* fix: disable remote host nodeIntegration warning for localhost
In warnAboutNodeWithRemoteContent(), add a check to see if the hostname
is "localhost" and prevent the warning message if it is.
* fix: disable loading insecure resources warning for localhost
In warnAboutInsecureResources(), filter out resources from localhost
since they are most likely not a threat.
* test: add tests for ignoring security warnings when using localhost
Add tests for ignoring warning messages for the following scenarios:
1. node integration with remote content from localhost
2. loading insecure resources from localhost
* test: fix insecure resource test
* test: pass nodeIntegration with remote test on did-finish-load
* test: maybe fix node integration test (error w/ conv circular struct)
* test: update test description
* test: use "load" event to check when nodeIntegration test has finished
Instead of relying on the "did-finish-load" event, which may result in
a race condition, add an "onload" handler that logs "loaded" to the
console. This will execute _after_ the nodeIntegration check, so it
can be safely used as a signal to indicate that the test is done.
* test: rename base-page-security-load-message.html
* fix: ignore enabled remote module warning for localhost
* refactor: add isLocalhost()
Fixes#18502
This PR changes the focus and blur events that we emit in Electron to listen to changes in key window rather than main window. It swaps out windowDidBecomeMain and windowDidResignMain for windowDidBecomeKey and windowDidResignKey, respectively.
Fixes#18808
Previously, the triggeredByAccelerator flag would be entirely coupled with whether or not the modifier keys were being used or not.
This PR swaps out the ui::EventFlagsFromModifiers([event modifierFlags])) call in the macOS code to ui::EventFlagsFromNSEventWithModifiers(event, [event modifierFlags])). The latter outputs flags that take into account mouse click events on top of modifier flags (see Chromium documentation).
The business logic to detect triggeredByAccelerator is then changed to exclude any mouse click flags.
* build: move zip manifest logic in zip_manifests dir
* build: remove unused get-version.py script
* chore: move all release/sudowoodo related scripts into script/releases
* chore: update paths to zip manifests in CI configs
* build: fix path to ci release build script for arm tests
* test: move more BrowserWindow specs to main runner
* more movey
* maximized/minimized events don't work on linux?
* try for better printing of non-equal bounds
* add a timeout when checking window bounds after resize
* add a timeout when reading content size
* setTimeout...?
* try a smaller window size
* Initial changes to use crashpad for windows
* Remove crashpad patch
* Report error when failed to connect pipe
* Allow crashpad to communicate with named pipe
* Add patch to make crashpad named pipe work
* Windows also needs crashReporter on main process
* Call SetUnhandledExceptionFilter in node process
Node can also use crash reporter.
* Do not treat node process as browser process
* No more need to manually start crash service
* Use base::StringPrintf for better readbility
* Print error when pipe name not available
* Make sure pipe name is updated
Note that the crashpad may be started after renderer process gets
created.
* Fix some tests
* Update node
* Exclude crashpad files on Linux and MAS
* Fix lint warning
* Remove unused checks
* kCrashpadPipeName is only available on Windows
* Fix uploadToServer tests
* Fix extra params tests
* Fix getCrashesDirectory tests
* Run crashReporter tests on CI
* Style fixes
* Update crashreporter docs
* Rename InitBreakpad to Init
* Add comment for process_type_.empty() and UTF16ToASCII to UTF16ToUTF8.
* Update build.gn include crashpad headers
* Address comment https://github.com/electron/electron/pull/18483#discussion_r290887898
* Avoid using api::WebContents
* Put kRunAsNode in atom_constants
* Remove duplicate settings on upload params
* Fix building on macOS
* Update description for crashpad_pid_check.patch
* Pipe data into HTTP protocol handlers
* Remove unused parameters
* Remove "sending request of http protocol urls" test
Sending request to "http://" in "file://" violates CORS rules and always
fail, before NetworkService somehow Chromium still sent a request even
though the request failed with CORS error, so the test passes while the
test is not valid. With NetworkService no request is sent at all and the
test jsut fails.
So this is an ancient invalid test, as sending http requests have been
fully covered in other tests, I am removing this test.
* fix: properly pass openExternal activate option
A reference to an OpenExternalOptions structure was being captured by an Objective-C block that
outlived the object that was being referenced.
