Detect node integration in JavaScript
This commit is contained in:
parent
04f1860bf5
commit
f629fa7b27
6 changed files with 57 additions and 105 deletions
|
@ -16,6 +16,7 @@ app.on('ready', function() {
|
||||||
width: 800,
|
width: 800,
|
||||||
height: 600,
|
height: 600,
|
||||||
resizable: false,
|
resizable: false,
|
||||||
|
'node-integration': 'disable',
|
||||||
'auto-hide-menu-bar': true,
|
'auto-hide-menu-bar': true,
|
||||||
'use-content-size': true,
|
'use-content-size': true,
|
||||||
'web-preferences': {
|
'web-preferences': {
|
||||||
|
|
|
@ -76,13 +76,6 @@ bool AtomRenderViewObserver::OnMessageReceived(const IPC::Message& message) {
|
||||||
|
|
||||||
void AtomRenderViewObserver::OnBrowserMessage(const base::string16& channel,
|
void AtomRenderViewObserver::OnBrowserMessage(const base::string16& channel,
|
||||||
const base::ListValue& args) {
|
const base::ListValue& args) {
|
||||||
if (!render_view()->GetWebView())
|
|
||||||
return;
|
|
||||||
|
|
||||||
blink::WebFrame* frame = render_view()->GetWebView()->mainFrame();
|
|
||||||
if (!renderer_client_->IsNodeBindingEnabled(frame))
|
|
||||||
return;
|
|
||||||
|
|
||||||
renderer_client_->atom_bindings()->OnBrowserMessage(
|
renderer_client_->atom_bindings()->OnBrowserMessage(
|
||||||
render_view(), channel, args);
|
render_view(), channel, args);
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,6 @@
|
||||||
#include "base/command_line.h"
|
#include "base/command_line.h"
|
||||||
#include "native_mate/converter.h"
|
#include "native_mate/converter.h"
|
||||||
#include "third_party/WebKit/public/web/WebCustomElement.h"
|
#include "third_party/WebKit/public/web/WebCustomElement.h"
|
||||||
#include "third_party/WebKit/public/web/WebDocument.h"
|
|
||||||
#include "third_party/WebKit/public/web/WebFrame.h"
|
#include "third_party/WebKit/public/web/WebFrame.h"
|
||||||
#include "third_party/WebKit/public/web/WebKit.h"
|
#include "third_party/WebKit/public/web/WebKit.h"
|
||||||
#include "third_party/WebKit/public/web/WebRuntimeFeatures.h"
|
#include "third_party/WebKit/public/web/WebRuntimeFeatures.h"
|
||||||
|
@ -30,13 +29,6 @@ namespace atom {
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
|
|
||||||
// Security tokens.
|
|
||||||
const char* kSecurityAll = "all";
|
|
||||||
const char* kSecurityExceptIframe = "except-iframe";
|
|
||||||
const char* kSecurityManualEnableIframe = "manual-enable-iframe";
|
|
||||||
const char* kSecurityDisable = "disable";
|
|
||||||
const char* kSecurityEnableNodeIntegration = "enable-node-integration";
|
|
||||||
|
|
||||||
bool IsSwitchEnabled(base::CommandLine* command_line,
|
bool IsSwitchEnabled(base::CommandLine* command_line,
|
||||||
const char* switch_string,
|
const char* switch_string,
|
||||||
bool* enabled) {
|
bool* enabled) {
|
||||||
|
@ -74,24 +66,9 @@ class AtomRenderFrameObserver : public content::RenderFrameObserver {
|
||||||
} // namespace
|
} // namespace
|
||||||
|
|
||||||
AtomRendererClient::AtomRendererClient()
|
AtomRendererClient::AtomRendererClient()
|
||||||
: node_integration_(EXCEPT_IFRAME),
|
: node_bindings_(NodeBindings::Create(false)),
|
||||||
|
atom_bindings_(new AtomRendererBindings),
|
||||||
main_frame_(NULL) {
|
main_frame_(NULL) {
|
||||||
// Translate the token.
|
|
||||||
std::string token = CommandLine::ForCurrentProcess()->
|
|
||||||
GetSwitchValueASCII(switches::kNodeIntegration);
|
|
||||||
if (token == kSecurityExceptIframe)
|
|
||||||
node_integration_ = EXCEPT_IFRAME;
|
|
||||||
else if (token == kSecurityManualEnableIframe)
|
|
||||||
node_integration_ = MANUAL_ENABLE_IFRAME;
|
|
||||||
else if (token == kSecurityDisable)
|
|
||||||
node_integration_ = DISABLE;
|
|
||||||
else if (token == kSecurityAll)
|
|
||||||
node_integration_ = ALL;
|
|
||||||
|
|
||||||
if (IsNodeBindingEnabled()) {
|
|
||||||
node_bindings_.reset(NodeBindings::Create(false));
|
|
||||||
atom_bindings_.reset(new AtomRendererBindings);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
AtomRendererClient::~AtomRendererClient() {
|
AtomRendererClient::~AtomRendererClient() {
|
||||||
|
@ -103,9 +80,6 @@ void AtomRendererClient::WebKitInitialized() {
|
||||||
blink::WebCustomElement::addEmbedderCustomElementName("webview");
|
blink::WebCustomElement::addEmbedderCustomElementName("webview");
|
||||||
blink::WebCustomElement::addEmbedderCustomElementName("browserplugin");
|
blink::WebCustomElement::addEmbedderCustomElementName("browserplugin");
|
||||||
|
|
||||||
if (!IsNodeBindingEnabled())
|
|
||||||
return;
|
|
||||||
|
|
||||||
node_bindings_->Initialize();
|
node_bindings_->Initialize();
|
||||||
node_bindings_->PrepareMessageLoop();
|
node_bindings_->PrepareMessageLoop();
|
||||||
|
|
||||||
|
@ -146,9 +120,6 @@ void AtomRendererClient::DidCreateScriptContext(blink::WebFrame* frame,
|
||||||
if (main_frame_ == NULL)
|
if (main_frame_ == NULL)
|
||||||
main_frame_ = frame;
|
main_frame_ = frame;
|
||||||
|
|
||||||
if (!IsNodeBindingEnabled(frame))
|
|
||||||
return;
|
|
||||||
|
|
||||||
v8::Context::Scope scope(context);
|
v8::Context::Scope scope(context);
|
||||||
|
|
||||||
// Check the existance of process object to prevent duplicate initialization.
|
// Check the existance of process object to prevent duplicate initialization.
|
||||||
|
@ -177,9 +148,6 @@ void AtomRendererClient::WillReleaseScriptContext(
|
||||||
blink::WebFrame* frame,
|
blink::WebFrame* frame,
|
||||||
v8::Handle<v8::Context> context,
|
v8::Handle<v8::Context> context,
|
||||||
int world_id) {
|
int world_id) {
|
||||||
if (!IsNodeBindingEnabled(frame))
|
|
||||||
return;
|
|
||||||
|
|
||||||
node::Environment* env = node::Environment::GetCurrent(context);
|
node::Environment* env = node::Environment::GetCurrent(context);
|
||||||
if (env == NULL) {
|
if (env == NULL) {
|
||||||
LOG(ERROR) << "Encounter a non-node context when releasing script context";
|
LOG(ERROR) << "Encounter a non-node context when releasing script context";
|
||||||
|
@ -225,27 +193,6 @@ bool AtomRendererClient::ShouldFork(blink::WebFrame* frame,
|
||||||
return http_method == "GET";
|
return http_method == "GET";
|
||||||
}
|
}
|
||||||
|
|
||||||
bool AtomRendererClient::IsNodeBindingEnabled(blink::WebFrame* frame) {
|
|
||||||
if (node_integration_ == DISABLE)
|
|
||||||
return false;
|
|
||||||
// Node integration is enabled in main frame unless explictly disabled.
|
|
||||||
else if (frame == main_frame_)
|
|
||||||
return true;
|
|
||||||
// Enable node integration in chrome extensions.
|
|
||||||
else if (frame != NULL &&
|
|
||||||
GURL(frame->document().url()).SchemeIs("chrome-extension"))
|
|
||||||
return true;
|
|
||||||
else if (node_integration_ == MANUAL_ENABLE_IFRAME &&
|
|
||||||
frame != NULL &&
|
|
||||||
frame->uniqueName().utf8().find(kSecurityEnableNodeIntegration)
|
|
||||||
== std::string::npos)
|
|
||||||
return false;
|
|
||||||
else if (node_integration_ == EXCEPT_IFRAME && frame != NULL)
|
|
||||||
return false;
|
|
||||||
else
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
void AtomRendererClient::EnableWebRuntimeFeatures() {
|
void AtomRendererClient::EnableWebRuntimeFeatures() {
|
||||||
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
|
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
|
||||||
bool b;
|
bool b;
|
||||||
|
|
|
@ -26,8 +26,6 @@ class AtomRendererClient : public content::ContentRendererClient,
|
||||||
AtomRendererClient();
|
AtomRendererClient();
|
||||||
virtual ~AtomRendererClient();
|
virtual ~AtomRendererClient();
|
||||||
|
|
||||||
bool IsNodeBindingEnabled(blink::WebFrame* frame = NULL);
|
|
||||||
|
|
||||||
// Forwarded by RenderFrameObserver.
|
// Forwarded by RenderFrameObserver.
|
||||||
void WillReleaseScriptContext(blink::WebFrame* frame,
|
void WillReleaseScriptContext(blink::WebFrame* frame,
|
||||||
v8::Handle<v8::Context> context,
|
v8::Handle<v8::Context> context,
|
||||||
|
@ -70,9 +68,6 @@ class AtomRendererClient : public content::ContentRendererClient,
|
||||||
scoped_ptr<NodeBindings> node_bindings_;
|
scoped_ptr<NodeBindings> node_bindings_;
|
||||||
scoped_ptr<AtomRendererBindings> atom_bindings_;
|
scoped_ptr<AtomRendererBindings> atom_bindings_;
|
||||||
|
|
||||||
// The level of node integration we should support.
|
|
||||||
NodeIntegration node_integration_;
|
|
||||||
|
|
||||||
// The main frame.
|
// The main frame.
|
||||||
blink::WebFrame* main_frame_;
|
blink::WebFrame* main_frame_;
|
||||||
|
|
||||||
|
|
|
@ -20,37 +20,19 @@ globalPaths.push path.join(process.resourcesPath, 'app')
|
||||||
# Import common settings.
|
# Import common settings.
|
||||||
require path.resolve(__dirname, '..', '..', 'common', 'lib', 'init.js')
|
require path.resolve(__dirname, '..', '..', 'common', 'lib', 'init.js')
|
||||||
|
|
||||||
# Expose global variables.
|
# Process command line arguments.
|
||||||
global.require = require
|
isGuest = false
|
||||||
global.module = module
|
nodeIntegration = 'all'
|
||||||
|
for arg in process.argv
|
||||||
# Emit the 'exit' event when page is unloading.
|
if arg is '--guest'
|
||||||
window.addEventListener 'unload', ->
|
# This is a guest web view.
|
||||||
process.emit 'exit'
|
isGuest = true
|
||||||
|
# Set the frame name to make AtomRendererClient recognize this guest.
|
||||||
# Set the __filename to the path of html file if it's file: or asar: protocol.
|
require('web-frame').setName 'ATOM_SHELL_GUEST_WEB_VIEW'
|
||||||
if window.location.protocol in ['file:', 'asar:']
|
else
|
||||||
pathname =
|
index = arg.indexOf '--node-integration='
|
||||||
if process.platform is 'win32' and window.location.pathname[0] is '/'
|
continue unless index == 0
|
||||||
window.location.pathname.substr 1
|
nodeIntegration = arg.substr arg.indexOf('=') + 1
|
||||||
else
|
|
||||||
window.location.pathname
|
|
||||||
global.__filename = path.normalize decodeURIComponent(pathname)
|
|
||||||
global.__dirname = path.dirname global.__filename
|
|
||||||
|
|
||||||
# Set module's filename so relative require can work as expected.
|
|
||||||
module.filename = global.__filename
|
|
||||||
|
|
||||||
# Also search for module under the html file.
|
|
||||||
module.paths = module.paths.concat Module._nodeModulePaths(global.__dirname)
|
|
||||||
else
|
|
||||||
global.__filename = __filename
|
|
||||||
global.__dirname = __dirname
|
|
||||||
|
|
||||||
if '--guest' in process.argv
|
|
||||||
# This is a guest web view.
|
|
||||||
isGuest = true
|
|
||||||
require('web-frame').setName 'ATOM_SHELL_GUEST_WEB_VIEW'
|
|
||||||
|
|
||||||
if location.protocol is 'chrome-devtools:'
|
if location.protocol is 'chrome-devtools:'
|
||||||
# Override some inspector APIs.
|
# Override some inspector APIs.
|
||||||
|
@ -63,3 +45,44 @@ else
|
||||||
require path.join(__dirname, 'override')
|
require path.join(__dirname, 'override')
|
||||||
# Load webview tag implementation.
|
# Load webview tag implementation.
|
||||||
require path.join(__dirname, 'web-view') unless isGuest
|
require path.join(__dirname, 'web-view') unless isGuest
|
||||||
|
|
||||||
|
if nodeIntegration in ['true', 'all', 'except-iframe', 'manual-enable-iframe']
|
||||||
|
# Export node bindings to global.
|
||||||
|
global.require = require
|
||||||
|
global.module = module
|
||||||
|
|
||||||
|
# Set the __filename to the path of html file if it's file: or asar: protocol.
|
||||||
|
if window.location.protocol in ['file:', 'asar:']
|
||||||
|
pathname =
|
||||||
|
if process.platform is 'win32' and window.location.pathname[0] is '/'
|
||||||
|
window.location.pathname.substr 1
|
||||||
|
else
|
||||||
|
window.location.pathname
|
||||||
|
global.__filename = path.normalize decodeURIComponent(pathname)
|
||||||
|
global.__dirname = path.dirname global.__filename
|
||||||
|
|
||||||
|
# Set module's filename so relative require can work as expected.
|
||||||
|
module.filename = global.__filename
|
||||||
|
|
||||||
|
# Also search for module under the html file.
|
||||||
|
module.paths = module.paths.concat Module._nodeModulePaths(global.__dirname)
|
||||||
|
else
|
||||||
|
global.__filename = __filename
|
||||||
|
global.__dirname = __dirname
|
||||||
|
|
||||||
|
# Redirect window.onerror to uncaughtException.
|
||||||
|
window.onerror = (error) ->
|
||||||
|
if global.process.listeners('uncaughtException').length > 0
|
||||||
|
global.process.emit 'uncaughtException', error
|
||||||
|
true
|
||||||
|
else
|
||||||
|
false
|
||||||
|
|
||||||
|
# Emit the 'exit' event when page is unloading.
|
||||||
|
window.addEventListener 'unload', ->
|
||||||
|
process.emit 'exit'
|
||||||
|
else
|
||||||
|
# There still some native initialization codes needs "process", delete the
|
||||||
|
# global reference after they are done.
|
||||||
|
setImmediate ->
|
||||||
|
delete global.process
|
||||||
|
|
|
@ -1,10 +1,3 @@
|
||||||
# Redirect window.onerror to uncaughtException.
|
|
||||||
window.onerror = (error) ->
|
|
||||||
if global.process.listeners('uncaughtException').length > 0
|
|
||||||
global.process.emit 'uncaughtException', error
|
|
||||||
true
|
|
||||||
else
|
|
||||||
false
|
|
||||||
|
|
||||||
# Override default window.close, see:
|
# Override default window.close, see:
|
||||||
# https://github.com/atom/atom-shell/issues/70
|
# https://github.com/atom/atom-shell/issues/70
|
||||||
|
|
Loading…
Reference in a new issue