* feat: Allow detection of MITM HTTPS proxies like ZScaler
For security purposes, Figma heavily restrics the origins that are
allowed to load within our Electron app. Unfortunately some corporate
environments use MITM proxies like ZScaler, which intercepts our
connection to `https://www.figma.com` and serves a redirect to e.g.
`https://gateway.zscloud.net` before finally redirecting back to
`https://www.figma.com`.
In order to detect this situation and handle it gracefully, we need to
be able to know whether or not the certificate for our own origin
(`https://www.figma.com`) is chained to a known root. We do this by
exposesing `CertVerifyResult::is_issued_by_known_root`.
If the certification verification passed without the certificate being
tied to a known root, we can safely assume that we are dealing with a
MITM proxy that has its root CA installed locally on the machine. This
means that HTTPS can't be trusted so we might as well make life easier
for corporate users by loosening our origin restrictions without any
manual steps.
* Tweak docs wording
* mac: add dialog.closeMessageBox API
* win: Implement dialog.closeMessageBox
* mac: Return cancelId with closeMessageBox
* gtk: Implement dialog.closeMessageBox
* win: Fix 32bit build
* win: Reduce the scope of lock
* fix: Build error after rebase
* feat: Use AbortSignal to close message box
* chore: silently handle duplicate ID
* win: Add more notes about the threads
* chore: apply reviews
* fix: base::NoDestructor should be warpped in function
* chore: fix style on windows
* fix: microtasks policy in CreateEnvironment
Microtasks policy should not be updated for the renderer because
`NodeBindings::CreateEnvironment` might be entered with or without
`UvRunOnce()` on stack. One of the examples of such calls is
`window.open()` which is possible to invoke while `uv_run()` is still
running (e.g. with `setImmediate()`).
All in all, it doesn't matter that much which policy we use since
`v8::MicrotasksScope` has a check for the policy in its destructor and
no commits will be made if the policy is `kExplicit`. It is important,
however, to not change the policy in the middle of `UvRunOnce()` so we
should respect whatever we currently have and move on.
Fix: #29463
* Move test to a better place
* Update spec-main/fixtures/crash-cases/setimmediate-window-open-crash/index.html
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
* Update spec-main/fixtures/crash-cases/setimmediate-window-open-crash/index.html
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
* simplify crash-case
* comment
* fix comment
Co-authored-by: Fedor Indutny <79877362+indutny-signal@users.noreply.github.com>
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
Co-authored-by: Fedor Indutny <indutny@signal.org>
* refactor: use PathProvider for user-data-dir and others
* consolidate logic for DIR_RECENT and DIR_APP_LOGS into path provider
* fix bad include
* remove debugging code
* fix build on mac
* fix build on win
* create app logs dir on both mac and non-mac
* fix: correctly handle shifted char in accelerator
* test: use actual accelerator of NSMenuItem
* chore: simplify KeyboardCodeFromStr
* chore: GetAcceleratorTextAt is testing only
* feat: emit resize edge with will-resize event
fix: wparam type
fix: private member usage on mac
docs: will-resize event edge option
refactor: 'info' -> 'details' for better type gen
* Update docs/api/browser-window.md
Co-authored-by: Samuel Attard <samuel.r.attard@gmail.com>
* Update docs/api/browser-window.md
Co-authored-by: Samuel Attard <samuel.r.attard@gmail.com>
* chore: bump chromium in DEPS to 92.0.4500.2
* resolve conflicts
* update patches
* chore: cherry-pick 82434206f306 from chromium (#29060)
* fix patch
* chore: bump chromium in DEPS to 92.0.4501.0
* chore: bump chromium in DEPS to 92.0.4502.0
* chore: bump chromium in DEPS to 92.0.4503.0
* chore: update patches
* 2869869: [Code Health] Refactor ListValue::Insert in gpu compositor
https://chromium-review.googlesource.com/c/chromium/src/+/2869869
* 2877924: Separate InkDropHost from InkDropHostView
https://chromium-review.googlesource.com/c/chromium/src/+/2877924
* chore: bump chromium in DEPS to 92.0.4504.0
* update patches
* Fixup for Separate InkDropHost from InkDropHostView
https://chromium-review.googlesource.com/c/chromium/src/+/2877924
* 2873469: Compute hashes of .pak files during the build, and check it at runtime.
https://chromium-review.googlesource.com/c/chromium/src/+/2873469
* 2874397: Remove flag to disable microtasks scope consistency checks
https://chromium-review.googlesource.com/c/v8/v8/+/2874397
* 2881471: Remove unneeded trace_event.h includes in headers.
https://chromium-review.googlesource.com/c/chromium/src/+/2881471
* 2844717: [Keyboard Tooltip] Rename RWHV*::SetTooltipText to UpdateTooltipUnderCursor
https://chromium-review.googlesource.com/c/chromium/src/+/2844717
* chore: bump chromium in DEPS to 92.0.4505.0
* chore: update patches
* 2883887: Retire ScopedObserver in /chrome/browser/predictors.
https://chromium-review.googlesource.com/c/chromium/src/+/2883887
* 2883694: Retire ScopedObserver in /chrome/browser.
https://chromium-review.googlesource.com/c/chromium/src/+/2883694
* fixup after merge
* fixup: Remove flag to disable microtasks scope consistency checks
* Temporarily disable setcallhandler-test.js nan test
This test should be renabled once https://github.com/electron/electron/pull/29028 lands
* Use gin_helper::MicrotasksScope instead of v8::MicrotasksScope
* chore: bump chromium in DEPS to 92.0.4506.0
* update patches
* Revert "update patches"
This reverts commit 333ec0d4c205bd3cbee28d2bc3d068871dbb900a.
* Revert "chore: bump chromium in DEPS to 92.0.4506.0"
This reverts commit 2bd52f8cd89b173c8b15a61d74fa7539cdbf574b.
* Fixup: Use gin_helper::MicrotasksScope instead of v8::MicrotasksScope
* Fixup: Use gin_helper::MicrotasksScope instead of v8::MicrotasksScope
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
* fix: prevent crash when error occurs during event emitter CallMethod
* wip: emit error event within trycatch
* fix: handle uncaught exceptions within node on web_contents init
* fix: create gin_helper::CallMethodCatchException
* test: add web-contents create crash to test cases
* test: clean up test data for web-contents crash
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* fix: convert CatchException to WebContents static helper method
* fix: restore try_catch to callsite
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* fix: allow Node.js to manage microtasks queue
When `uv_run()` resulted in invocation of JS functions the microtask
queue checkpoint in Node's CallbackScope was a no-op because the
expected microtask queue policy was `kExplicit` and Electron ran under
`kScoped` policy. This change switches policy to `kExplicit` right
before `uv_run()` and reverts it back to original value after `uv_run()`
completes to provide better compatibility with Node.
* add comment