From bf756e3c00c79f4f7886dd7ea4d3c27eb5fbfcb0 Mon Sep 17 00:00:00 2001 From: Thiago de Arruda Date: Tue, 21 Mar 2017 10:45:40 -0300 Subject: [PATCH] Prevent browserify from leaking the require function Define a "require" argument in the wrapper functions that runs browserify bundles, which will prevent browserify from leaking the require function. Note that this doesn't affect the isolated renderer script, only when `-r` flag is passed to browserify command it will export a require function. It is still added to isolated renderer script to prevent future mistakes(doesn't hurt defining a "require" local). --- atom/renderer/atom_renderer_client.cc | 2 +- atom/renderer/atom_sandboxed_renderer_client.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/atom/renderer/atom_renderer_client.cc b/atom/renderer/atom_renderer_client.cc index 8dd8e04e1ac2..eb1bdccbe34c 100644 --- a/atom/renderer/atom_renderer_client.cc +++ b/atom/renderer/atom_renderer_client.cc @@ -115,7 +115,7 @@ class AtomRenderFrameObserver : public content::RenderFrameObserver { // an argument. std::string bundle(node::isolated_bundle_data, node::isolated_bundle_data + sizeof(node::isolated_bundle_data)); - std::string wrapper = "(function (binding) {\n" + bundle + "\n})"; + std::string wrapper = "(function (binding, require) {\n" + bundle + "\n})"; auto script = v8::Script::Compile( mate::ConvertToV8(isolate, wrapper)->ToString()); auto func = v8::Handle::Cast( diff --git a/atom/renderer/atom_sandboxed_renderer_client.cc b/atom/renderer/atom_sandboxed_renderer_client.cc index cb0dfd6db1fa..bf9ea6fd9ef8 100644 --- a/atom/renderer/atom_sandboxed_renderer_client.cc +++ b/atom/renderer/atom_sandboxed_renderer_client.cc @@ -206,7 +206,7 @@ void AtomSandboxedRendererClient::DidCreateScriptContext( std::string preload_bundle_native(node::preload_bundle_data, node::preload_bundle_data + sizeof(node::preload_bundle_data)); std::stringstream ss; - ss << "(function(binding, preloadPath) {\n"; + ss << "(function(binding, preloadPath, require) {\n"; ss << preload_bundle_native << "\n"; ss << "})"; std::string preload_wrapper = ss.str();