Commit graph

176 commits

Author SHA1 Message Date
Jeremy Rose
4ca518468d
feat: remove BrowserWindow option inheritance (#28550) 2021-04-21 10:55:17 -07:00
John Kleinschmidt
afb7d9f550
fix: navigator.setAppBadge/clearAppBadge from a service worker (#27950) 2021-03-05 10:12:03 +09:00
Samuel Attard
186301e126
feat: enable context isolation by default (#26890)
* feat: enable context isolation by default

* chore: set default in ctx iso getter

* spec: make all specs work with the new contextIsolation default

* spec: fix affinity specs

* spec: update tests for new ctx iso default

* spec: update tests for new ctx iso default

* spec: update tests for new ctx iso default

* spec: update tests for new ctx iso default

* chore: move stray prod deps to dev deps

* spec: update tests for new ctx iso default

* turn off contextIsolation for visibility tests

* turn off contextIsolation for <webview> tag nodeintegration attribute loads native modules when navigation happens

Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
2021-03-01 16:52:29 -05:00
Milan Burda
4a5c5843c4
fix: <webview> not working with Trusted Types (#27445) 2021-01-25 10:29:25 +09:00
loc
0b85fdf26c
feat: add webContents.setWindowOpenHandler API (#24517)
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
2020-11-10 09:06:03 -08:00
Robo
b6321cc22d
fix: crash when navigating from a page with webview that has inherited zoom level (#24757)
* fix: cleanup webview zoom level observers on navigation

* add spec

* webview should be on same partition

* wait for webview to finish loading
2020-07-28 13:00:44 -07:00
Samuel Attard
b500294c1d
feat: add worldSafe flag for executeJS results (#24114)
* feat: add worldSafe flag for executeJS results

* chore: do not log warning for webContents.executeJS

* Apply suggestions from code review

Co-authored-by: Jeremy Rose <jeremya@chromium.org>

* chore: apply PR feedback

* chore: split logic a bit

* chore: allow primitives through the world safe checl

* chore: clean up per PR feedback

* chore: flip boolean logic

* chore: update per PR feedback

* chore: fix typo

* chore: fix spec

Co-authored-by: Jeremy Rose <jeremya@chromium.org>
2020-07-23 14:32:20 -07:00
Paul Frazee
c6c022dc46
feat: add {stream} opt to custom protocol registry to configure media player (#22955) 2020-06-08 09:49:36 -07:00
Robo
a707a3eda3
feat: add enableWebSQL webpreference (#23311)
* feat: add enableWebSQL webpreference

* chore: update indexedDB test
2020-05-06 12:52:59 -07:00
Samuel Attard
abe5cf398c
refactor: port window.open and window.opener to use ctx bridge instead of hole punching (#23235)
* refactor: port window.open and window.opener to use ctx bridge instead of hole punching

* refactor: only run the isolated init bundle when webview is enabled
2020-04-27 12:46:04 -07:00
Samuel Attard
5d657dece4
build: enable JS semicolons (#22783) 2020-03-20 13:28:31 -07:00
Jeremy Apthorp
a25d7fa440
fix: emit will-navigate for sandboxed contents (#22188) 2020-02-21 11:08:26 -08:00
Jeremy Apthorp
d590f2efe3
feat: enable pdf viewer (#21794) 2020-02-12 16:39:12 -08:00
Jeremy Apthorp
768a6ace1b
test: move some fixtures from spec/ to spec-main/ (#21403) 2020-01-09 11:50:56 -08:00
loc
5cecc230fb fix: restore POST forms that open a new window with target=_blank (#21469)
* fix: restore parts of original ResourceRequestBody V8 conversion

Restore some of the original conversion logic in order to fix target=_blank post form submissions.

* test: add test for POST form submission
2019-12-11 15:46:25 +09:00
Jeremy Apthorp
26ecf63ab4
test: remove a bunch of usage of the remote module (#21119) 2019-11-14 14:09:03 -08:00
Milan Burda
f1e7393e30 feat: deprecate <webview>.getWebContents() (#20726) 2019-11-07 09:43:19 -08:00
loc
15dffb3dde fix: allow iframe-initiated HTML fullscreen to exit while in macOS fullscreen (#20962)
* fix: explicitly resize the contents when exiting html fullscreen while in OS fullscreen

* test: ensure HTML fullscreen toggles while in OS fullscreen
2019-11-05 13:34:45 -08:00
Jeremy Apthorp
50178d4836
test: remove more unused files (#20529) 2019-10-10 15:20:04 -07:00
Jeremy Apthorp
01448e1235
chore: delete some unreferenced test files (#20511) 2019-10-10 11:24:06 -07:00
Jeremy Apthorp
8de925c4c2
test: move module tests to main process (#20419) 2019-10-09 16:33:15 -07:00
Jeremy Apthorp
2fad53e66b refactor: use v8 serialization for ipc (#20214)
* refactor: use v8 serialization for ipc