* Fix test in CI
* Don't check for activate on linux
* Close BrowserWindow
* Get a site instance related to current one instead of creation a new one
Using `GetRelatedSiteInstance` will keep the relation (same browsing instance) between the current and the new site instance.
* Some relies on preloads in opened window
The fact that, now, we always have an opener for opened windows diables note integration in opened windows, except if `nodeIntegrationInSubFrames` is enabled.
* Add a test on window.opener after cross-orgin navigation
* Make sure to unregisterProtocol in tests
* Introduc and use a NetworkSandbox for tests
* Modify tests about zoom persistence to properly simulate cross-origin navigation
* Revert "Modify tests about zoom persistence to properly simulate cross-origin navigation"
This reverts commit 0a7537f2eb7f183ddec16637e8a2e92a0d600321.
* refactor: bundle the browser and renderer process electron code
* Bundles browser/init and renderer/init
* Improves load performance of main process by ~40%
* Improves load performance of renderer process by ~30%
* Prevents users from importing our "requiring" our internal logic such
as ipc-main-internal. This makes those message buses safer as they are
less accessible, there is still some more work to be done though to lock
down those buses completely.
* The electron.asar file now only contains 2 files, as a future
improvement maybe we can use atom_natives to ship these two files
embedded in the binary
* This also removes our dependency on browserify which had some strange
edge cases that caused us to have to hack around require-order and
stopped us using certain ES6/7 features we should have been able to use
(async / await in some files in the sandboxed renderer init script)
TLDR: Things are faster and better :)
* fix: I really do not want to talk about it
* chore: add performance improvements from debugging
* fix: resolve the provided path so webpack thinks it is absolute
* chore: fixup per PR review
* fix: use webpacks ProvidePlugin to keep global, process and Buffer alive after deletion from global scope for use in internal code
* fix: bundle worker/init as well to make node-in-workers work
* chore: update wording as per feedback
* chore: make the timers hack work when yarn is not used
* chore: allow conditional disable of the site instance override patches at runtime
* feat: add app.allowRendererProcessReuse property to allow runtime disable of site instance overrides
spec: add tests for the new allowRendererProcessReuse property
feat: add console warnings / errors for loading non context-aware native modules
* Only error if the patch is disabled
* Warn all the time, this will ship in Electron 7
This fixes#18459 by improving the handling of contractions in the spellcheck API. Specifically, it now accepts contraction words where the spellchecker recognizes the whole word, and not, as previously, just if it recognizes all of its parts.
* Compare final data instead of url
The behavior of did-finish-load and getURL has changed for redirects when
using NetworkService, so the test fails for NetworkService.
Comparing the finally received data makes the test more reliable.
* Implement intercept APIs
* Setting mimeType should set "content-type" header
* Passing no argument should not throw JS error
* Don't access api namespace in ProxyingURLLoaderFactory
* No need to create AtomURLLoaderFactory every time
* No use of weak factory
* spec: replace assert with expect in api-browser-view-spec.js
* spec: replace assert with expect in api-touch-bar-spec.js
* spec: replace assert with expect in api-web-frame-spec.js
* spec: replace assert with expect in api-web-contents-view-spec.js
* spec: replace assert with expect in security-warnings-spec.js
* spec: replace assert with expect in api-menu-item-spec.js
* spec: replace assert with expect in api-web-request-spec.js
* spec: replace assert with expect in api-remote-spec.js
* spec: replace assert with expect in api-session-spec.js
* spec: replace assert with expect in api-system-preferences-spec.js
* spec: replace assert with expect in api-browser-window-spec.js
* spec: replace assert with expect in webview-spec.js
* spec: replace assert with expect in api-net-spec.js
* spec: replace assert with expect in api-protocol-spec.js
* spec: replace assert with expect api-web-contents-spec.js
* spec: replace assert with expect in api-shell-spec.js
* spec: replace assert with expect in modules-spec.js
* spec: replace assert with expect in chromium-spec.js
* spec: replace assert with expect in api-crash-reporter-spec.js
* spec: replace assert with expect in asar-spec.js
* spec: rename assert-helpers to expect-helpers
* address PR feedback
This code was originally added in #6448 to handle an edge case crash in 10.9, and we no longer support 10.9 and therefore no longer need to account for this case.
