* feat: Allow detection of MITM HTTPS proxies like ZScaler
For security purposes, Figma heavily restrics the origins that are
allowed to load within our Electron app. Unfortunately some corporate
environments use MITM proxies like ZScaler, which intercepts our
connection to `https://www.figma.com` and serves a redirect to e.g.
`https://gateway.zscloud.net` before finally redirecting back to
`https://www.figma.com`.
In order to detect this situation and handle it gracefully, we need to
be able to know whether or not the certificate for our own origin
(`https://www.figma.com`) is chained to a known root. We do this by
exposesing `CertVerifyResult::is_issued_by_known_root`.
If the certification verification passed without the certificate being
tied to a known root, we can safely assume that we are dealing with a
MITM proxy that has its root CA installed locally on the machine. This
means that HTTPS can't be trusted so we might as well make life easier
for corporate users by loosening our origin restrictions without any
manual steps.
* Tweak docs wording
* feat: enable context isolation by default
* chore: set default in ctx iso getter
* spec: make all specs work with the new contextIsolation default
* spec: fix affinity specs
* spec: update tests for new ctx iso default
* spec: update tests for new ctx iso default
* spec: update tests for new ctx iso default
* spec: update tests for new ctx iso default
* chore: move stray prod deps to dev deps
* spec: update tests for new ctx iso default
* turn off contextIsolation for visibility tests
* turn off contextIsolation for <webview> tag nodeintegration attribute loads native modules when navigation happens
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
* feat: Added support for all proxy modes
This commit extended setProxy to support all proxy modes including
direct, auto_detect, pac_script, fixed_servers and system.
* feat: New api for reload proxy configurations
* fix: let Node.js perform microtask checkpoint in the main process
* fix: don't specify v8::MicrotasksScope for explicit policy
* fix: remove checkpoint from some call-sites
We already perform checkpoint at the end of a task,
either through MicrotaskRunner or through NodeBindings.
There isn't a need to add them again when calling into JS
except when dealing with promises.
* fix: remove checkpoint from some call-sites
We already perform checkpoint at the end of a task,
either through MicrotaskRunner or through NodeBindings.
There isn't a need to add them again when calling into JS
except when dealing with promises.
* fix incorrect specs
* default constructor arguments are considered for explicit mark
* add regression spec
* feat: expose the sameSite value for cookies
* Apply suggestions from code review
Co-Authored-By: Charles Kerr <ckerr@github.com>
* Apply suggestions from code review
Align with cookie samesite values for the extensions API
https://developer.chrome.com/extensions/cookies#type-SameSiteStatus
* chore: add tests for sameSite cookies get/set
* chore: update docs parser
* chore: update docs for MessageChannel and MessagePort to have correct process information
* chore: remove LOG warning
* chore: throw error if the string->samesite conversion fails
Co-authored-by: Charles Kerr <ckerr@github.com>
* fix: correctly set cookie date
* fix: name is not required for setting cookie
* test: clear cookie after each cookie test
* test: should test session property
* chore: style fixes
* fix(urlrequest): allow non-2xx repsponse results
- closes#21046
* test(net): add test cases to verify non-2xx body
* test(session): update spec to match clientrequest behavior
* test(net): update test cases to match clientrequest behavior
* spec: clean up async net spec