* cloning process.env doesn't work

* serialize host objects by enumerating key/values

* new serialization can handle NaN, Infinity, and undefined correctly

* can't allocate v8 objects during GC

* backport microtasks fix

* fix compile

* fix node_stream_loader reentrancy

* update subframe spec to expect undefined instead of null

* write undefined instead of crashing when serializing host objects

* fix webview spec

* fix download spec

* buffers are transformed into uint8arrays

* can't serialize promises

* fix chrome.i18n.getMessage

* fix devtools tests

* fix zoom test

* fix debug build

* fix lint

* update ipcRenderer tests

* fix printToPDF test

* update patch

* remove accidentally re-added remote-side spec

* wip

* don't attempt to serialize host objects

* jump through different hoops to set options.webContents sometimes

* whoops

* fix lint

* clean up error-handling logic

* fix memory leak

* fix lint

* convert host objects using old base::Value serialization

* fix lint more

* fall back to base::Value-based serialization

* remove commented-out code

* add docs to breaking-changes.md

* Update breaking-changes.md

* update ipcRenderer and WebContents docs

* lint

* use named values for format tag

* save a memcpy for ~30% speedup

* get rid of calls to ShallowClone

* extra debugging for paranoia

* d'oh, use the correct named tags

* apparently msstl doesn't like this DCHECK

* funny story about that DCHECK

* disable remote-related functions when enable_remote_module = false

* nits

* use EnableIf to disable remote methods in mojom

* fix include

* review comments
2019-10-09 13:59:08 -04:00
Jeremy Apthorp
96c3fec855
test: remove usage of 'remote' module from webview spec (#20048) 2019-09-03 10:10:58 -07:00
Jeremy Apthorp
f537366387 test: move security warnings spec to main runner (#20055) 2019-09-03 16:02:22 +09:00
Jeremy Apthorp
af138dab55
test: move webRequest spec to main runner (#19992) 2019-08-28 13:56:15 -07:00
Shelley Vohr
e8fa248571
fix: crash in window.print() (#19690)
* fix: crash in window.print()

* add preliminary tests
2019-08-12 23:44:14 -07:00
Cheng Zhao
04dbd5c53f fix: don't handle browser messages before document element is created (#19718)
* fix: don't handle browser messages before document element is created

* fix: bind ElectronApiServiceImpl later

DidCreateDocumentElement is called before the ElectronApiServiceImpl
gets bound.

* chore: add comment
2019-08-12 10:38:41 -07:00
Milan Burda
419ce494e9 refactor: use IPC helpers in window-setup (#17948) 2019-07-09 02:43:49 +03:00
Jerry Wu
dee331519c fix: disable nodeIntegration & insecure resource warnings for localhost (#18814)
* fix: disable remote host nodeIntegration warning for localhost

In warnAboutNodeWithRemoteContent(), add a check to see if the hostname
is "localhost" and prevent the warning message if it is.

* fix: disable loading insecure resources warning for localhost

In warnAboutInsecureResources(), filter out resources from localhost
since they are most likely not a threat.

* test: add tests for ignoring security warnings when using localhost

Add tests for ignoring warning messages for the following scenarios:
  1. node integration with remote content from localhost
  2. loading insecure resources from localhost

* test: fix insecure resource test

* test: pass nodeIntegration with remote test on did-finish-load

* test: maybe fix node integration test (error w/ conv circular struct)

* test: update test description

* test: use "load" event to check when nodeIntegration test has finished

Instead of relying on the "did-finish-load" event, which may result in
a race condition, add an "onload" handler that logs "loaded" to the
console. This will execute _after_ the nodeIntegration check, so it
can be safely used as a signal to indicate that the test is done.

* test: rename base-page-security-load-message.html

* fix: ignore enabled remote module warning for localhost

* refactor: add isLocalhost()
2019-07-02 19:36:50 +09:00
Jeremy Apthorp
ec8697bcdc
test: move protocol specs to main process (#18923) 2019-06-27 14:20:29 -07:00
Micha Hanselmann
504edf2cf6 test: correct fake tests in api-protocol-spec (#18869)
* fix protocol 404 fake tests

* fix another fake test

* fix last fake test (hopefully)
2019-06-19 13:40:49 -07:00
Jeremy Apthorp
e5d1e7b4da fix: move window.open postMessage test to main runner to fix flake (#18735) 2019-06-12 08:35:58 +09:00
Cheng Zhao
8de9ba6df6
chore: run protocol tests in separate WebContents (#18202) 2019-05-10 09:51:44 +09:00
Milan Burda
546466b209 feat: add <webview>.getWebContentsId() (#17407) 2019-03-26 10:57:27 +09:00
Shelley Vohr
3ca87d205f
feat: make zoomLevel/zoomFactor sync (#16410)
* feat: make zoomLevel/zoomFactor sync

* update ts defs dep
2019-01-20 23:40:27 -08:00
Alex Garbutt
dcb670fa46 fix: emit IPC event in correct context if isolation and sandbox enabled (#16352)
* fix: emit IPC event in correct context if isolation and sandbox enabled

IPC events were not being delivered to renderer processes when both
`contextIsolation` and `sandbox` were enabled. This is because the
`AtomSandboxedRenderFrameObserver` class was incorrectly using the
`MainWorldScriptContext`, rather than conditionally selecting the
context based on if isolation was enabled.

