Commit graph

41 commits

Author SHA1 Message Date
Milan Burda
b5bfd9867b Don't pass preloadPath via ELECTRON_BROWSER_SANDBOX_LOAD for security reasons (#13031) (#14026) 2018-08-11 12:53:33 -05:00
Milan Burda
98033e4f45 Fix process.execPath returning parent process path instead of the helper in sandboxed renderer (#13959) 2018-08-09 09:58:44 -05:00
Cheng Zhao
136cf389e8 fix: use context counter as contextId (backport 3-0-x)
For sandboxed renderer it may not have a node::Environment in the context,
using a increasing counter as contextId works for all cases.
2018-07-19 11:27:41 -07:00
Hari Juturu
32e40cb4c3 Enable webview in sandbox renderer Security: Inherit embedder prefs onto webview 2018-07-02 16:09:17 +00:00
Thiago de Arruda
6ff111a141 perf: don't use JSON to send the result of ipcRenderer.sendSync. (#8953)
* Don't use JSON to send the result of `ipcRenderer.sendSync`.

- Change the return type of AtomViewHostMsg_Message_Sync from `base::string16`
  to `base::ListValue`
- Adjust lib/browser/api/web-contents.js and /lib/renderer/api/ipc-renderer.js
  to wrap/unwrap return values to/from array, instead of
  serializing/deserializing JSON.

This change can greatly improve `ipcRenderer.sendSync` calls where the return
value contains Buffer instances, because those are converted to Array before
being serialized to JSON(which has no efficient way of representing byte
arrays).

A simple benchmark where remote.require('fs') was used to read a 16mb file got
at least 5x faster, not to mention it used a lot less memory.  This difference
tends increases with larger buffers.

* Don't base64 encode Buffers

* Don't allocate V8ValueConverter on the heap

* Replace hidden global.sandbox with NodeBindings::IsInitialized()

* Refactoring: check NodeBindings::IsInitialized() in V8ValueConverter

* Refactor problematic test to make it more reliable

* Add tests for NaN and Infinity
2018-06-13 17:38:31 +10:00
Milan Burda
6ad0a22602 Add process.getHeapStatistics() (#13183) 2018-06-10 22:00:36 +10:00
Jeremy Apthorp
e6695cf2ec [chromium-style] override / virtual warnings 2018-04-19 11:12:10 -07:00
Jeremy Apthorp
a635f078c6 [chromium-style] auto variable type must not deduce to a raw pointer type 2018-04-19 11:10:52 -07:00
Shelley Vohr
c6f4bbd143
also format missing .cc files 2018-04-18 20:48:45 -04:00
Robo
ad2baccefa tools: pass custom template for js2c (#12593)
* Update node v9.7.0 ref

* tools: pass custom template to node/tools/js2c.py
2018-04-13 08:20:04 -04:00
Nitish Sakhawalkar
9d1527b1df Fix context menu for sandbox devtools (#11933) 2018-03-22 16:15:57 +09:00
deepak1556
3cfe66e4c3 move ipc use from rvh to rfh 2018-03-09 15:01:09 +05:30
Samuel Attard
a9dcce82ed Ensure that a document has been created before sending IPC messages
* Reverts 370476c4af in favor of moving the previous logic to the new RenderFrameObserver instead of RenderViewObserver

Fixes #12045
2018-03-09 14:24:56 +11:00
Hari Juturu
2f4fd3324b Preload doesn't load in sandboxed render if preload path contains special chars (#12037)
* Adding missing headers

* adding ut

* Removing the file path exists check

* fixing test

* exposing window.require in UT
2018-03-07 11:40:00 -05:00
shelley vohr
0e5b6f9300 Upgrade to node v9.3.0 (#11507)
* update submodule refs for node v9.3.0

* Define "llvm_version" for Node.js build

* NODE_MODULE_CONTEXT_AWARE_BUILTIN -> NODE_BUILTIN_MODULE_CONTEXT_AWARE

* update NodePlatform to MultiIsolatePlatform

* fix linting error

* update node ref

* REVIEW: Explicitly register builtin modules

https://github.com/nodejs/node/pull/16565

* update libcc ref

* switch libcc to c62

* REVIEW: Address node api changes

- Always start the inspector agent for https://github.com/nodejs/node/pull/17085
- Set the tracing controller for node https://github.com/nodejs/node/pull/15538
- Isolate data creation now requires plaform https://github.com/nodejs/node/pull/16700
2018-02-23 10:22:00 +09:00
Cheng Zhao
124667c29b
Merge pull request #11227 from emmkimme/Fix_10470_sandbox_preload
🐞 #10470 - prevent from loading preload in each iframe context
2017-11-28 15:25:34 +09:00
Aleksei Kuzmin
e4d9e12ee5 Use blink::WebLocalFrame instead of blink::WebFrame
Move GetDocument method from WebFrame to WebLocalFrame.
https://codereview.chromium.org/2928033002

