fix: ensure ElectronBrowser mojo service is only bound to appropriate render frames (#33323)

* fix: ensure ElectronBrowser mojo service is only bound to authorized render frames Notes: no-notes * refactor: extract electron API IPC to its own mojo interface * fix: just check main frame not primary main frame
2022-03-18 19:50:05 -07:00 · 2022-03-18 19:50:05 -07:00 · e07c2b84d7
commit e07c2b84d7
parent f2b06324b8
17 changed files with 381 additions and 229 deletions
--- a/shell/browser/api/electron_api_web_contents.h
+++ b/shell/browser/api/electron_api_web_contents.h
@ -355,7 +355,7 @@ class WebContents : public ExclusiveAccessContext,
  template <typename... Args>
  bool EmitWithSender(base::StringPiece name,
                      content::RenderFrameHost* sender,
-                      electron::mojom::ElectronBrowser::InvokeCallback callback,
+                      electron::mojom::ElectronApiIPC::InvokeCallback callback,
                      Args&&... args) {
    DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
    v8::Isolate* isolate = JavascriptEnvironment::GetIsolate();
@ -399,7 +399,7 @@ class WebContents : public ExclusiveAccessContext,
    fullscreen_frame_ = rfh;
  }

-  // mojom::ElectronBrowser
+  // mojom::ElectronApiIPC
  void Message(bool internal,
               const std::string& channel,
               blink::CloneableMessage arguments,
@ -407,9 +407,8 @@ class WebContents : public ExclusiveAccessContext,
  void Invoke(bool internal,
              const std::string& channel,
              blink::CloneableMessage arguments,
-              electron::mojom::ElectronBrowser::InvokeCallback callback,
+              electron::mojom::ElectronApiIPC::InvokeCallback callback,
              content::RenderFrameHost* render_frame_host);
-  void OnFirstNonEmptyLayout(content::RenderFrameHost* render_frame_host);
  void ReceivePostMessage(const std::string& channel,
                          blink::TransferableMessage message,
                          content::RenderFrameHost* render_frame_host);
@ -417,7 +416,7 @@ class WebContents : public ExclusiveAccessContext,
      bool internal,
      const std::string& channel,
      blink::CloneableMessage arguments,
-      electron::mojom::ElectronBrowser::MessageSyncCallback callback,
+      electron::mojom::ElectronApiIPC::MessageSyncCallback callback,
      content::RenderFrameHost* render_frame_host);
  void MessageTo(int32_t web_contents_id,
                 const std::string& channel,
@ -425,10 +424,15 @@ class WebContents : public ExclusiveAccessContext,
  void MessageHost(const std::string& channel,
                   blink::CloneableMessage arguments,
                   content::RenderFrameHost* render_frame_host);
+
+  // mojom::ElectronWebContentsUtility
+  void OnFirstNonEmptyLayout(content::RenderFrameHost* render_frame_host);
  void UpdateDraggableRegions(std::vector<mojom::DraggableRegionPtr> regions);
  void SetTemporaryZoomLevel(double level);
  void DoGetZoomLevel(
-      electron::mojom::ElectronBrowser::DoGetZoomLevelCallback callback);
+      electron::mojom::ElectronWebContentsUtility::DoGetZoomLevelCallback
+          callback);
+
  void SetImageAnimationPolicy(const std::string& new_policy);

  // Grants |origin| access to |device|.