Fixes #11922
2019-01-12 14:19:20 +01:00
Robo
52fe92d02e feat: Upgrade to Chromium 71.0.3578.98 (#15966) 2019-01-11 17:00:43 -08:00
Pedro Pontes
9c783f53ba fix: do not allow the window to grab focus when tabbing / shift+tabbing (#16042)
* fix: do not allow the window to grab focus when tabbing / shift+tabbing

* test: add tests.
2018-12-18 23:44:51 -07:00
Cheng Zhao
8584c2f14b
fix: register webview in main world when using contextIsolation (#16067) 2018-12-14 15:38:35 +09:00
Pedro Pontes
d5d1fa8290 fix: use appropriate site instance for cross-site nav's (#15821)
* fix: use Chromium's determined new site instance as candidate when navigating.

When navigating to a new address, consider using Chromium's determined site instance
for the new page as it should belong to an existing browsing instance when the
navigation was triggered by window.open().

fixes 8100.

* Revert "fix: use Chromium's determined new site instance as candidate when navigating."

This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5.

* fix: delegate site instance creation back to content when sandboxed.

* fix: ensure site isolation is on

* test: adapt ut for cross-site navigation

* fix: register pending processes during a navigation.

* refactor: dont call loadURL for a window constructed from an existing webContents.

* test: add sandboxed affinity UT's.

* fix: check affinity before deciding if to force a new site instance.

* chore: adapt subsequent patch.

* refactor: constify logically const methods.

* fix: do not reuse site instances when navigation redirects cross-site.

* test: ensure localStorage accessible after x-site redirect.

* test: adapt localStorage acess denied UT for site isolation.

* fix: do not send render-view-deleted for speculative frames.

* chore: amend tests after rebase.

* test: add ut for webContents' render-view-deleted emission

* fix: introduce current-render-view-deleted for current RVH's deletions.

Revert render-view-deleted to being emitted with any RVH's deletion.
current-render-view-deleted is emitted only when the RVH being deleted
is the current one.

* refactor: style and comments fixed.
2018-12-05 17:03:39 +09:00
Cheng Zhao
ca7dec2082 fix: default prop of location should be empty str 2018-12-04 17:11:26 +09:00
Nitish Sakhawalkar
a9ca152069 feat: Spellchecker Async Implementation (#14032)
* feat:Spellchecker Async Implementation

* Adhere to chromium style

* Updating dependency to use gh branch

* Update docs and electron-typescript-definitions module

* Fix lint

* Update electron typescript definitions version

* Update spec

* Address review
2018-10-18 11:11:53 -05:00
deepak1556
7ec05fb202 spec: update media-started-playing tests based on the autoplay policy 2018-10-09 14:39:39 -07:00
Milan Burda
c61db523c7 refactor: replace var with const / let (#14866) 2018-09-29 09:17:00 +10:00
Milan Burda
38419e3a6a chore: address TODO for WebContents.prototype.setSize / reportRemovedAttribute removal (#14517)
* chore: remove WebContents.prototype.setSize

* chore: remove reportRemovedAttribute

* chore: remove unused fixtures
2018-09-11 17:58:57 +10:00
Milan Burda
c17a1b37ea feat: add event.senderId property to IPCs sent via ipcRenderer.sendTo (#14395) 2018-08-31 20:13:51 -05:00
Milan Burda
e6e3ccfc50 refactor: use std::string instead of base::string16 for IPC channel names (#14286) 2018-08-24 10:30:37 -05:00
Robo
bce5bd87a8 fix: opt into location services once device service has been started (#14253)
* fix: opt into location services once device service has been started

* refactor: provide fake location provider to mock geolocation reponses

* chore: add spec for navigator.geolocation api using fake location provider
2018-08-23 08:51:46 -07:00
Jeremy Apthorp
bdceea6aca fix: enable spell checking, which broke in upgrade to ch66
Chromium commit [03563dd163][1] changed the way that the
spellcheck-enabled status was checked, defaulting to false.

Added the first (!) test for spellchecking, too.

Fixes #13608.

[1]: 03563dd163
2018-07-11 10:27:56 -07:00
Jeremy Apthorp
f50f8e3f3d chore: [gn] fix CSP warning in debugger API test (#13541)
There's an attempt to suppress the warning in `spec/static/main.js`, which
sets `process.env.ELECTRON_DISABLE_SECURITY_WARNINGS`. However, it sets the
variable too late in the boot process: by the time that line in main.js has
run, a child zygote has already been booted. `test.py` works around this by
setting that environment variable outside of the test process, to ensure that
it gets propagated to all children.

I've been running the GN tests directly with `./out/Default/electron
electron/spec`, rather than through the wrapper script, and the
`api-debugger-spec.js` tests were failing, because they depend on a particular
log message being the first one emitted, and the CSP warning was causing that
test to fail, since it wasn't being correctly suppressed.

Instead of writing another wrapper script, this just fixes the underlying thing
that the warning is complaining about, which I think is reasonable because the
test's pass/fail depends on this specific behaviour.
2018-07-06 15:01:33 -04:00