We weren't serializing nativeImages properly in the remote module, leading to gin conversion errors when trying to, for example, create a new context menu in the renderer with icons using nativeImage. This fixes that by adding a new special case to handle them.
There are use cases of webview where the container holding the webview is not
actually destroyed first, instead just webview gets removed from DOM, in such
situations the browser process map is not updated accordingly and holds reference
to stale guest contents, and any window operations like scroll, resize or keyboard
events that has to chain through browser embedder will lead to UAF crash.
Ref: https://github.com/microsoft/vscode/issues/92420
Prevent issues with menu creation and subsequent pane focus from menu bar by preventing menus from being created from an empty array. I can't conceive a valid use case for this, since if one wants to remove a menu they should be be passing null to win.setMenu() or calling win.removeMenu(). This issue is also specific to top-level menus, and not submenus, so the new check and exception is scoped to top-level menus.
* refactor: port window.open and window.opener to use ctx bridge instead of hole punching
* refactor: only run the isolated init bundle when webview is enabled
* test: add pre-change snapshot of new-window event
* move to .ts file for easier diff
* refactor: improve feature string parsing logic
* test: update snapshots
* update type names per review
* update comma-separated parse test
* use for loop instead of reduce per review
* tighten up types
* avoid variable guest contents id returnValue in test snapshot
* chore: add WebContentsView.webContents helper
* chore: no need to handle webContents option
* chore: Create WebContentsView in C++
* chore: make WebContentsView accept web_preferences
* fix: nativeWindowOpen still passes WebContents to BrowserWindow
* chore: no more need of WebContentsViewRelay
* test: WebContentsView now takes options
* fix: avoid creating 2 constructors
* chore: remove unused views API classes
* chore: remove LayoutManager code
* chore: no more need to make View inherit from TrackabeObject
* chore: make enable_view_api default to true
* chore: enable_view_api => enable_views_api
* fix: remove bad usages of for-in and guard against it
* Apply suggestions from code review
Co-Authored-By: Samuel Maddock <samuel.maddock@gmail.com>
* Apply suggestions from code review
Co-Authored-By: Jeremy Apthorp <jeremya@chromium.org>
* Update remote.js
Co-authored-by: Samuel Maddock <samuel.maddock@gmail.com>
Co-authored-by: Jeremy Apthorp <jeremya@chromium.org>
* chore: add deprecation warning on setting app.allowRendererProcessReuse to false
* fix: no deprecation warnings in process reuse spec
* chore: add test for new deprecate removeProperty behavior
* feat: add API for receiving logs from service workers
* feat: add new serviceWorkerContext APIs
* chore: add missing #include's
* refactor: rename serviceWorkerContext to serviceWorkers
* chore: clean up based on review
* chore: remove native_mate
* chore: add tests for the service worker module
* Update spec-main/api-service-workers-spec.ts
Co-Authored-By: Jeremy Apthorp <jeremya@chromium.org>
* chore: fix linting
* chore: handle renames
Co-authored-by: Jeremy Apthorp <nornagon@nornagon.net>
* fix: remove cyclic references in BrowserWindow
* fix: prevent TopLevelWindow from garbage collection
* test: garbage collection of BrowserWindow
* chore: createIDWeakMap is used in tests
* docs: add references to app.whenReady() in isReady
* refactor: prefer app.whenReady()
In the docs, specs, and lib, replace instances of `app.once('ready')`
(seen occasionally) and `app.on('ready')` (extremely common) with
`app.whenReady()`.
It's better to encourage users to use whenReady():
1. it handles the edge case of registering for 'ready' after it's fired
2. it avoids the minor wart of leaving an active listener alive for
an event that wll never fire again
* fix: use powerMonitor.on() only after app is ready
powerMonitor can't be used until the app is ready; however, on Linux,
powerMonitor.on() was called as soon as lib/browser/api/power-monitor.ts
was loaded.
This patch takes @vladimiry's suggestion of wrapping that in an
app.on('ready') handler to prevent powerMonitor.on() from being called
prematurely.
Fixes#21716
* fix: menu visibility should not be overwritten on startup
* fix: removing menu for window without global menubar
* test: setMenu tests are not for mac
* fix: support fitToPageEnabled and scaleFactor
Support fitToPageEnabled and scaleFactor in `WebContents.printToPDF()`
* fix: change default value of scaleFactor
* refactor: use v8 serialization for ipc
* cloning process.env doesn't work
* serialize host objects by enumerating key/values
* new serialization can handle NaN, Infinity, and undefined correctly
* can't allocate v8 objects during GC
* backport microtasks fix
* fix compile
* fix node_stream_loader reentrancy
* update subframe spec to expect undefined instead of null
* write undefined instead of crashing when serializing host objects
* fix webview spec
* fix download spec
* buffers are transformed into uint8arrays
* can't serialize promises
* fix chrome.i18n.getMessage
* fix devtools tests
* fix zoom test
* fix debug build
* fix lint
* update ipcRenderer tests
* fix printToPDF test
* update patch
* remove accidentally re-added remote-side spec
* wip
* don't attempt to serialize host objects
* jump through different hoops to set options.webContents sometimes
* whoops
* fix lint
* clean up error-handling logic
* fix memory leak
* fix lint
* convert host objects using old base::Value serialization
* fix lint more
* fall back to base::Value-based serialization
* remove commented-out code
* add docs to breaking-changes.md
* Update breaking-changes.md
* update ipcRenderer and WebContents docs
* lint
* use named values for format tag
* save a memcpy for ~30% speedup
* get rid of calls to ShallowClone
* extra debugging for paranoia
* d'oh, use the correct named tags
* apparently msstl doesn't like this DCHECK
* funny story about that DCHECK
* disable remote-related functions when enable_remote_module = false
* nits
* use EnableIf to disable remote methods in mojom
* fix include
* review comments
Exposing these in the renderer didn't make sense as they weren't backed
by the same instance / value store. This API should be browser only
especially now that we have nativeTheme.themeSource. Exposing in
//common was a mistake from the beginning.
* feat: add new nativeTheme API
* chore: deprecate and clean up old systemPreferences theme APIs in favor of new nativeTheme module
* chore: clean up and deprecate things per feedback
* chore: add tests for deprecate and clean up invert impl
* build: when is a boolean not a boolean???
* restore stash
revert
some things work others dont
tracking area for rescue
manual popup
restore drag n drop
cleanup
* fix: make tray not block main process (#18880)
* fix: make tray not block main process
* make AtomMenuModel refcounted
* add support for ansi codes in title
add remove TODOs
* chore: use ScopedPumpMessagesInPrivateModes in tray (#18977)
* chore: use ScopedPumpMessagesInPrivateModes in tray
* revert refcounting of AtomMenuModel
* Prefer WeakPtr for posting tasks to handle unexpected destruction
* cleanup .h
* cleanup .mm
* add imports
add missing include
* fix: crash when tray popup called twice (#18999)
* remove highlightMode and TODOs
* remove unnecessary copy
* chore: bump chromium in DEPS to 675d7dc9f3334b15c3ec28c27db3dc19b26bd12e
* chore: update patches
* chore: bump chromium in DEPS to dce3562696f165a324273fcb6893f0e1fef42ab1
* chore: const interfaces are being removed from //content
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1631749
Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=908139
* chore: update patches
* chore: blink::MediaStreamType is now consistent and deduplicated
* chore: update patches and printing code for ref -> uniq
* chore: bridge_impl() --> GetInProcessNSWindowBridge
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1642988
* fixme: TotalMarkedObjectSize has been removed
* chore: fix linting
* chore: bump chromium in DEPS to 9503e1a2fcbf17db08094d8caae3e1407e918af3
* chore: fix slightly broken printing patch
* chore: update patches for SiteInstanceImpl changes
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1612025
* chore: update patches for SiteInstanceImpl changes
* chore: bump chromium in DEPS to 6801e6c1ddd1b7b73e594e97157ddd539ca335d7
* chore: update patches
* chore: bump chromium in DEPS to 27e198912d7c1767052ec785c22e2e88b2cb4d8b
* chore: remove system_request_context
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1647172
* chore: creation of FtpProtocolHandler needs an auth cache
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1639683
* fixme: disable marked spec
* chore: bump chromium in DEPS to 3dcd7fe453ad13a22b114b95f05590eba74c5471
* chore: bump chromium in DEPS to bdc24128b75008743d819e298557a53205706e7c
* chore: bump chromium in DEPS to 7da330b58fbe0ba94b9b94abbb8085bead220228
* update patches
* remove TotalMarkedObjectSize
https://chromium-review.googlesource.com/c/chromium/src/+/1631708
* add libvulkan.so to dist zip manifest on linux
* chore: bump chromium in DEPS to 1e85d0f45b52649efd0010cc9dab6d2804f24443
* update patches
* add angle features to gpuinfo
https://chromium-review.googlesource.com/c/chromium/src/+/1638658
* mark 'marked' property as deprecated
* disable webview resize test
* FIXME: disable vulkan on 32-bit arm
* chore: bump chromium in DEPS to cd0297c6a83fdd2b1f6bc312e7d5acca736a3c56
* Revert "FIXME: disable vulkan on 32-bit arm"
This reverts commit 5c1e0ef302a6db1e72231d4e823f91bb08e281af.
* backport from upstream: fix swiftshader build on arm
https://swiftshader-review.googlesource.com/c/SwiftShader/+/32768/
* update patches
* viz: update OutputDeviceWin to new shared memory api
https://chromium-review.googlesource.com/c/chromium/src/+/1649574
* base::Contains{Key,Value} => base::Contains
https://chromium-review.googlesource.com/c/chromium/src/+/1649478
* fixup! viz: update OutputDeviceWin to new shared memory api
* stub out StatusIconLinuxDbus-related delegate methods
https://chromium-review.googlesource.com/c/chromium/src/+/1638180
* chore: bump chromium in DEPS to 964ea3fd4bdc006d62533f5755043076220181f1
* Remove the BrowserContext methods to create URLRequestContexts for main/media partitions when a partition_domain is specified
https://chromium-review.googlesource.com/c/chromium/src/+/1655087
* fixup! stub out StatusIconLinuxDbus-related delegate methods
* add remote_cocoa to chromium_src deps
https://chromium-review.googlesource.com/c/chromium/src/+/1657068
* fixup! stub out StatusIconLinuxDbus-related delegate methods
* attempt at fix linux-debug build
* add swiftshader/libvulkan.so to arm manifest
* chore: bump chromium in DEPS to 28688f76afef27c36631aa274691e333ddecdc22
* update patches
* chore: bump chromium in DEPS to fe7450e1578a9584189f87d59d0d1a8548bf6b90
* chore: bump chromium in DEPS to f304dfd682dc86a755a6c49a16ee6876e0db45fb
* chore: bump chromium in DEPS to f0fd4d6c365aad9edd83bdfff9954c47d271b75c
* Update patches
* Remove no longer needed WOA patch
* Put back IOThread in BrowserProcess
We need this until we enable the network service.
* move atom.ico to inputs
* Update to latest LKGR to fix no template named 'bitset' in namespace 'std'
* fixup! Put back IOThread in BrowserProcess
* chore: bump chromium in DEPS to dcf9662dc9a896a175d791001350324167b1cad3
* Update patches
content_allow_embedder_to_prevent_locking_scheme_registry.patch is no longer necessary as it was upstreamed via https://chromium-review.googlesource.com/c/chromium/src/+/1637040
* Fix renamed enum
* Use newer docker container
Contains updated dependencies
* Try to track down arm test failures
* Fix arm tests
* chore: bump chromium in DEPS to 8cbceef57b37ee14b9c4c3405a3f7663922c5b5d
* Update patches
* Add needed dependencies for testing 32-bit linux
* Remove arm debugging.
* Remove additional debugging
* Fix compiler errors
* Handle new macOS helper
* Fix compile error on Linux
* chore: bump chromium in DEPS to 66a93991ddaff6a9f1b13d110959947cb03a1860
* Add new helper files to manifests
* fix BUILD.gn for macOS
* Fix compile errors
* Add patch to put back colors needed for autofill/datalist
* chore: bump chromium in DEPS to e89617079f11e33f33cdb3924f719a579c73704b
* Updated patches
* Remove no longer needed patch
* Remove no longer needed patch
* Fix compile error with patch
* Really fix the patch
* chore: bump chromium in DEPS to c70f12476a45840408f1d5ff5968e7f7ceaad9d4
* chore: bump chromium in DEPS to 06d2dd7a8933b41545a7c26349c802f570563fd5
* chore: bump chromium in DEPS to b0b9ff8f727deb519ccbec7cf1c8d9ed543d88ab
* Update patches
* Fix compiler errors
* Fix removed ChromeNetLog
* Revert "Fix removed ChromeNetLog"
This reverts commit 426dfd90b5ab0a9c1df415d71c88e8aed2bd5bbe.
* Remove ChromeNetLog.
https://chromium-review.googlesource.com/c/chromium/src/+/1663846
* chore: bump chromium in DEPS to fefcc4926d58dccd59ac95be65eab3a4ebfe2f29
* Update patches
* Update v8 patches
* Fix lint error
* Fix compile errors
* chore: bump chromium in DEPS to 4de815ef92ef2eef515506fe09bdc466526a8fd9
* Use custom protocol to test baseURLForDataURL
* Use newer SDK (10.0.18362) for Windows
* Update patches
* Update arm manifest since swiftshader reenabled.
* Don't delete dir that isn't ever there.
* Fix compile errors.
* Need src dir created
* Update for removed InspectorFrontendAPI.addExtensions
* Revert "Use newer SDK (10.0.18362) for Windows"
This reverts commit 68763a0c88cdc44b971462e49662aecc167d3d99.
* Revert "Need src dir created"
This reverts commit 7daedc29d0844316d4097648dde7f40f1a3848fb.
* Revert "Don't delete dir that isn't ever there."
This reverts commit bf424bc30ffcb23b1d9a634d4df410342536640e.
* chore: bump chromium in DEPS to 97dab6b0124ea53244caf123921b5d14893bcca7
* chore: bump chromium in DEPS to c87d16d49a85dc7122781f6c979d354c20f7f78b
* chore: bump chromium in DEPS to 004bcee2ea336687cedfda8f8a151806ac757d15
* chore: bump chromium in DEPS to 24428b26a9d15a013b2a253e1084ec3cb54b660b
* chore: bump chromium in DEPS to fd25914e875237df88035a6abf89a70bf1360b57
* Update patches
* Update node to fix build error
* Fix compile errors
* chore: bump chromium in DEPS to 3062b7cf090f1d9522c04ca8fa0a906f88ababe9
* chore: update node ref for pushed tags
* chore: update patches for new chromium
* chore: fix printing patches
* Use new (10.0.18362) Windows SDK
* roll node to fix v8 build issues in debug build
* Add support for plugin helper
* fix: add patch to fix gpu info enumeration
Can be removed once CL lands upstream.
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1685993
* spec: navigator.requestMIDIAccess now requires a secure origin
This test requires a secure origin so we fake one.
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/1657952
* FIXME: temporarily disable SharedWorker tests
* use released version of node-abstractsocket
* fix abstract-socket
Historically, we've been passing in all MessageBox parameters individually, which makes augmenting or improving MessageBox functionality challenging because to change or add even one argument requires a huge cascade of argument changes that leaves room for errors.
For other file dialog related APIs, we use a struct (DialogSettings), and so this PR takes a similar approach and refactors MessageBox parameters into a struct (MessageBoxSettings) which we then use to simplify argument passing and which will enable us to more quickly iterate and improve upon functionality in the future.
* Initial changes to use crashpad for windows
* Remove crashpad patch
* Report error when failed to connect pipe
* Allow crashpad to communicate with named pipe
* Add patch to make crashpad named pipe work
* Windows also needs crashReporter on main process
* Call SetUnhandledExceptionFilter in node process
Node can also use crash reporter.
* Do not treat node process as browser process
* No more need to manually start crash service
* Use base::StringPrintf for better readbility
* Print error when pipe name not available
* Make sure pipe name is updated
Note that the crashpad may be started after renderer process gets
created.
* Fix some tests
* Update node
* Exclude crashpad files on Linux and MAS
* Fix lint warning
* Remove unused checks
* kCrashpadPipeName is only available on Windows
* Fix uploadToServer tests
* Fix extra params tests
* Fix getCrashesDirectory tests
* Run crashReporter tests on CI
* Style fixes
* Update crashreporter docs
* Rename InitBreakpad to Init
* Add comment for process_type_.empty() and UTF16ToASCII to UTF16ToUTF8.
* Update build.gn include crashpad headers
* Address comment https://github.com/electron/electron/pull/18483#discussion_r290887898
* Avoid using api::WebContents
* Put kRunAsNode in atom_constants
* Remove duplicate settings on upload params
* Fix building on macOS
* Update description for crashpad_pid_check.patch
* refactor: bundle the browser and renderer process electron code
* Bundles browser/init and renderer/init
* Improves load performance of main process by ~40%
* Improves load performance of renderer process by ~30%
* Prevents users from importing our "requiring" our internal logic such
as ipc-main-internal. This makes those message buses safer as they are
less accessible, there is still some more work to be done though to lock
down those buses completely.
* The electron.asar file now only contains 2 files, as a future
improvement maybe we can use atom_natives to ship these two files
embedded in the binary
* This also removes our dependency on browserify which had some strange
edge cases that caused us to have to hack around require-order and
stopped us using certain ES6/7 features we should have been able to use
(async / await in some files in the sandboxed renderer init script)
TLDR: Things are faster and better :)
* fix: I really do not want to talk about it
* chore: add performance improvements from debugging
* fix: resolve the provided path so webpack thinks it is absolute
* chore: fixup per PR review
* fix: use webpacks ProvidePlugin to keep global, process and Buffer alive after deletion from global scope for use in internal code
* fix: bundle worker/init as well to make node-in-workers work
* chore: update wording as per feedback
* chore: make the timers hack work when yarn is not used
We now create a new instance of atom::api::DesktopCapturer for every
request instead of weirdly re-using the same instance and queuing
requests. This means there is now a 1:1 relationship between request
and DesktopCapturer so there isn't a race condition between the observer
for one request calling back before the observer of another. This is an
issue ever since the backing APIs moved to worker threads.
This also does a few things to ensure memory management
* Only ever listen to one event per-request, after that we wipe the emit
function to ignore all future events
* Ensures we clean up the window_capturer_, screen_capturer_ and
captured_sources_ in native land once the request is over.
This _in theory_ fixes a flake we've been seeing on CI where we try to
resolve the promise for a request that no longerr exists.
* spec: clean up after a failed window count assertion
Previously when this assertion failed all tests that ran after the
failed assertion also failed. This ensure that the assertion fails for
the test that actually caused the issue but cleans up the left-over
windows so that future tests do not fail.
* fix: maintain a ref count for objects sent over remote
Previously there was a race condition where a GC could occur in the
renderer process between the main process sending a meta.id and the
renderer pulling the proxy out its weakmap to stop it being GC'ed.
This fixes that race condition by maintaining a "sent" ref count in the
object registry and a "received" ref count in the object cache on the
renderer side. The deref request now sends the number of refs the
renderer thinks it owns, if the number does not match the value in the
object registry it is assumed that there is an IPC message containing a
new reference in flight and this race condition was hit.
The browser side ref count is then reduced and we wait for the new deref
message. This guaruntees that an object will only be removed from the
registry if every reference we sent has been guarunteed to be unreffed.
By default the Chromedriver will send remote-debugging-port=0 to let the
browser choose a free port to listen on. The chosen port is written to
a known file in the user data dir that is passed to the app through the
CLI.
This PR does two things.
1. Correctly passes the USER_DATA_DIR to the remote debugging server so
it knows where to write the file
2. Adds support for --user-data-dir as we did not support that CLI
argument and Chromedriver relies on being able to tell the "browser"
where to write this file.
Fixes#17354
* refactor: use mojo for electron internal IPC
* add sender_id, drop MessageSync
* remove usages of AtomFrameMsg_Message
* iwyu
* first draft of renderer->browser direction
* refactor to reuse a single ipc interface
* implement TakeHeapSnapshot through mojo
* the rest of the owl^WtakeHeapSnapshot mojofication
* remove no-op overrides in AtomRendererClient
* delete renderer-side ElectronApiServiceImpl when its pipe is destroyed
* looks like we don't need to overlay the renderer manifest after all
* don't try to send 2 replies to a sync rpc
* undo changes to manifests.cc
* unify sandboxed + unsandboxed ipc events
* lint
* register ElectronBrowser mojo service on devtools WebContents
* fix takeHeapSnapshopt failure paths
* {electron_api => atom}::mojom
* add send_to_all to ElectronRenderer::Message
* keep interface alive until callback is called
* review comments
* use GetContext from RendererClientBase
* robustify a test that uses window.open
* MessageSync posts a task to put sync messages in the same queue as async ones
* add v8::MicrotasksScope and node::CallbackScope
* iwyu
* use weakptr to api::WebContents instead of Unretained
* make MessageSync an asynchronous message & use non-associated interface
* iwyu + comments
* remove unused WeakPtrFactory
* inline OnRendererMessage[Sync]
* cleanups & comments
* use helper methods instead of inline lambdas
* remove unneeded async in test
* add mojo to manifests deps
* add gn check for //electron/manifests and mojo
* don't register renderer side service until preload has been run
* update gn check targets list
* move interface registration back to RenderFrameCreated
* fix: match net module headers & http.IncomingMessage headers
* update net doc for cleanliness
* address feedback from review
* Update spec/api-net-spec.js
Co-Authored-By: codebytere <codebytere@github.com>
* add special cookie case