* refactor: clean up webFrame implementation to use gin wrappers
The previous implementation of webFrame in the renderer process leaked
sub-frame contexts and global objects across the context boundaries thus
making it possible for apps to either maliciously or accidentally
violate the contextIsolation boundary.
This re-implementation binds all methods in native code directly to
content::RenderFrame instances instead of relying on JS to provide a
"window" with every method request. This is much more consistent with
the rest of the Electron codebase and is substantially safer.
* chore: un-re-order for ease of review
* chore: pass isolate around instead of ErrorThrower
* chore: fix rebase typo
* chore: remove unused variables
* chore: add types for electron_renderer_web_frame binding
* chore: use keyof for getWebPreference type
Co-authored-by: Samuel Attard <sattard@slack-corp.com>
* initial commit, mac implementation
* add documentation
* convert createThumbnailFromPath to async function
* windows impl protoype
* add tests
* added test
* fix
* fix test
* clean up
* update docs
* cleaning up code
* fix test
* retrigger CI
* retrigger CI
* refactor from app to native_image
* windows build
* lint
* lint
* add smart pointers, fix test
* change tests and update docs
* fix test, remove nolint
* add renderer-main process routing to fix tests
* lint
* thanks sam
* thanks sam
* feat: add worldSafe flag for executeJS results
* chore: do not log warning for webContents.executeJS
* Apply suggestions from code review
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* chore: apply PR feedback
* chore: split logic a bit
* chore: allow primitives through the world safe checl
* chore: clean up per PR feedback
* chore: flip boolean logic
* chore: update per PR feedback
* chore: fix typo
* chore: fix spec
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
We weren't serializing nativeImages properly in the remote module, leading to gin conversion errors when trying to, for example, create a new context menu in the renderer with icons using nativeImage. This fixes that by adding a new special case to handle them.
* refactor: port window.open and window.opener to use ctx bridge instead of hole punching
* refactor: only run the isolated init bundle when webview is enabled
* fix: remove bad usages of for-in and guard against it
* Apply suggestions from code review
Co-Authored-By: Samuel Maddock <samuel.maddock@gmail.com>
* Apply suggestions from code review
Co-Authored-By: Jeremy Apthorp <jeremya@chromium.org>
* Update remote.js
Co-authored-by: Samuel Maddock <samuel.maddock@gmail.com>
Co-authored-by: Jeremy Apthorp <jeremya@chromium.org>