It addressed the crash, but also created a race condition whereby when a new tray is created the old tray's destroy wouldn't have been fully completed and therefore a new one would be spawned. This fixes that by destroying the tray on the current tick once more.
* fix: always have head.headers available
* fix: use StringDataPipeProducer to write string
It can handle large strings correctly.
* fix: override RegisterNonNetworkSubresourceURLLoaderFactories
* fix: add dummy uninterceptProtocol implementation
* fix: jquery error handler can pass empty string
For some errors jquery would pass empty string in the error handler,
which makes tests pass when they should fail.
* chore: fix cpplint warnings
* fix: guard RegisterNonNetworkSubresourceURLLoaderFactories call
It may be called even when NetworkService is not enabled.
* test: disable protocol.interceptHttpProtocol test
* fix: ensure the inspector agent is shutdown before cleaning up the node env
* spec: add tests to ensure clean shutdown with connected inspector agent
* Update node_debugger.cc
* build: ensure consistent package-lock across multiple machines
* build: fix linting errors and use npm ci instead of npm install
* build: use a yarn.lock and yarn instead of package-lock and npm
* chore: replace package-lock.json files with yarn.lock
* chore: replace last instance of `npm install`
* fix: add boringssl backport to support node upgrade
* fix: Update node_includes.h, add DCHECK macros
* fix: Update node Debug Options parser usage
* fix: Fix asar setup
* fix: using v8Util in isolated context
* fix: make "process" available in preload scripts
* fix: use proper options parser and remove setting of _breakFirstLine
_breakFirstLine was being set on the process, but that has changed in node 12 and so is no longer needed. Node will handle it properly when --inspect-brk is provided
* chore: update node dep sha
* fix: process.binding => _linkedBinding in sandboxed isolated preload
* fix: make original-fs work with streams
* build: override node module version
* fix: use _linkedBinding in content_script/init.js
* chore: update node ref in DEPS
* build: node_module_version should be 73
* fix: make OSR work with viz compositor
* fix: update OSR patch
* fix: update patch again
* fix: update viz_osr.patch for macOS
* fix: gn check warnings
* chore: no need to change SoftwareOutputDeviceWinProxy
* chore: add check in case we missed something
* fix: consider scale factor when compare size
* fix: make GPU OSR work
* fix: autofill popups with OSR
* chore: use UNIX line ending for osr_video_consumer
* chore: code is already in defined(OS_MACOSX)
* fix: share same OSR implementation on macOS
This should also fix the crash when there is navigation on macOS.
* test: osr window should not crash after navigation
* fix: make osr work on Mac properly
* fix: software osr on windows
* fix: software osr on Linux
* fix: compilation error introduced with rebase
* fix: split local surface id allocation into two
* Update osr_host_display_client_mac.mm
* chore: update copyright year
* fix: update patch
* spec: clean up after a failed window count assertion
Previously when this assertion failed all tests that ran after the
failed assertion also failed. This ensure that the assertion fails for
the test that actually caused the issue but cleans up the left-over
windows so that future tests do not fail.
* fix: maintain a ref count for objects sent over remote
Previously there was a race condition where a GC could occur in the
renderer process between the main process sending a meta.id and the
renderer pulling the proxy out its weakmap to stop it being GC'ed.
This fixes that race condition by maintaining a "sent" ref count in the
object registry and a "received" ref count in the object cache on the
renderer side. The deref request now sends the number of refs the
renderer thinks it owns, if the number does not match the value in the
object registry it is assumed that there is an IPC message containing a
new reference in flight and this race condition was hit.
The browser side ref count is then reduced and we wait for the new deref
message. This guaruntees that an object will only be removed from the
registry if every reference we sent has been guarunteed to be unreffed.
* fix: match net module headers & http.IncomingMessage headers
* update net doc for cleanliness
* address feedback from review
* Update spec/api-net-spec.js
Co-Authored-By: codebytere <codebytere@github.com>
* add special cookie case
* spec: add tests for the autoUpdater on macOS that actually test if it works
* spec: add express as dep
* spec: add logic to auto-trust self-signed certificate and not run autoupdate specs on MAS
* build: fix the step name for importing the codesign cert
* chore: update updater spec PR as per feedback
* fix: s/atomBinding/electronBinding
* build: use spawn instead of exec
* test: add test for second-instance event parameter
* robustify getting data from child process
* fix test on windows
* fix lint
* Update api-app-spec.js
* fix package-lock.json
* feat: add support for content scripts 'all_frames' option
* merged content script tests
'all_frames' test now runs on all variants of sandbox/contentIsolation configurations :D
* Add content script injector to sandboxed renderer
* Fix 'getRenderProcessPreferences' binding to the wrong object
* Pass getRenderProcessPreferences to content-scripts-injector
* Emit document-start and document-end events in sandboxed renderer
* Use GetContext from RendererClientBase
* Prevent script context crash caused by lazily initialization
* Remove frame filtering logic for onExit callback
Since we're keeping track of which frames we've injected the bundle into, this logic is redundant.
* Add initial content script tests
* Add contextIsolation variants to content script tests
* Add set include
* Fix already loaded extension error
* Add tests for content scripts 'run_at' options
* Catch script injection eval error when CSP forbids it
This can occur in a rendered sandbox when a CSP is enabled. We'll need to switch to using isolated worlds to fix this.
* Fix content script tests not properly cleaning up extensions
* Fix lint and type errors
* chore: roll node
in particular, this picks up electron/node#70a78f07b, which fixes an issue with incorrect usage of the BN_bn2bin_padded API in boringssl
* fix tests
`powerMonitor.querySystemIdleState` and `powerMonitor.querySystemIdleTime` had async backing APIs in chromium (https://chromium-review.googlesource.com/c/chromium/src/+/1379183). However, that has changed in ch73. So, this PR deprecates the old async APIs and adds new sync APIs.
* chore: refactor browser IPC into typescript
* chore: refactor app.ts into Typescript
* Refactors app.dock into cpp
* Removes app.launcher which has not existed for 3 years
* Removes 2 deprecated APIs (that have been deprecated for more than one
major)
* Refactors deprecate.ts as well
* feat: promisify webContents.savePage()
* no need to make compatible w callbacks, we're breaking it
* fix promise resolve type
* address feedback from review
* fix promise return text
* update smoke test
Capturing window thmubnails is expensive as it actually uses the
window capturer and it records one full frame per window and then
downscale to the default size 150x150. When only interested in the
window names or the app icons we do not need all of this.
Underlying change is merged in chromium72 so this patch only modifies
the doc, see:
https://chromium.googlesource.com/chromium/src.git/+log/72.0.3626.52/chrome/browser/media/webrtc/native_desktop_media_list.cc
Example: desktopCapturer.getSources({thumbnailSize: {width: 0, height: 0}}, ...)
Also added a unit test in spec/api-desktop-capturer-spec.js that verifies
that the returned thumbails are of type NativeImage and empty,
when the user disable fetching thumbnails.
notes: Can disable fetching the thumbnails for the DesktopCapturer.
https://github.com/electron/electron/issues/14872
* fix: do not create native api::WebFrame in webFrame
When reloading a page without restarting renderer process (for example
sandbox mode), the blink::WebFrame is not destroyed, but api::WebFrame
is always recreated for the new page context. This leaves a leak of
api::WebFrame.
* fix: remove spell checker when page context is released
It was implemented on Mac and Win but not on X11.
Tested on Ubuntu 16.04 and 18.04.
Also added a unit test in spec/api-browser-window-spec.js.
This test BrowserWindow.moveTop verifies that calling moveTop
on a window does not give the focus to this window.
notes: BrowserWindow.moveTop is now available on Linux/x11
https://github.com/electron/electron/issues/12516
This PR better preserves existing behavior in `deprecate.promisify()` in the cases where the promise fails. Previously, if a callback was only called with `data` instead of `err, data` and the promise was rejected, `data` would be populated with `err`, which could be confusing to users. This makes it such that `err` is called back on promise rejection if a callback is called with `err, data` a la Node.js.
* Run electron tests first to show those failures first
Enable logging on CI
* disable failing tests on Windows 32 bit
* Temporarily disable testing mksnapshot as that seems to hang
* chore: deprecate webFrame.registerURLSchemeAsPrivileged
* Add register schemes protocol api
* update branch to enable browser process API
* Revert deprecation changes
* Fetch API support
* Updated api to take an array, still working on tests
* Update tests
* Remove web frame API
* Minor changes
* update scheme registrations on browser and renderer process
* fix: enable ses.getBlobData spec
* Update breaking changes doc
* feat: promisify the Cookie API
* chore: update specs to test promisified cookies
* chore: add deprecate wrapper for cookie callback API
* docs: update docs to cookie promise changes
* chore: remove redundant namespace use
* docs: improve cookie example
* docs: restore docs for cookie callback API
* chore: restore cookie callback tests
* fix: syntax of cookie promise return types
* feat: add support for node / preloads in subframes
This feature has delibrately been built / implemented in such a way
that it has minimum impact on existing apps / code-paths.
Without enabling the new "nodeSupportInSubFrames" option basically none of this
new code will be hit.
The things that I believe need extra scrutiny are:
* Introduction of `event.reply` for IPC events and usage of `event.reply` instead of `event.sender.send()`
* Usage of `node::FreeEnvironment(env)` when the new option is enabled in order to avoid memory leaks. I have tested this quite a bit and haven't managed to cause a crash but it is still feature flagged behind the "nodeSupportInSubFrames" flag to avoid potential impact.
Closes#10569Closes#10401Closes#11868Closes#12505Closes#14035
* feat: add support preloads in subframes for sandboxed renderers
* spec: add tests for new nodeSupportInSubFrames option
* spec: fix specs for .reply and ._replyInternal for internal messages
* chore: revert change to use flag instead of environment set size
* chore: clean up subframe impl
* chore: apply suggestions from code review
Co-Authored-By: MarshallOfSound <samuel.r.attard@gmail.com>
* chore: clean up reply usage
* chore: fix TS docs generation
* chore: cleanup after rebase
* chore: rename wrap to add in event fns
Unify the behavior between default app and packaged apps:
- create default application menu unless the app has one
- default window-all-closed handling unless the app handles the event
* fix: emit IPC event in correct context if isolation and sandbox enabled
IPC events were not being delivered to renderer processes when both
`contextIsolation` and `sandbox` were enabled. This is because the
`AtomSandboxedRenderFrameObserver` class was incorrectly using the
`MainWorldScriptContext`, rather than conditionally selecting the
context based on if isolation was enabled.
Fixes#11922
* feat: add multi BrowserView support to BrowserWindow
Add functions addBrowserView, removeBroserView, getBrowserViews to
BrowserWindow class. Existing API as setBrowserView and
getBrowserView code replaced to use new api inside.
* fix: for lint and osx compile errors
* fix: lint error in test code
* feat: add multi BrowserView support to BrowserWindow
Add functions addBrowserView, removeBroserView, getBrowserViews to
BrowserWindow class. Existing API as setBrowserView and
getBrowserView code replaced to use new api inside.
* fix: for lint and osx compile errors
* fix: lint error in test code
* fix: method to be accessible on mac api impl
* fix: missed function declarations for mac impl
* fix: use base class reset function
* fix: use Chromium's determined new site instance as candidate when navigating.
When navigating to a new address, consider using Chromium's determined site instance
for the new page as it should belong to an existing browsing instance when the
navigation was triggered by window.open().
fixes 8100.
* Revert "fix: use Chromium's determined new site instance as candidate when navigating."
This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5.
* fix: delegate site instance creation back to content when sandboxed.
* fix: ensure site isolation is on
* test: adapt ut for cross-site navigation
* fix: register pending processes during a navigation.
* refactor: dont call loadURL for a window constructed from an existing webContents.
* test: add sandboxed affinity UT's.
* fix: check affinity before deciding if to force a new site instance.
* chore: adapt subsequent patch.
* refactor: constify logically const methods.
* fix: do not reuse site instances when navigation redirects cross-site.
* test: ensure localStorage accessible after x-site redirect.
* test: adapt localStorage acess denied UT for site isolation.
* fix: do not send render-view-deleted for speculative frames.
* chore: amend tests after rebase.
* test: add ut for webContents' render-view-deleted emission
* fix: introduce current-render-view-deleted for current RVH's deletions.
Revert render-view-deleted to being emitted with any RVH's deletion.
current-render-view-deleted is emitted only when the RVH being deleted
is the current one.
* refactor: style and comments fixed.
* fix: backport patch that ensures that cookie store is always created
* fix: disable cookie encryption
* fix: flush the cookie store when NetworkContext shuts down
* test: add test for cookie store persistance
* Update patches/common/chromium/ensure_cookie_store.patch
Co-Authored-By: brenca <benecene@gmail.com>
* Update patches/common/chromium/ensure_cookie_store.patch
Co-Authored-By: brenca <benecene@gmail.com>
* feat: Implement process.getMemoryFootprint to get the process memory usage
* Add spec
* fix: must enter node env in callback
* Update function call
* Update spec
* Update API data
* update spec
* Update include
* update test for shared bytes
* Update atom/common/api/atom_bindings.cc
Co-Authored-By: nitsakh <nitsakh@icloud.com>
* Update atom/common/api/atom_bindings.cc
Co-Authored-By: nitsakh <nitsakh@icloud.com>
* Update API
* Update the callback isolate
* Update to work after app ready
* Update docs
* Update docs/api/process.md
Co-Authored-By: nitsakh <nitsakh@icloud.com>
* Update docs/api/process.md
Co-Authored-By: nitsakh <nitsakh@icloud.com>
* Fix crash
* Add method to get system´s user region
* Fix linter
* Remove auto types
* Improved detection for POSIX
* Change name, add specs, minor fixes
* Remove left overs
* Fix locale test
* Fix Linux test
* Coding style fixes
* Fix docs
* Add test excaption for Linux
* fix spelling
* Polishing
Extend the existing win.setBounds functionality by allowing developers to partially update bounds without being forced to pass in all four bounds values. No existing functionality is altere
* fix: match Chrome's font fallback behavior
Fixes#15481
* add a cache
* add test
* another test
* fix tests
* arial -> dejavu sans on linux apparently?
* feat: add method to DownloadItem that allows customization of dialog options
* docs: add docs for get/setSaveDialogOptions
* add missing copy constructor for DialogSettings on mac and linux
* fix: don't filter dialog options for mas build, don't return properties
* test: add test for get/setSaveDialogOptions
* fix: remove openDevtools added for debugging
* test: fix failing test because of new event parameter
* docs: use SaveDialogOptions instead of Object
* fix: don't append Shift modifier text twice to accelerators
* style: use the new way of creating patches
* test: add menu item accelerator display tests
* fix: allocate accelerator on the stack
* fix: adjust tests to match expected behavior on mac
* test: add an option to native tests runner to run also disabled tests
* ci: run all native tests on clean Chromium
* ci: update the disabled tests list for native unittests
* fix: child window with nativeWindowOpen should disable node integration
* Revert "fix: do not enable node integration in child window if not enabled (#15076)"
This reverts commit 0252d7686c.
This patch is not needed anymore since we are force disabling node integration
for child windows.
* fix: allow stream protocols to return headers with multiple values
This allows stream protocols to return headers with multiple values as
an array of values.
Fixes https://github.com/electron/electron/issues/14778
* Prefer ConvertFromV8
* Cleanup header conversion
1. Deduplicate the code by using a lambda
2. Remove duplicate calls to headers->Get(key)
* Fix broken test
Headers with multiple values are now being converted correctly, this
test asserted the wrong behavior.
* ci: run unittests on clean Chromium
* test: add '--run-only-disabled-tests' flag to "script/native-tests.py"
* ci: add a job to run only disabled unittests
* test: use a different GN config for the native tests
* test: enable blink_common_unittests
* test: disable WeakPtrDeathTest*
* chore: add tts patch and buildflag, makes tts work again
* chore: add tts patch and buildflag, makes tts work again
* fix: make things compile
* build: add relevant tts files for linux
* fix: update patch and patch description, should now compile on mac
* build: move chrome specific sources under chromium_src:chrome target
* build: enable_extensions again
We are depending on them, check `//electron/chromium_src:chrome` target
for more info.
* fix: update tts.patch to receive notifications about browser context destruction
* fix: extend browser process from chrome layer
The global state g_browser_process is shared between //chrome
and //electron.
* spec: add basic speech synthesis test
* spec: skip speech tests on ci
* build: fix compilation on windows