mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix: don't execute preload scripts for internal <iframe> in <webview> (#19260)

Browse source
This commit is contained in:
Milan Burda 2019-07-17 02:13:05 +02:00 committed by Cheng Zhao
parent b57e623c11
commit d1c9f5e309
7 changed files with 81 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
shell/renderer/atom_render_frame_observer.cc
View file

@ -81,7 +81,8 @@ void AtomRenderFrameObserver::DidCreateScriptContext(
if (should_create_isolated_context) { if (should_create_isolated_context) {
CreateIsolatedWorldContext(); CreateIsolatedWorldContext();
renderer_client_->SetupMainWorldOverrides(context, render_frame_); if (!renderer_client_->IsWebViewFrame(context, render_frame_))
renderer_client_->SetupMainWorldOverrides(context, render_frame_);
} }
if (world_id >= World::ISOLATED_WORLD_EXTENSIONS && if (world_id >= World::ISOLATED_WORLD_EXTENSIONS &&

3
shell/renderer/atom_renderer_client.cc
View file

@ -83,7 +83,8 @@ void AtomRendererClient::DidCreateScriptContext(
base::CommandLine::ForCurrentProcess()->HasSwitch( base::CommandLine::ForCurrentProcess()->HasSwitch(
switches::kNodeIntegrationInSubFrames); switches::kNodeIntegrationInSubFrames);
bool should_load_node = bool should_load_node =
is_main_frame || is_devtools || allow_node_in_subframes; (is_main_frame || is_devtools || allow_node_in_subframes) &&
!IsWebViewFrame(renderer_context, render_frame);
if (!should_load_node) { if (!should_load_node) {
return; return;
} }

3
shell/renderer/atom_sandboxed_renderer_client.cc
View file

@ -208,7 +208,8 @@ void AtomSandboxedRendererClient::DidCreateScriptContext(
base::CommandLine::ForCurrentProcess()->HasSwitch( base::CommandLine::ForCurrentProcess()->HasSwitch(
switches::kNodeIntegrationInSubFrames); switches::kNodeIntegrationInSubFrames);
bool should_load_preload = bool should_load_preload =
is_main_frame || is_devtools || allow_node_in_sub_frames; (is_main_frame || is_devtools || allow_node_in_sub_frames) &&
!IsWebViewFrame(context, render_frame);
if (!should_load_preload) if (!should_load_preload)
return; return;

24
shell/renderer/renderer_client_base.cc
View file

@ -310,4 +310,28 @@ v8::Local<v8::Value> RendererClientBase::RunScript(
return script->Run(context).ToLocalChecked(); return script->Run(context).ToLocalChecked();
} }
bool RendererClientBase::IsWebViewFrame(
v8::Handle<v8::Context> context,
content::RenderFrame* render_frame) const {
auto* isolate = context->GetIsolate();
if (render_frame->IsMainFrame())
return false;
mate::Dictionary window_dict(
isolate, GetContext(render_frame->GetWebFrame(), isolate)->Global());
v8::Local<v8::Object> frame_element;
if (!window_dict.Get("frameElement", &frame_element))
return false;
mate::Dictionary frame_element_dict(isolate, frame_element);
v8::Local<v8::Object> internal;
if (!frame_element_dict.GetHidden("internal", &internal))
return false;
return !internal.IsEmpty();
}
} // namespace electron } // namespace electron

4
shell/renderer/renderer_client_base.h
View file

@ -45,6 +45,10 @@ class RendererClientBase : public content::ContentRendererClient {
static v8::Local<v8::Value> RunScript(v8::Local<v8::Context> context, static v8::Local<v8::Value> RunScript(v8::Local<v8::Context> context,
v8::Local<v8::String> source); v8::Local<v8::String> source);
// v8Util.getHiddenValue(window.frameElement, 'internal')
bool IsWebViewFrame(v8::Handle<v8::Context> context,
content::RenderFrame* render_frame) const;
protected: protected:
void AddRenderBindings(v8::Isolate* isolate, void AddRenderBindings(v8::Isolate* isolate,
v8::Local<v8::Object> binding_object); v8::Local<v8::Object> binding_object);

33
spec/api-subframe-spec.js
View file

@ -149,6 +149,39 @@ describe('renderer nodeIntegrationInSubFrames', () => {
).forEach(config => { ).forEach(config => {
generateTests(config.title, config.webPreferences) generateTests(config.title, config.webPreferences)
}) })
describe('internal <iframe> inside of <webview>', () => {
let w
beforeEach(async () => {
await closeWindow(w)
w = new BrowserWindow({
show: false,
width: 400,
height: 400,
webPreferences: {
preload: path.resolve(__dirname, 'fixtures/sub-frames/webview-iframe-preload.js'),
nodeIntegrationInSubFrames: true,
webviewTag: true
}
})
})
afterEach(() => {
return closeWindow(w).then(() => {
w = null
})
})
it('should not load preload scripts', async () => {
const promisePass = emittedOnce(ipcMain, 'webview-loaded')
const promiseFail = emittedOnce(ipcMain, 'preload-in-frame').then(() => {
throw new Error('preload loaded in internal frame')
})
await w.loadURL('about:blank')
return Promise.race([promisePass, promiseFail])
})
})
}) })
describe('cross-site frame sandboxing', () => { describe('cross-site frame sandboxing', () => {

14
spec/fixtures/sub-frames/webview-iframe-preload.js vendored Normal file
View file

@ -0,0 +1,14 @@
const { ipcRenderer } = require('electron')
if (process.isMainFrame) {
window.addEventListener('DOMContentLoaded', () => {
const webview = document.createElement('webview')
webview.src = 'about:blank'
webview.addEventListener('did-finish-load', () => {
ipcRenderer.send('webview-loaded')
}, { once: true })
document.body.appendChild(webview)
})
} else {
ipcRenderer.send('preload-in-frame')
}