mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

Use except-iframe security by default.

Browse source
This commit is contained in:
Cheng Zhao 2014-03-04 20:12:10 +08:00
parent abc6e1e289
commit aae4abfa86
2 changed files with 13 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
browser/native_window.cc
View file

@ -56,7 +56,7 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
: content::WebContentsObserver(web_contents), : content::WebContentsObserver(web_contents),
has_frame_(true), has_frame_(true),
is_closed_(false), is_closed_(false),
node_integration_("all"), node_integration_("except-iframe"),
has_dialog_attached_(false), has_dialog_attached_(false),
weak_factory_(this), weak_factory_(this),
inspectable_web_contents_( inspectable_web_contents_(

21
renderer/atom_renderer_client.cc
View file

@ -21,10 +21,11 @@ namespace atom {
namespace { namespace {
// Security tokens. // Security tokens.
const char* kExceptIframe = "except-iframe"; const char* kSecurityAll = "all";
const char* kManualEnableIframe = "manual-enable-iframe"; const char* kSecurityExceptIframe = "except-iframe";
const char* kDisable = "disable"; const char* kSecurityManualEnableIframe = "manual-enable-iframe";
const char* kEnableNodeIntegration = "enable-node-integration"; const char* kSecurityDisable = "disable";
const char* kSecurityEnableNodeIntegration = "enable-node-integration";
// Scheme used by devtools // Scheme used by devtools
const char* kChromeDevToolsScheme = "chrome-devtools"; const char* kChromeDevToolsScheme = "chrome-devtools";
@ -32,17 +33,19 @@ const char* kChromeDevToolsScheme = "chrome-devtools";
} // namespace } // namespace
AtomRendererClient::AtomRendererClient() AtomRendererClient::AtomRendererClient()
: node_integration_(ALL), : node_integration_(EXCEPT_IFRAME),
main_frame_(NULL) { main_frame_(NULL) {
// Translate the token. // Translate the token.
std::string token = CommandLine::ForCurrentProcess()-> std::string token = CommandLine::ForCurrentProcess()->
GetSwitchValueASCII(switches::kNodeIntegration); GetSwitchValueASCII(switches::kNodeIntegration);
if (token == kExceptIframe) if (token == kSecurityExceptIframe)
node_integration_ = EXCEPT_IFRAME; node_integration_ = EXCEPT_IFRAME;
else if (token == kManualEnableIframe) else if (token == kSecurityManualEnableIframe)
node_integration_ = MANUAL_ENABLE_IFRAME; node_integration_ = MANUAL_ENABLE_IFRAME;
else if (token == kDisable) else if (token == kSecurityDisable)
node_integration_ = DISABLE; node_integration_ = DISABLE;
else if (token == kSecurityAll)
node_integration_ = ALL;
if (IsNodeBindingEnabled()) { if (IsNodeBindingEnabled()) {
node_bindings_.reset(NodeBindings::Create(false)); node_bindings_.reset(NodeBindings::Create(false));
@ -164,7 +167,7 @@ bool AtomRendererClient::IsNodeBindingEnabled(WebKit::WebFrame* frame) {
return true; return true;
else if (node_integration_ == MANUAL_ENABLE_IFRAME && else if (node_integration_ == MANUAL_ENABLE_IFRAME &&
frame != NULL && frame != NULL &&
frame->uniqueName().utf8().find(kEnableNodeIntegration) frame->uniqueName().utf8().find(kSecurityEnableNodeIntegration)
== std::string::npos) == std::string::npos)
return false; return false;
else if (node_integration_ == EXCEPT_IFRAME && frame != NULL) else if (node_integration_ == EXCEPT_IFRAME && frame != NULL)