Rename iframe-security to node-integration.

This commit is contained in:
Cheng Zhao 2014-01-30 23:20:12 +08:00
parent d4929de33c
commit ec00da416f
8 changed files with 44 additions and 23 deletions

View file

@ -63,15 +63,15 @@ bool AtomBrowserClient::ShouldSwapProcessesForNavigation(
void AtomBrowserClient::AppendExtraCommandLineSwitches(
CommandLine* command_line,
int child_process_id) {
// Append --iframe-security to renderer process.
// Append --node-integration to renderer process.
WindowList* list = WindowList::GetInstance();
for (WindowList::const_iterator iter = list->begin(); iter != list->end();
++iter) {
NativeWindow* window = *iter;
int id = window->GetWebContents()->GetRenderProcessHost()->GetID();
if (id == child_process_id) {
command_line->AppendSwitchASCII(switches::kIframeSecurity,
window->iframe_security());
command_line->AppendSwitchASCII(switches::kNodeIntegration,
window->node_integration());
return;
}
}

View file

@ -48,7 +48,7 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
: content::WebContentsObserver(web_contents),
has_frame_(true),
is_closed_(false),
iframe_security_("full"),
node_integration_("all"),
weak_factory_(this),
inspectable_web_contents_(
brightray::InspectableWebContents::Create(web_contents)) {
@ -60,7 +60,7 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
LOG(ERROR) << "Failed to set icon to " << icon;
// Read iframe security before any navigation.
options->GetString(switches::kIframeSecurity, &iframe_security_);
options->GetString(switches::kNodeIntegration, &node_integration_);
web_contents->SetDelegate(this);

View file

@ -140,7 +140,7 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
}
bool has_frame() const { return has_frame_; }
std::string iframe_security() const { return iframe_security_; }
std::string node_integration() const { return node_integration_; }
protected:
explicit NativeWindow(content::WebContents* web_contents,
@ -221,7 +221,7 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
bool is_closed_;
// The security token of iframe.
std::string iframe_security_;
std::string node_integration_;
// Closure that would be called when window is unresponsive when closing,
// it should be cancelled when we can prove that the window is responsive.

View file

@ -31,7 +31,7 @@ const char kKiosk[] = "kiosk";
// Make windows stays on the top of all other windows.
const char kAlwaysOnTop[] = "always-on-top";
const char kIframeSecurity[] = "iframe-security";
const char kNodeIntegration[] = "node-integration";
} // namespace switches

View file

@ -26,7 +26,7 @@ extern const char kResizable[];
extern const char kFullscreen[];
extern const char kKiosk[];
extern const char kAlwaysOnTop[];
extern const char kIframeSecurity[];
extern const char kNodeIntegration[];
} // namespace switches

View file

@ -55,6 +55,9 @@ bool AtomRenderViewObserver::OnMessageReceived(const IPC::Message& message) {
void AtomRenderViewObserver::OnBrowserMessage(const string16& channel,
const base::ListValue& args) {
if (!render_view()->GetWebView())
return;
WebKit::WebFrame* frame = render_view()->GetWebView()->mainFrame();
if (!renderer_client_->IsNodeBindingEnabled(frame))
return;

View file

@ -18,13 +18,17 @@
namespace atom {
AtomRendererClient::AtomRendererClient()
: iframe_security_(FULL) {
std::string security = CommandLine::ForCurrentProcess()->
GetSwitchValueASCII(switches::kIframeSecurity);
if (security == "manual")
iframe_security_ = MANUAL;
else if (security == "none")
iframe_security_ = NONE;
: node_integration_(ALL),
main_frame_(NULL) {
// Translate the token.
std::string token = CommandLine::ForCurrentProcess()->
GetSwitchValueASCII(switches::kNodeIntegration);
if (token == "except-iframe")
node_integration_ = EXCEPT_IFRAME;
else if (token == "manual-enable-iframe")
node_integration_ = MANUAL_ENABLE_IFRAME;
else if (token == "disable")
node_integration_ = DISABLE;
if (IsNodeBindingEnabled()) {
node_bindings_.reset(NodeBindings::Create(false));
@ -59,6 +63,10 @@ void AtomRendererClient::DidCreateScriptContext(WebKit::WebFrame* frame,
v8::Handle<v8::Context> context,
int extension_group,
int world_id) {
// The first web frame is the main frame.
if (main_frame_ == NULL)
main_frame_ = frame;
if (!IsNodeBindingEnabled(frame))
return;
@ -131,12 +139,17 @@ bool AtomRendererClient::ShouldFork(WebKit::WebFrame* frame,
}
bool AtomRendererClient::IsNodeBindingEnabled(WebKit::WebFrame* frame) {
if (iframe_security_ == FULL)
if (node_integration_ == DISABLE)
return false;
else if (iframe_security_ == MANUAL &&
// Node integration is enabled in main frame unless explictly disabled.
else if (frame == main_frame_)
return true;
else if (node_integration_ == MANUAL_ENABLE_IFRAME &&
frame != NULL &&
frame->uniqueName().utf8().find("-enable-node") == std::string::npos)
return false;
else if (node_integration_ == EXCEPT_IFRAME && frame != NULL)
return false;
else
return true;
}

View file

@ -28,10 +28,11 @@ class AtomRendererClient : public content::ContentRendererClient {
AtomRendererBindings* atom_bindings() const { return atom_bindings_.get(); }
private:
enum IframeSecurity {
FULL,
MANUAL,
NONE,
enum NodeIntegration {
ALL,
EXCEPT_IFRAME,
MANUAL_ENABLE_IFRAME,
DISABLE,
};
virtual void RenderThreadStarted() OVERRIDE;
@ -55,7 +56,11 @@ class AtomRendererClient : public content::ContentRendererClient {
scoped_ptr<NodeBindings> node_bindings_;
scoped_ptr<AtomRendererBindings> atom_bindings_;
IframeSecurity iframe_security_;
// The level of node integration we should support.
NodeIntegration node_integration_;
// The main frame.
WebKit::WebFrame* main_frame_;
DISALLOW_COPY_AND_ASSIGN(AtomRendererClient);
};