fix: <webview> not working with contextIsolation + sandbox (#16469)
This commit is contained in:
parent
a9ac75c1f9
commit
b965e54efc
8 changed files with 164 additions and 82 deletions
|
@ -202,6 +202,30 @@ void AtomSandboxedRendererClient::DidCreateScriptContext(
|
|||
&preload_bundle_params, &preload_bundle_args, nullptr);
|
||||
}
|
||||
|
||||
void AtomSandboxedRendererClient::SetupMainWorldOverrides(
|
||||
v8::Handle<v8::Context> context,
|
||||
content::RenderFrame* render_frame) {
|
||||
// Setup window overrides in the main world context
|
||||
// Wrap the bundle into a function that receives the isolatedWorld as
|
||||
// an argument.
|
||||
auto* isolate = context->GetIsolate();
|
||||
|
||||
mate::Dictionary process = mate::Dictionary::CreateEmpty(isolate);
|
||||
process.SetMethod("binding", GetBinding);
|
||||
|
||||
std::vector<v8::Local<v8::String>> isolated_bundle_params = {
|
||||
node::FIXED_ONE_BYTE_STRING(isolate, "nodeProcess"),
|
||||
node::FIXED_ONE_BYTE_STRING(isolate, "isolatedWorld")};
|
||||
|
||||
std::vector<v8::Local<v8::Value>> isolated_bundle_args = {
|
||||
process.GetHandle(),
|
||||
GetContext(render_frame->GetWebFrame(), isolate)->Global()};
|
||||
|
||||
node::per_process::native_module_loader.CompileAndCall(
|
||||
context, "electron/js2c/isolated_bundle", &isolated_bundle_params,
|
||||
&isolated_bundle_args, nullptr);
|
||||
}
|
||||
|
||||
void AtomSandboxedRendererClient::WillReleaseScriptContext(
|
||||
v8::Handle<v8::Context> context,
|
||||
content::RenderFrame* render_frame) {
|
||||
|
|
|
@ -29,7 +29,7 @@ class AtomSandboxedRendererClient : public RendererClientBase {
|
|||
void WillReleaseScriptContext(v8::Handle<v8::Context> context,
|
||||
content::RenderFrame* render_frame) override;
|
||||
void SetupMainWorldOverrides(v8::Handle<v8::Context> context,
|
||||
content::RenderFrame* render_frame) override {}
|
||||
content::RenderFrame* render_frame) override;
|
||||
// content::ContentRendererClient:
|
||||
void RenderFrameCreated(content::RenderFrame*) override;
|
||||
void RenderViewCreated(content::RenderView*) override;
|
||||
|
|
|
@ -74,6 +74,7 @@ filenames = {
|
|||
"lib/renderer/web-view/web-view-constants.js",
|
||||
"lib/renderer/web-view/web-view-element.js",
|
||||
"lib/renderer/web-view/web-view-impl.js",
|
||||
"lib/renderer/web-view/web-view-init.js",
|
||||
"lib/renderer/api/exports/electron.js",
|
||||
"lib/renderer/api/crash-reporter.js",
|
||||
"lib/renderer/api/ipc-renderer.js",
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
/* global nodeProcess, isolatedWorld */
|
||||
|
||||
// Note: Don't use "process", as it will be replaced by browserify's one.
|
||||
const v8Util = nodeProcess.atomBinding('v8_util')
|
||||
const atomBinding = require('@electron/internal/common/atom-binding-setup')(nodeProcess.binding, 'renderer')
|
||||
|
||||
const isolatedWorldArgs = v8Util.getHiddenValue(isolatedWorld, 'isolated-world-args')
|
||||
const { webViewImpl, ipcRenderer, guestInstanceId, isHiddenPage, openerId, usesNativeWindowOpen } = isolatedWorldArgs
|
||||
const v8Util = atomBinding('v8_util')
|
||||
|
||||
const webViewImpl = v8Util.getHiddenValue(isolatedWorld, 'web-view-impl')
|
||||
|
||||
if (webViewImpl) {
|
||||
// Must setup the WebView element in main world.
|
||||
|
@ -14,4 +14,9 @@ if (webViewImpl) {
|
|||
setupWebView(v8Util, webViewImpl)
|
||||
}
|
||||
|
||||
require('@electron/internal/renderer/window-setup')(ipcRenderer, guestInstanceId, openerId, isHiddenPage, usesNativeWindowOpen)
|
||||
const isolatedWorldArgs = v8Util.getHiddenValue(isolatedWorld, 'isolated-world-args')
|
||||
|
||||
if (isolatedWorldArgs) {
|
||||
const { ipcRenderer, guestInstanceId, isHiddenPage, openerId, usesNativeWindowOpen } = isolatedWorldArgs
|
||||
require('@electron/internal/renderer/window-setup')(ipcRenderer, guestInstanceId, openerId, isHiddenPage, usesNativeWindowOpen)
|
||||
}
|
||||
|
|
|
@ -58,33 +58,29 @@ if (preloadScript) {
|
|||
preloadScripts.push(preloadScript)
|
||||
}
|
||||
|
||||
if (window.location.protocol === 'chrome-devtools:') {
|
||||
switch (window.location.protocol) {
|
||||
case 'chrome-devtools:': {
|
||||
// Override some inspector APIs.
