15 +146,6 @@ function BrowserWindowProxy (ipcRenderer, guestId) {
|
|||
}
|
||||
}
|
||||
|
||||
// Forward history operations to browser.
|
||||
const sendHistoryOperation = function (ipcRenderer, ...args) {
|
||||
ipcRenderer.send('ELECTRON_NAVIGATION_CONTROLLER', ...args)
|
||||
}
|
||||
|
||||
const getHistoryOperation = function (ipcRenderer, ...args) {
|
||||
return ipcRenderer.sendSync('ELECTRON_SYNC_NAVIGATION_CONTROLLER', ...args)
|
||||
}
|
||||
|
||||
module.exports = (ipcRenderer, guestInstanceId, openerId, hiddenPage, usesNativeWindowOpen) => {
|
||||
if (guestInstanceId == null) {
|
||||
// Override default window.close.
|
||||
|
|
@ -199,20 +190,20 @@ module.exports = (ipcRenderer, guestInstanceId, openerId, hiddenPage, usesNative
|
|||
})
|
||||
|
||||
window.history.back = function () {
|
||||
sendHistoryOperation(ipcRenderer, 'goBack')
|
||||
ipcRenderer.send('ELECTRON_NAVIGATION_CONTROLLER_GO_BACK')
|
||||
}
|
||||
|
||||
window.history.forward = function () {
|
||||
sendHistoryOperation(ipcRenderer, 'goForward')
|
||||
ipcRenderer.send('ELECTRON_NAVIGATION_CONTROLLER_GO_FORWARD')
|
||||
}
|
||||
|
||||
window.history.go = function (offset) {
|
||||
sendHistoryOperation(ipcRenderer, 'goToOffset', +offset)
|
||||
ipcRenderer.send('ELECTRON_NAVIGATION_CONTROLLER_GO_TO_OFFSET', +offset)
|
||||
}
|
||||
|
||||
defineProperty(window.history, 'length', {
|
||||
get: function () {
|
||||
return getHistoryOperation(ipcRenderer, 'length')
|
||||
return ipcRenderer.sendSync('ELECTRON_NAVIGATION_CONTROLLER_LENGTH')
|
||||
}
|
||||
})
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue