Merge pull request #172 from atom/secure-iframe
Add "node-integration" option to BrowserWindow
This commit is contained in:
commit
c81128b675
13 changed files with 197 additions and 13 deletions
|
@ -51,6 +51,15 @@ void AtomMainDelegate::PreSandboxStartup() {
|
|||
InitializeResourceBundle();
|
||||
|
||||
CommandLine* command_line = CommandLine::ForCurrentProcess();
|
||||
std::string process_type = command_line->GetSwitchValueASCII(
|
||||
switches::kProcessType);
|
||||
|
||||
// Don't append arguments for renderer process.
|
||||
if (process_type == switches::kRendererProcess)
|
||||
return;
|
||||
|
||||
// Add a flag to mark the start of switches added by atom-shell.
|
||||
command_line->AppendSwitch("atom-shell-switches-start");
|
||||
|
||||
// Disable renderer sandbox for most of node's functions.
|
||||
command_line->AppendSwitch(switches::kNoSandbox);
|
||||
|
@ -60,7 +69,7 @@ void AtomMainDelegate::PreSandboxStartup() {
|
|||
command_line->AppendSwitch(switches::kDisableAcceleratedCompositing);
|
||||
|
||||
// Add a flag to mark the end of switches added by atom-shell.
|
||||
command_line->AppendSwitch("no-more-switches");
|
||||
command_line->AppendSwitch("atom-shell-switches-end");
|
||||
}
|
||||
|
||||
void AtomMainDelegate::InitializeResourceBundle() {
|
||||
|
|
|
@ -4,14 +4,39 @@
|
|||
|
||||
#include "browser/atom_browser_client.h"
|
||||
|
||||
#include "base/command_line.h"
|
||||
#include "browser/atom_browser_context.h"
|
||||
#include "browser/atom_browser_main_parts.h"
|
||||
#include "browser/native_window.h"
|
||||
#include "browser/net/atom_url_request_context_getter.h"
|
||||
#include "browser/window_list.h"
|
||||
#include "common/options_switches.h"
|
||||
#include "content/public/browser/render_process_host.h"
|
||||
#include "content/public/browser/site_instance.h"
|
||||
#include "content/public/browser/web_contents.h"
|
||||
#include "webkit/common/webpreferences.h"
|
||||
|
||||
namespace atom {
|
||||
|
||||
AtomBrowserClient::AtomBrowserClient() {
|
||||
namespace {
|
||||
|
||||
struct FindByProcessId {
|
||||
explicit FindByProcessId(int child_process_id)
|
||||
: child_process_id_(child_process_id) {
|
||||
}
|
||||
|
||||
bool operator() (NativeWindow* const window) {
|
||||
int id = window->GetWebContents()->GetRenderProcessHost()->GetID();
|
||||
return id == child_process_id_;
|
||||
}
|
||||
|
||||
int child_process_id_;
|
||||
};
|
||||
|
||||
} // namespace
|
||||
|
||||
AtomBrowserClient::AtomBrowserClient()
|
||||
: dying_render_process_(NULL) {
|
||||
}
|
||||
|
||||
AtomBrowserClient::~AtomBrowserClient() {
|
||||
|
@ -50,10 +75,44 @@ bool AtomBrowserClient::ShouldSwapProcessesForNavigation(
|
|||
content::SiteInstance* site_instance,
|
||||
const GURL& current_url,
|
||||
const GURL& new_url) {
|
||||
if (site_instance->HasProcess())
|
||||
dying_render_process_ = site_instance->GetProcess();
|
||||
|
||||
// Restart renderer process for all navigations.
|
||||
return true;
|
||||
}
|
||||
|
||||
void AtomBrowserClient::AppendExtraCommandLineSwitches(
|
||||
CommandLine* command_line,
|
||||
int child_process_id) {
|
||||
WindowList* list = WindowList::GetInstance();
|
||||
NativeWindow* window = NULL;
|
||||
|
||||
// Find the owner of this child process.
|
||||
WindowList::const_iterator iter = std::find_if(
|
||||
list->begin(), list->end(), FindByProcessId(child_process_id));
|
||||
if (iter != list->end())
|
||||
window = *iter;
|
||||
|
||||
// If the render process is a newly started one, which means the window still
|
||||
// uses the old going-to-be-swapped render process, then we try to find the
|
||||
// window from the swapped render process.
|
||||
if (window == NULL && dying_render_process_ != NULL) {
|
||||
child_process_id = dying_render_process_->GetID();
|
||||
WindowList::const_iterator iter = std::find_if(
|
||||
list->begin(), list->end(), FindByProcessId(child_process_id));
|
||||
if (iter != list->end())
|
||||
window = *iter;
|
||||
}
|
||||
|
||||
// Append --node-integration to renderer process.
|
||||
if (window != NULL)
|
||||
command_line->AppendSwitchASCII(switches::kNodeIntegration,
|
||||
window->node_integration());
|
||||
|
||||
dying_render_process_ = NULL;
|
||||
}
|
||||
|
||||
brightray::BrowserMainParts* AtomBrowserClient::OverrideCreateBrowserMainParts(
|
||||
const content::MainFunctionParams&) {
|
||||
return new AtomBrowserMainParts;
|
||||
|
|
|
@ -25,11 +25,16 @@ class AtomBrowserClient : public brightray::BrowserClient {
|
|||
content::SiteInstance* site_instance,
|
||||
const GURL& current_url,
|
||||
const GURL& new_url) OVERRIDE;
|
||||
virtual void AppendExtraCommandLineSwitches(CommandLine* command_line,
|
||||
int child_process_id) OVERRIDE;
|
||||
|
||||
private:
|
||||
virtual brightray::BrowserMainParts* OverrideCreateBrowserMainParts(
|
||||
const content::MainFunctionParams&) OVERRIDE;
|
||||
|
||||
// The render process which would be swapped out soon.
|
||||
content::RenderProcessHost* dying_render_process_;
|
||||
|
||||
DISALLOW_COPY_AND_ASSIGN(AtomBrowserClient);
|
||||
};
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
var app = require('app');
|
||||
var dialog = require('dialog');
|
||||
var path = require('path');
|
||||
var optimist = require('optimist');
|
||||
|
||||
|
@ -9,7 +8,7 @@ app.on('window-all-closed', function() {
|
|||
app.quit();
|
||||
});
|
||||
|
||||
var argv = optimist(process.argv.slice(1)).argv;
|
||||
var argv = optimist(process.argv.slice(1)).boolean('ci').argv;
|
||||
|
||||
// Start the specified app if there is one specified in command line, otherwise
|
||||
// start the default app.
|
||||
|
|
|
@ -9,6 +9,11 @@ process.resourcesPath = path.resolve process.argv[1], '..', '..', '..'
|
|||
# we need to restore it here.
|
||||
process.argv.splice 1, 1
|
||||
|
||||
# Pick out switches appended by atom-shell.
|
||||
startMark = process.argv.indexOf '--atom-shell-switches-start'
|
||||
endMark = process.argv.indexOf '--atom-shell-switches-end'
|
||||
process.execArgv = process.argv.splice startMark, endMark - startMark + 1
|
||||
|
||||
# Add browser/api/lib to require's search paths,
|
||||
# which contains javascript part of Atom's built-in libraries.
|
||||
globalPaths = require('module').globalPaths
|
||||
|
|
|
@ -48,16 +48,19 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
|
|||
: content::WebContentsObserver(web_contents),
|
||||
has_frame_(true),
|
||||
is_closed_(false),
|
||||
node_integration_("all"),
|
||||
weak_factory_(this),
|
||||
inspectable_web_contents_(
|
||||
brightray::InspectableWebContents::Create(web_contents)) {
|
||||
options->GetBoolean(switches::kFrame, &has_frame_);
|
||||
|
||||
// Read icon before window is created.
|
||||
std::string icon;
|
||||
if (options->GetString(switches::kIcon, &icon)) {
|
||||
if (!SetIcon(icon))
|
||||
if (options->GetString(switches::kIcon, &icon) && !SetIcon(icon))
|
||||
LOG(ERROR) << "Failed to set icon to " << icon;
|
||||
}
|
||||
|
||||
// Read iframe security before any navigation.
|
||||
options->GetString(switches::kNodeIntegration, &node_integration_);
|
||||
|
||||
web_contents->SetDelegate(this);
|
||||
|
||||
|
|
|
@ -140,6 +140,7 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
|
|||
}
|
||||
|
||||
bool has_frame() const { return has_frame_; }
|
||||
std::string node_integration() const { return node_integration_; }
|
||||
|
||||
protected:
|
||||
explicit NativeWindow(content::WebContents* web_contents,
|
||||
|
@ -219,6 +220,9 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
|
|||
// The windows has been closed.
|
||||
bool is_closed_;
|
||||
|
||||
// The security token of iframe.
|
||||
std::string node_integration_;
|
||||
|
||||
// Closure that would be called when window is unresponsive when closing,
|
||||
// it should be cancelled when we can prove that the window is responsive.
|
||||
base::CancelableClosure window_unresposive_closure_;
|
||||
|
|
|
@ -31,6 +31,8 @@ const char kKiosk[] = "kiosk";
|
|||
// Make windows stays on the top of all other windows.
|
||||
const char kAlwaysOnTop[] = "always-on-top";
|
||||
|
||||
const char kNodeIntegration[] = "node-integration";
|
||||
|
||||
} // namespace switches
|
||||
|
||||
} // namespace atom
|
||||
|
|
|
@ -26,6 +26,7 @@ extern const char kResizable[];
|
|||
extern const char kFullscreen[];
|
||||
extern const char kKiosk[];
|
||||
extern const char kAlwaysOnTop[];
|
||||
extern const char kNodeIntegration[];
|
||||
|
||||
} // namespace switches
|
||||
|
||||
|
|
|
@ -18,9 +18,6 @@ win.show();
|
|||
You can also create a window without chrome by using
|
||||
[Frameless Window](frameless-window.md) API.
|
||||
|
||||
|
||||
**Note:** Be careful not to use `window` as the variable name.
|
||||
|
||||
## Class: BrowserWindow
|
||||
|
||||
`BrowserWindow` is an
|
||||
|
@ -44,11 +41,31 @@ You can also create a window without chrome by using
|
|||
* `show` Boolean - Whether window should be shown when created
|
||||
* `frame` Boolean - Specify `false` to create a
|
||||
[Frameless Window](frameless-window.md)
|
||||
* `node-integration` String - Can be `all`, `except-iframe`,
|
||||
`manual-enable-iframe` or `disable`.
|
||||
|
||||
Creates a new `BrowserWindow` with native properties set by the `options`.
|
||||
Usually you only need to set the `width` and `height`, other properties will
|
||||
have decent default values.
|
||||
|
||||
By default the `node-integration` option is `all`, which means node integration
|
||||
is available to the main page and all its iframes. You can also set it to
|
||||
`except-iframe`, which would disable node integration in all iframes, or
|
||||
`manual-enable-iframe`, which is like `except-iframe`, but would enable iframes
|
||||
whose name is suffixed by `-enable-node-integration`. And setting to `disable`
|
||||
would disable the node integration in both the main page and its iframes.
