* refactor: load electron builtin modules with process._linkedBinding
NODE_BUILTING_MODULE_CONTEXT_AWARE and process.binding are
removed in https://github.com/nodejs/node/pull/25829. This changes
uses the alternative available without any functionality change.
* chore: roll node
* Add content script injector to sandboxed renderer
* Fix 'getRenderProcessPreferences' binding to the wrong object
* Pass getRenderProcessPreferences to content-scripts-injector
* Emit document-start and document-end events in sandboxed renderer
* Use GetContext from RendererClientBase
* Prevent script context crash caused by lazily initialization
* Remove frame filtering logic for onExit callback
Since we're keeping track of which frames we've injected the bundle into, this logic is redundant.
* Add initial content script tests
* Add contextIsolation variants to content script tests
* Add set include
* Fix already loaded extension error
* Add tests for content scripts 'run_at' options
* Catch script injection eval error when CSP forbids it
This can occur in a rendered sandbox when a CSP is enabled. We'll need to switch to using isolated worlds to fix this.
* Fix content script tests not properly cleaning up extensions
* Fix lint and type errors
* build: enable gn check for //electron:electron_lib
* ci: add gn check step
* ci: set depot_tools path
* chrome_key_systems_provider.h nogncheck
* chore: fix gn check errors on windows
* chore: gn check //electron:electron_app
* chore: Add new webFrame IsolatedWorldInfo API and deprecate
* Flag deprecated methods in documentation
* address comments
* Address review comments
* remove unused variable
* Update based on review
* fix: do not create native api::WebFrame in webFrame
When reloading a page without restarting renderer process (for example
sandbox mode), the blink::WebFrame is not destroyed, but api::WebFrame
is always recreated for the new page context. This leaves a leak of
api::WebFrame.
* fix: remove spell checker when page context is released
* chore: deprecate webFrame.registerURLSchemeAsPrivileged
* Add register schemes protocol api
* update branch to enable browser process API
* Revert deprecation changes
* Fetch API support
* Updated api to take an array, still working on tests
* Update tests
* Remove web frame API
* Minor changes
* update scheme registrations on browser and renderer process
* fix: enable ses.getBlobData spec
* Update breaking changes doc
* feat: add support for node / preloads in subframes
This feature has delibrately been built / implemented in such a way
that it has minimum impact on existing apps / code-paths.
Without enabling the new "nodeSupportInSubFrames" option basically none of this
new code will be hit.
The things that I believe need extra scrutiny are:
* Introduction of `event.reply` for IPC events and usage of `event.reply` instead of `event.sender.send()`
* Usage of `node::FreeEnvironment(env)` when the new option is enabled in order to avoid memory leaks. I have tested this quite a bit and haven't managed to cause a crash but it is still feature flagged behind the "nodeSupportInSubFrames" flag to avoid potential impact.
Closes#10569Closes#10401Closes#11868Closes#12505Closes#14035
* feat: add support preloads in subframes for sandboxed renderers
* spec: add tests for new nodeSupportInSubFrames option
* spec: fix specs for .reply and ._replyInternal for internal messages
* chore: revert change to use flag instead of environment set size
* chore: clean up subframe impl
* chore: apply suggestions from code review
Co-Authored-By: MarshallOfSound <samuel.r.attard@gmail.com>
* chore: clean up reply usage
* chore: fix TS docs generation
* chore: cleanup after rebase
* chore: rename wrap to add in event fns
* fix: emit IPC event in correct context if isolation and sandbox enabled
IPC events were not being delivered to renderer processes when both
`contextIsolation` and `sandbox` were enabled. This is because the
`AtomSandboxedRenderFrameObserver` class was incorrectly using the
`MainWorldScriptContext`, rather than conditionally selecting the
context based on if isolation was enabled.
Fixes#11922
With mixed sandbox enabled we need to load the chrome.* APIs in the
sandbox init.js so that chrome extensions load correctly.
This mirrors the equivilant impl in `atom_renderer_client.cc`
Fixes#15561
* docs: Add 'worker' as a possible value for `process.type`
* fix: make certain properties on `process` read only:
* `mas`
* `windowsStore`
* `versions.electron`
* `versions.chrome`
* `type`
* `pid`
* `sandboxed`
* fix: child window with nativeWindowOpen should disable node integration
* Revert "fix: do not enable node integration in child window if not enabled (#15076)"
This reverts commit 0252d7686c.
This patch is not needed anymore since we are force disabling node integration
for child windows.