|
||||
require('@electron/internal/renderer/inspector')
|
||||
} else if (window.location.protocol === 'chrome-extension:') {
|
||||
// Add implementations of chrome API.
|
||||
break
|
||||
}
|
||||
case 'chrome-extension:': {
|
||||
// Inject the chrome.* APIs that chrome extensions require
|
||||
require('@electron/internal/renderer/chrome-api').injectTo(window.location.hostname, isBackgroundPage, window)
|
||||
} else if (window.location.protocol === 'chrome:') {
|
||||
// Disable node integration for chrome UI scheme.
|
||||
} else {
|
||||
break
|
||||
}
|
||||
default: {
|
||||
// Override default web functions.
|
||||
require('@electron/internal/renderer/window-setup')(ipcRenderer, guestInstanceId, openerId, isHiddenPage, usesNativeWindowOpen)
|
||||
|
||||
// Inject content scripts.
|
||||
require('@electron/internal/renderer/content-scripts-injector')
|
||||
|
||||
// Load webview tag implementation.
|
||||
if (webviewTag && guestInstanceId == null) {
|
||||
const webViewImpl = require('@electron/internal/renderer/web-view/web-view-impl')
|
||||
if (contextIsolation) {
|
||||
Object.assign(isolatedWorldArgs, { webViewImpl })
|
||||
} else {
|
||||
const { setupWebView } = require('@electron/internal/renderer/web-view/web-view-element')
|
||||
setupWebView(v8Util, webViewImpl)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Load webview tag implementation.
|
||||
require('@electron/internal/renderer/web-view/web-view-init')(contextIsolation, webviewTag, guestInstanceId)
|
||||
|
||||
// Pass the arguments to isolatedWorld.
|
||||
if (contextIsolation) {
|
||||
v8Util.setHiddenValue(global, 'isolated-world-args', isolatedWorldArgs)
|
||||
|
@ -163,15 +159,3 @@ for (const preloadScript of preloadScripts) {
|
|||
|
||||
// Warn about security issues
|
||||
require('@electron/internal/renderer/security-warnings')(nodeIntegration)
|
||||
|
||||
// Report focus/blur events of webview to browser.
|
||||
// Note that while Chromium content APIs have observer for focus/blur, they
|
||||
// unfortunately do not work for webview.
|
||||
if (guestInstanceId) {
|
||||
window.addEventListener('focus', () => {
|
||||
ipcRenderer.send('ELECTRON_GUEST_VIEW_MANAGER_FOCUS_CHANGE', true, guestInstanceId)
|
||||
})
|
||||
window.addEventListener('blur', () => {
|
||||
ipcRenderer.send('ELECTRON_GUEST_VIEW_MANAGER_FOCUS_CHANGE', false, guestInstanceId)
|
||||
})
|
||||
}
|
||||
|
|
35
lib/renderer/web-view/web-view-init.js
Normal file
35
lib/renderer/web-view/web-view-init.js
Normal file
|
@ -0,0 +1,35 @@
|
|||
'use strict'
|
||||
|
||||
const ipcRenderer = require('@electron/internal/renderer/ipc-renderer-internal')
|
||||
const v8Util = process.atomBinding('v8_util')
|
||||
|
||||
function handleFocusBlur (guestInstanceId) {
|
||||
// Note that while Chromium content APIs have observer for focus/blur, they
|
||||
// unfortunately do not work for webview.
|
||||
|
||||
window.addEventListener('focus', () => {
|
||||
ipcRenderer.send('ELECTRON_GUEST_VIEW_MANAGER_FOCUS_CHANGE', true, guestInstanceId)
|
||||
})
|
||||
|
||||
window.addEventListener('blur', () => {
|
||||
ipcRenderer.send('ELECTRON_GUEST_VIEW_MANAGER_FOCUS_CHANGE', false, guestInstanceId)
|
||||
})
|
||||
}
|
||||
|
||||
module.exports = function (contextIsolation, webviewTag, guestInstanceId) {
|
||||
// Load webview tag implementation.
|
||||
if (webviewTag && guestInstanceId == null) {
|
||||
const webViewImpl = require('@electron/internal/renderer/web-view/web-view-impl')
|
||||
if (contextIsolation) {
|
||||
v8Util.setHiddenValue(window, 'web-view-impl', webViewImpl)
|
||||
} else {
|
||||
const { setupWebView } = require('@electron/internal/renderer/web-view/web-view-element')
|
||||
setupWebView(v8Util, webViewImpl)
|
||||
}
|
||||
}
|
||||
|
||||
if (guestInstanceId) {
|
||||
// Report focus/blur events of webview to browser.
|
||||
handleFocusBlur(guestInstanceId)
|
||||
}
|
||||
}
|
|
@ -105,8 +105,12 @@ function preloadRequire (module) {
|
|||
throw new Error('module not found')
|
||||
}
|
||||
|
||||
// Process command line arguments.
|
||||
const { hasSwitch } = process.atomBinding('command_line')
|
||||
|
||||
const isBackgroundPage = hasSwitch('background-page')
|
||||
const contextIsolation = hasSwitch('context-isolation')
|
||||
|
||||
switch (window.location.protocol) {
|
||||
case 'chrome-devtools:': {
|
||||
// Override some inspector APIs.
|
||||
|
@ -115,22 +119,15 @@ switch (window.location.protocol) {
|
|||
}
|
||||
case 'chrome-extension:': {
|
||||
// Inject the chrome.* APIs that chrome extensions require
|
||||
const isBackgroundPage = hasSwitch('background-page')
|
||||
require('@electron/internal/renderer/chrome-api').injectTo(window.location.hostname, isBackgroundPage, window)
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
if (binding.guestInstanceId) {
|
||||
process.guestInstanceId = parseInt(binding.guestInstanceId)
|
||||
}
|
||||
const guestInstanceId = binding.guestInstanceId && parseInt(binding.guestInstanceId)
|
||||
|
||||
// Don't allow recursive `<webview>`.
|
||||
if (!process.guestInstanceId && isWebViewTagEnabled) {
|
||||
const webViewImpl = require('@electron/internal/renderer/web-view/web-view-impl')
|
||||
const { setupWebView } = require('@electron/internal/renderer/web-view/web-view-element')
|
||||
setupWebView(v8Util, webViewImpl)
|
||||
}
|
||||
// Load webview tag implementation.
|
||||
require('@electron/internal/renderer/web-view/web-view-init')(contextIsolation, isWebViewTagEnabled, guestInstanceId)
|
||||
|
||||
const errorUtils = require('@electron/internal/common/error-utils')
|
||||
|
||||
|
|
|
@ -76,6 +76,19 @@ describe('<webview> tag', function () {
|
|||
await emittedOnce(ipcMain, 'pong')
|
||||
})
|
||||
|
||||
it('works with sandbox', async () => {
|
||||
const w = await openTheWindow({
|
||||
show: false,
|
||||
webPreferences: {
|
||||
webviewTag: true,
|
||||
nodeIntegration: true,
|
||||
sandbox: true
|
||||
}
|
||||
})
|
||||
w.loadFile(path.join(fixtures, 'pages', 'webview-isolated.html'))
|
||||
await emittedOnce(ipcMain, 'pong')
|
||||
})
|
||||
|
||||
it('works with contextIsolation', async () => {
|
||||
const w = await openTheWindow({
|
||||
show: false,
|
||||
|
@ -89,6 +102,20 @@ describe('<webview> tag', function () {
|
|||
await emittedOnce(ipcMain, 'pong')
|
||||
})
|
||||
|
||||
it('works with contextIsolation + sandbox', async () => {
|
||||
const w = await openTheWindow({
|
||||
show: false,
|
||||
webPreferences: {
|
||||
webviewTag: true,
|
||||
nodeIntegration: true,
|
||||
contextIsolation: true,
|
||||
sandbox: true
|
||||
}
|
||||
})
|
||||
w.loadFile(path.join(fixtures, 'pages', 'webview-isolated.html'))
|
||||
await emittedOnce(ipcMain, 'pong')
|
||||
})
|
||||
|
||||
it('is disabled by default', async () => {
|
||||
const w = await openTheWindow({
|
||||
show: false,
|
||||
|
@ -1349,11 +1376,14 @@ describe('<webview> tag', function () {
|
|||
if (div != null) div.remove()
|
||||
})
|
||||
|
||||
const generateSpecs = (description, sandbox) => {
|
||||
describe(description, () => {
|
||||
it('emits resize events', async () => {
|
||||
const firstResizeSignal = waitForEvent(webview, 'resize')
|
||||
const domReadySignal = waitForEvent(webview, 'dom-ready')
|
||||
|
||||
webview.src = `file://${fixtures}/pages/a.html`
|
||||
webview.webpreferences = `sandbox=${sandbox ? 'yes' : 'no'}`
|
||||
div.appendChild(webview)
|
||||
document.body.appendChild(div)
|
||||
|
||||
|
@ -1380,6 +1410,7 @@ describe('<webview> tag', function () {
|
|||
it('emits focus event', async () => {
|
||||
const domReadySignal = waitForEvent(webview, 'dom-ready')
|
||||
webview.src = `file://${fixtures}/pages/a.html`
|
||||
webview.webpreferences = `sandbox=${sandbox ? 'yes' : 'no'}`
|
||||
document.body.appendChild(webview)
|
||||
|
||||
await domReadySignal
|
||||
|
@ -1391,6 +1422,11 @@ describe('<webview> tag', function () {
|
|||
await focusSignal
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
generateSpecs('without sandbox', false)
|
||||
generateSpecs('with sandbox', true)
|
||||
})
|
||||
|
||||
describe('zoom behavior', () => {
|
||||
const zoomScheme = remote.getGlobal('zoomScheme')
|
||||
|
|
Loading…
Reference in a new issue