|
||||
|
||||
An example of enable node integration in iframe with `node-integration` set to
|
||||
`manual-enable-iframe`:
|
||||
|
||||
```html
|
||||
<!-- iframe with node integration enabled -->
|
||||
<iframe name="gh-enable-node-integration" src="https://github.com"></iframe>
|
||||
|
||||
<!-- iframe with node integration disabled -->
|
||||
<iframe src="http://jandan.net"></iframe>
|
||||
```
|
||||
|
||||
### Event: 'page-title-updated'
|
||||
|
||||
* `event` Event
|
||||
|
|
|
@ -5,12 +5,14 @@
|
|||
#include "renderer/atom_render_view_observer.h"
|
||||
|
||||
#include "common/api/api_messages.h"
|
||||
#include "content/public/renderer/render_view.h"
|
||||
#include "ipc/ipc_message_macros.h"
|
||||
#include "renderer/api/atom_renderer_bindings.h"
|
||||
#include "renderer/atom_renderer_client.h"
|
||||
#include "third_party/WebKit/public/web/WebDraggableRegion.h"
|
||||
#include "third_party/WebKit/public/web/WebDocument.h"
|
||||
#include "third_party/WebKit/public/web/WebFrame.h"
|
||||
#include "third_party/WebKit/public/web/WebView.h"
|
||||
|
||||
#include "common/v8/node_common.h"
|
||||
|
||||
|
@ -53,6 +55,13 @@ bool AtomRenderViewObserver::OnMessageReceived(const IPC::Message& message) {
|
|||
|
||||
void AtomRenderViewObserver::OnBrowserMessage(const string16& channel,
|
||||
const base::ListValue& args) {
|
||||
if (!render_view()->GetWebView())
|
||||
return;
|
||||
|
||||
WebKit::WebFrame* frame = render_view()->GetWebView()->mainFrame();
|
||||
if (!renderer_client_->IsNodeBindingEnabled(frame))
|
||||
return;
|
||||
|
||||
renderer_client_->atom_bindings()->OnBrowserMessage(
|
||||
render_view(), channel, args);
|
||||
}
|
||||
|
|
|
@ -6,23 +6,52 @@
|
|||
|
||||
#include <algorithm>
|
||||
|
||||
#include "base/command_line.h"
|
||||
#include "common/node_bindings.h"
|
||||
#include "common/options_switches.h"
|
||||
#include "renderer/api/atom_renderer_bindings.h"
|
||||
#include "renderer/atom_render_view_observer.h"
|
||||
#include "third_party/WebKit/public/web/WebFrame.h"
|
||||
|
||||
#include "common/v8/node_common.h"
|
||||
|
||||
namespace atom {
|
||||
|
||||
namespace {
|
||||
|
||||
const char* kExceptIframe = "except-iframe";
|
||||
const char* kManualEnableIframe = "manual-enable-iframe";
|
||||
const char* kDisable = "disable";
|
||||
const char* kEnableNodeIntegration = "enable-node-integration";
|
||||
|
||||
} // namespace
|
||||
|
||||
AtomRendererClient::AtomRendererClient()
|
||||
: node_bindings_(NodeBindings::Create(false)),
|
||||
atom_bindings_(new AtomRendererBindings) {
|
||||
: node_integration_(ALL),
|
||||
main_frame_(NULL) {
|
||||
// Translate the token.
|
||||
std::string token = CommandLine::ForCurrentProcess()->
|
||||
GetSwitchValueASCII(switches::kNodeIntegration);
|
||||
if (token == kExceptIframe)
|
||||
node_integration_ = EXCEPT_IFRAME;
|
||||
else if (token == kManualEnableIframe)
|
||||
node_integration_ = MANUAL_ENABLE_IFRAME;
|
||||
else if (token == kDisable)
|
||||
node_integration_ = DISABLE;
|
||||
|
||||
if (IsNodeBindingEnabled()) {
|
||||
node_bindings_.reset(NodeBindings::Create(false));
|
||||
atom_bindings_.reset(new AtomRendererBindings);
|
||||
}
|
||||
}
|
||||
|
||||
AtomRendererClient::~AtomRendererClient() {
|
||||
}
|
||||
|
||||
void AtomRendererClient::RenderThreadStarted() {
|
||||
if (!IsNodeBindingEnabled())
|
||||
return;
|
||||
|
||||
node_bindings_->Initialize();
|
||||
node_bindings_->PrepareMessageLoop();
|
||||
|
||||
|
@ -43,6 +72,13 @@ void AtomRendererClient::DidCreateScriptContext(WebKit::WebFrame* frame,
|
|||
v8::Handle<v8::Context> context,
|
||||
int extension_group,
|
||||
int world_id) {
|
||||
// The first web frame is the main frame.
