* feat: Allow detection of MITM HTTPS proxies like ZScaler
For security purposes, Figma heavily restrics the origins that are
allowed to load within our Electron app. Unfortunately some corporate
environments use MITM proxies like ZScaler, which intercepts our
connection to `https://www.figma.com` and serves a redirect to e.g.
`https://gateway.zscloud.net` before finally redirecting back to
`https://www.figma.com`.
In order to detect this situation and handle it gracefully, we need to
be able to know whether or not the certificate for our own origin
(`https://www.figma.com`) is chained to a known root. We do this by
exposesing `CertVerifyResult::is_issued_by_known_root`.
If the certification verification passed without the certificate being
tied to a known root, we can safely assume that we are dealing with a
MITM proxy that has its root CA installed locally on the machine. This
means that HTTPS can't be trusted so we might as well make life easier
for corporate users by loosening our origin restrictions without any
manual steps.
* Tweak docs wording
* chore: bump chromium in DEPS to 46d2d82e84d73806da623c5333dae4dd218172df
* chore: bump chromium in DEPS to cbafe74731a5d1e59844ca59e0fc28f4a5f80a33
* chore: bump chromium in DEPS to d5dcd6b5cc76f4e1732083d775cdd7b533f0abe9
* Update patches
* update for lint
* Fix compilation errors
* chore: bump chromium in DEPS to 1c19360fdaaf65d4ed006736c7f9804104095990
* Replace removed constant
* chore: bump chromium in DEPS to 3b6639f5da26c1772c5d4f3ba634aca65df75fec
* chore: bump chromium in DEPS to cc6b1b930d4b5eca06701820dac54fa0f41e8999
* chore: bump chromium in DEPS to 7d1445641ad1032c67f731ba6ff7798f29349ade
* chore: bump chromium in DEPS to 6f7e5e79cefe982ad84a88927565a88db2e592be
* chore: bump chromium in DEPS to bfb25dafff19cb41bf9781331d19ef0be819d1e4
* chore: bump chromium in DEPS to 1a8196b39f0e0cdc4935fd122fff5625d5fab06e
* chore: bump chromium in DEPS to 9a03d8d2bb38ad8c0cbb9550ca81b2f94ff60c15
* chore: bump chromium in DEPS to 4c67f3505dab2d5457adb418cd3270a4f3236fd0
* chore: bump chromium in DEPS to 652394e7626fc1ae895a53fb34c64070494e648e
* chore: bump chromium in DEPS to 07653652c58cc019af7f833bd63eb0c2eceaab5e
* chore: bump chromium in DEPS to 451a1c5fec1fb073a5bae12a033bb342c72c905f
* chore: bump chromium in DEPS to 86cdba00e233899a232868b412b333d08db63478
* chore: bump chromium in DEPS to 7c322faad1aee8abef2330d74aabf09ecf8c11af
* Update patches
* chore: bump chromium in DEPS to d0044fae7efc29eb201cfdd5fdbed77d48aba212
* Replace IsProcessingUserGesture with HasTransientUserActivation
4baa9a6e85
* Fix 10.15 sdk build
0eaa6db358
* Remove CancelPrerender
5eb3329719
* Remove no longer used WebFloatPoint
43ab96ce6b
* Use base::span<const uint8_t> for devtools messages in content/public
21e19401af
* Update renamed header files
* TODO: update with upstream changes
This code needs to be updated to handle the changes made in:
19be6547a9
* chore: bump chromium in DEPS to 82e5a2c6bd33c2e53634a09fbcbc9fcac1e7ff93
* chore: bump chromium in DEPS to 91f877cadd2995201c276e952b3bf2c60b226c64
* chore: bump chromium in DEPS to 43fcd2ab2677a06d38246b42761dc5b40cf87177
* chore: bump chromium in DEPS to e30957dcb710c0977a7ff95b8d3cf65843df12ca
* chore: bump chromium in DEPS to 6a8335a56db12aae2fd06296f82579d804d92217
* chore: bump chromium in DEPS to a4a436cbc28ace88d71752f8f479e59559e54e46
* chore: bump chromium in DEPS to 982bbd0e4b2e1d57d515f384f6483ffc0d7073ad
* chore: bump chromium in DEPS to 92bb7a99f84ffcdf41d4edca57e90b1f0c7c6c8b
* update patches
* add checkout_google_benchmark gclient var
* FIXME: workaround grit bug
* chore: bump chromium in DEPS to d3623fc53615739e6b59340a5d349e4b397cb7c5
* update patches
* Remove color arg from DidChangeThemeColor().
https://chromium-review.googlesource.com/c/chromium/src/+/1982623
* update CreateFileURLLoader with new suffix
CL: https://chromium-review.googlesource.com/c/chromium/src/+/1981414
* add node patch for removal of task API in v8
CL: https://chromium-review.googlesource.com/c/v8/v8/+/1868620
* add disable_secure_dns param for WillCreateURLLoaderFactory
CL: https://chromium-review.googlesource.com/c/chromium/src/+/1888099
* switch to mojo-ified PrintMsg_PrintPreview
CL: https://chromium-review.googlesource.com/c/chromium/src/+/1972307
* chore: bump chromium in DEPS to e7a6d173632660b6aeb9806e9132c34a315331c2
* update missing chrome/browser/ssl:proto dependency after chrome removal
CL: https://chromium-review.googlesource.com/c/chromium/src/+/1986082
* chore: add libvulkan.so to the linux manifest
CL: https://chromium-review.googlesource.com/c/chromium/src/+/1973042
* revert DidChangeThemeColor ternary change due to templates
* match Chrome's mojo-ified implementation in geolocation_permission_context.cc
CL: https://chromium-review.googlesource.com/c/chromium/src/+/1963371
* add vulkan-1.dll to zips
2d6f74c6d4
* add bug link to fixme_grit_conflicts.patch
* Introduce device.mojom.DeviceService
https://chromium-review.googlesource.com/c/chromium/src/+/1956277
* PDF Compositor rename to Print Compositor
https://chromium-review.googlesource.com/c/chromium/src/+/1981135
* chore: bump chromium_version 00362ea584735b4acf4c5a0e1912d7987f8645ab
* chore: update patches
* Use a virtual base class to provide GetWidget().
https://chromium-review.googlesource.com/c/chromium/src/+/1996948
* [base] Remove usage of base::CurrentThread
https://chromium-review.googlesource.com/c/chromium/src/+/1962019
* chore: gn format
* Revert "ci: Use Visual Studio Build Tools instead of VS Studio (#21771)"
This reverts commit 9c1310dadc.
* fix: trigger resize when iframe requests fullscreen
* fix: Locking scheme registry is not necessary
https://chromium-review.googlesource.com/c/chromium/src/+/1973198
* chore: bump chromium f707f1d6d428f84cf14b64bc2ca74372e25c6ce7
* chore: update patches
* ui/base/clipboard: Remove redundant ANSI format functions
https://chromium-review.googlesource.com/c/chromium/src/+/1992015
* [base] Prepare //chrome for Value::GetList() switch
https://chromium-review.googlesource.com/c/chromium/src/+/1962255
Co-authored-by: John Kleinschmidt <jkleinsc@github.com>
Co-authored-by: loc <andy@slack-corp.com>
Co-authored-by: Jeremy Apthorp <nornagon@nornagon.net>
Co-authored-by: Robo <hop2deep@gmail.com>
* fix: restore parts of original ResourceRequestBody V8 conversion
Restore some of the original conversion logic in order to fix target=_blank post form submissions.
* test: add test for POST form submission
* refactor: convert Menu and globalShortcut to gin
* refactor: convert api::Cookies to gin
* refactor: convert View and WebContentsView to gin
* refactor: convert WebContents related classes to gin
* refactor: convert powerMonitor to gin
* refactor: prepare for header change
* refactor: remove last uses of mate::EventEmitter
* refactor: remove mate::EventEmitter
* refactor: move trackable_object to gin_helper
* fix: custom converter should not use Handle
* fix: no more need to check if icon is empty
It was a bug that the Handle<NativeImage> can be non-empty when the
image file does not exist. The bug was caused by the converter code
writing out the image even when the convertion fails.
The bug was work-arounded by adding an additional check, but since the
original bug had been fixed, the additional check is no longer needed.
* fix: should always set frameId even when callback is null
* fix: do not mix gin/mate handles for NativeImage
* fix: fill uploadData property
* fix: requestHeaders in onBeforeSendHeaders
* fix: responseHeaders in onHeadersReceived
* fix: header keys should not be lowercased
* fix: gin::Dictionary::Get succeeds even though key does not exist...
* fix: throw for invalid filters
* test: re-enable api-web-request-spec
* chore: do not use deprecated base::Value API