Move MainWorldScriptContext accessor/method from WebFrame to WebLocalFrame.
https://codereview.chromium.org/2923053002
2017-11-24 10:58:16 +09:00
Emmanuel Kimmerlin
5f658de19f 🐛 #10470 - prevent to load preload in each iframe context 2017-11-23 09:20:52 +01:00
Ales Pergl
a7bae32527 Re-enabled debug mode 2017-08-29 14:19:19 +09:00
Aleksei Kuzmin
7a4ca08a8d The Blink Rename 2017-08-15 16:19:20 +03:00
John Kleinschmidt
3d5acdf682 Rollback debug mode changes 2017-08-07 15:54:44 -04:00
Ales Pergl
8e34aad410 Fixed invalid empty vector subscript access 2017-07-22 14:45:50 +02:00
Kevin Sawicki
14178d9826 Expose argv to preload process object 2017-06-26 13:52:19 -07:00
Kevin Sawicki
fb85b26767 Merge remote-tracking branch 'origin/master' into chrome58 2017-05-10 09:42:19 -07:00
Thiago de Arruda
bbe21cce67 Expose more atom_bindings.cc functions to sandbox 2017-05-01 09:12:39 -03:00
Cheng Zhao
4c47f2d15e Update to Node v7.9.0 2017-04-27 17:20:01 +09:00
Thiago de Arruda
039aaba758 Move AtomRenderFrameObserver creation to RendererClientBase.
Also remove AtomSandboxedRenderFrameObserver class.
2017-04-08 11:54:58 -03:00
Thiago de Arruda
0227254774 Move DidClearWindowObject into RendererClientBase.
Also adapt AtomSandboxedRenderFrameObserver to forward DidClearWindowObject to
RendererClientBase.
2017-04-08 10:43:19 -03:00
Kevin Sawicki
f5a75c4e87 Merge pull request #9076 from electron/cleanup-cpp
Cleanup cpp codebase
2017-04-03 08:30:08 -07:00
Haojian Wu
5f724e57bc Avoid unnecessary copy of parameters. 2017-03-29 22:06:07 +02:00
Thiago de Arruda
d1f08beddf Make AtomSandboxedRendererClient a RendererClientBase subclass. 2017-03-27 18:49:55 -03:00
Thiago de Arruda
bf756e3c00 Prevent browserify from leaking the require function
Define a "require" argument in the wrapper functions that runs browserify
bundles, which will prevent browserify from leaking the require function.

Note that this doesn't affect the isolated renderer script, only when `-r` flag
is passed to browserify command it will export a require function. It is still
added to isolated renderer script to prevent future mistakes(doesn't hurt
defining a "require" local).
2017-03-23 10:01:02 -03:00
Thiago de Arruda
e1aebef57c Make sandbox APIs more compatible with normal renderers
- Expose remote shortcuts for the `fs`, `os` and `child_process` modules.
- Expose the `url` and `timers` modules(the browserify versions)
- Add `process.crash` and `process.platform`
2017-03-23 10:01:02 -03:00
Thiago de Arruda
a6e4867111 Handle Buffer deserialization in sandboxed renderers
In sandboxed renderers we use browserify to provide a node-like environment. The
Buffer class used by browserify is actually just a wrapper around Uint8Array,
but to deserialize Buffer correctly we must expose the class as a hidden value
and use it in V8ValueConverter.
2017-03-16 13:20:09 -03:00
Thiago de Arruda
cd05834d96 Refactor sandboxed renderer init scripts
This change gives sandboxed renderer scripts a similar structure to what already
exists in the lib/{browser,renderer,common} directories.

It also allows sandboxed renderer initialization to share more code with
non-sandboxed renderers (ipcRenderer is now imported directly from
lib/renderer/api/ipc-renderer).
2017-03-09 20:39:14 -03:00
Thiago de Arruda
d78f3cae7b Expose builtin v8 modules to AtomSandboxedRendererClient
- Adapt node.cc code that implements `process.binding` to create a similar
  object in AtomSandboxedRendererClient.
- Replace the ipc binding object passed to `lib/sandboxed_renderer/init.js` by
  the new binding object.
- Refactor the initialization script to use this new object to fetch the ipc
  binding and store as a hidden value using the `v8_util` module.

This change also required applying a patch to node.js, so the submodule commit
was updated.
2017-03-09 20:39:14 -03:00
Cheng Zhao
81784827ff PrintWebViewHelper is attached to RenderFrame 2017-02-06 10:34:29 -08:00
Kevin Sawicki
54e2c480cb Upgrade to node 7.4 2017-01-19 09:05:59 +02:00
Geoff Lywood
5345b08d24 Fix printing with the sandbox enabled
Closes #7984
2016-12-07 17:40:18 -08:00
Thiago de Arruda
524bab530a Improve AtomSandboxedRendererClient to support preload scripts.
Add RenderFrameObserver/RenderViewObserver subclasses that implement the
necessary support for preload scripts in sandboxed renderers.
2016-09-27 06:01:47 -03:00
Thiago de Arruda
a7b6332ed0 Add atom::AtomSandboxedRendererClient class 2016-09-27 06:01:46 -03:00