|
||||
if (main_frame_ == NULL)
|
||||
main_frame_ = frame;
|
||||
|
||||
if (!IsNodeBindingEnabled(frame))
|
||||
return;
|
||||
|
||||
v8::Context::Scope scope(context);
|
||||
|
||||
// Check the existance of process object to prevent duplicate initialization.
|
||||
|
@ -70,6 +106,9 @@ void AtomRendererClient::WillReleaseScriptContext(
|
|||
WebKit::WebFrame* frame,
|
||||
v8::Handle<v8::Context> context,
|
||||
int world_id) {
|
||||
if (!IsNodeBindingEnabled(frame))
|
||||
return;
|
||||
|
||||
node::Environment* env = node::Environment::GetCurrent(context);
|
||||
if (env == NULL) {
|
||||
LOG(ERROR) << "Encounter a non-node context when releasing script context";
|
||||
|
@ -108,4 +147,21 @@ bool AtomRendererClient::ShouldFork(WebKit::WebFrame* frame,
|
|||
return true;
|
||||
}
|
||||
|
||||
bool AtomRendererClient::IsNodeBindingEnabled(WebKit::WebFrame* frame) {
|
||||
if (node_integration_ == DISABLE)
|
||||
return false;
|
||||
// Node integration is enabled in main frame unless explictly disabled.
|
||||
else if (frame == main_frame_)
|
||||
return true;
|
||||
else if (node_integration_ == MANUAL_ENABLE_IFRAME &&
|
||||
frame != NULL &&
|
||||
frame->uniqueName().utf8().find(kEnableNodeIntegration)
|
||||
== std::string::npos)
|
||||
return false;
|
||||
else if (node_integration_ == EXCEPT_IFRAME && frame != NULL)
|
||||
return false;
|
||||
else
|
||||
return true;
|
||||
}
|
||||
|
||||
} // namespace atom
|
||||
|
|
|
@ -23,9 +23,18 @@ class AtomRendererClient : public content::ContentRendererClient {
|
|||
AtomRendererClient();
|
||||
virtual ~AtomRendererClient();
|
||||
|
||||
bool IsNodeBindingEnabled(WebKit::WebFrame* frame = NULL);
|
||||
|
||||
AtomRendererBindings* atom_bindings() const { return atom_bindings_.get(); }
|
||||
|
||||
private:
|
||||
enum NodeIntegration {
|
||||
ALL,
|
||||
EXCEPT_IFRAME,
|
||||
MANUAL_ENABLE_IFRAME,
|
||||
DISABLE,
|
||||
};
|
||||
|
||||
virtual void RenderThreadStarted() OVERRIDE;
|
||||
virtual void RenderViewCreated(content::RenderView*) OVERRIDE;
|
||||
virtual void DidCreateScriptContext(WebKit::WebFrame* frame,
|
||||
|
@ -47,6 +56,12 @@ class AtomRendererClient : public content::ContentRendererClient {
|
|||
scoped_ptr<NodeBindings> node_bindings_;
|
||||
scoped_ptr<AtomRendererBindings> atom_bindings_;
|
||||
|
||||
// The level of node integration we should support.
|
||||
NodeIntegration node_integration_;
|
||||
|
||||
// The main frame.
|
||||
WebKit::WebFrame* main_frame_;
|
||||
|
||||
DISALLOW_COPY_AND_ASSIGN(AtomRendererClient);
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue