* fix: disable remote host nodeIntegration warning for localhost
In warnAboutNodeWithRemoteContent(), add a check to see if the hostname
is "localhost" and prevent the warning message if it is.
* fix: disable loading insecure resources warning for localhost
In warnAboutInsecureResources(), filter out resources from localhost
since they are most likely not a threat.
* test: add tests for ignoring security warnings when using localhost
Add tests for ignoring warning messages for the following scenarios:
1. node integration with remote content from localhost
2. loading insecure resources from localhost
* test: fix insecure resource test
* test: pass nodeIntegration with remote test on did-finish-load
* test: maybe fix node integration test (error w/ conv circular struct)
* test: update test description
* test: use "load" event to check when nodeIntegration test has finished
Instead of relying on the "did-finish-load" event, which may result in
a race condition, add an "onload" handler that logs "loaded" to the
console. This will execute _after_ the nodeIntegration check, so it
can be safely used as a signal to indicate that the test is done.
* test: rename base-page-security-load-message.html
* fix: ignore enabled remote module warning for localhost
* refactor: add isLocalhost()
* spec: replace assert with expect in api-browser-view-spec.js
* spec: replace assert with expect in api-touch-bar-spec.js
* spec: replace assert with expect in api-web-frame-spec.js
* spec: replace assert with expect in api-web-contents-view-spec.js
* spec: replace assert with expect in security-warnings-spec.js
* spec: replace assert with expect in api-menu-item-spec.js
* spec: replace assert with expect in api-web-request-spec.js
* spec: replace assert with expect in api-remote-spec.js
* spec: replace assert with expect in api-session-spec.js
* spec: replace assert with expect in api-system-preferences-spec.js
* spec: replace assert with expect in api-browser-window-spec.js
* spec: replace assert with expect in webview-spec.js
* spec: replace assert with expect in api-net-spec.js
* spec: replace assert with expect in api-protocol-spec.js
* spec: replace assert with expect api-web-contents-spec.js
* spec: replace assert with expect in api-shell-spec.js
* spec: replace assert with expect in modules-spec.js
* spec: replace assert with expect in chromium-spec.js
* spec: replace assert with expect in api-crash-reporter-spec.js
* spec: replace assert with expect in asar-spec.js
* spec: rename assert-helpers to expect-helpers
* address PR feedback
* 🔧 Add security issue detection (and logs)
* 🔧 Check for it on load
* 👷 Add some tests
* 👷 Make the linter happy
* 🔧 Allow them to be enabled by force
* 📝 Make message slightly prettier
* 🔧 Fix a typo in the code comment
* 🔧 Classic mistake
* 🚀 Optimize things a bit more
* 👷 Add tests, fix tests
* 📝 Document things
* 🔧 Make linter happy
* 🔧 One more piece of cleanup
