* feat: Allow detection of MITM HTTPS proxies like ZScaler
For security purposes, Figma heavily restrics the origins that are
allowed to load within our Electron app. Unfortunately some corporate
environments use MITM proxies like ZScaler, which intercepts our
connection to `https://www.figma.com` and serves a redirect to e.g.
`https://gateway.zscloud.net` before finally redirecting back to
`https://www.figma.com`.
In order to detect this situation and handle it gracefully, we need to
be able to know whether or not the certificate for our own origin
(`https://www.figma.com`) is chained to a known root. We do this by
exposesing `CertVerifyResult::is_issued_by_known_root`.
If the certification verification passed without the certificate being
tied to a known root, we can safely assume that we are dealing with a
MITM proxy that has its root CA installed locally on the machine. This
means that HTTPS can't be trusted so we might as well make life easier
for corporate users by loosening our origin restrictions without any
manual steps.
* Tweak docs wording
* fix: increace main thread stack size on windows x86
* chore: improve quit-on-crashed-event spec
* chore: add debug logs
* Revert "chore: add debug logs"
This reverts commit 0be81ae07c85095ac2c920436b97557c95c1c524.
* chore: use a reliable crash endpoint
Co-authored-by: Stephen Wang <wangwenqiang.wwq@bytedance.com>
Co-authored-by: Deepak Mohan <hop2deep@gmail.com>
* build: update version-bumper to support alpha
* build: seperate alpha bump version tests
For easier deletion. If we want to continue supporting an alpha channel,
they can be reintegrated with main tests.
* chore: fix regex
Co-authored-by: Samuel Attard <sam@electronjs.org>
Co-authored-by: Samuel Attard <sam@electronjs.org>
* mac: add dialog.closeMessageBox API
* win: Implement dialog.closeMessageBox
* mac: Return cancelId with closeMessageBox
* gtk: Implement dialog.closeMessageBox
* win: Fix 32bit build
* win: Reduce the scope of lock
* fix: Build error after rebase
* feat: Use AbortSignal to close message box
* chore: silently handle duplicate ID
* win: Add more notes about the threads
* chore: apply reviews
* fix: base::NoDestructor should be warpped in function
* chore: fix style on windows
* fix: microtasks policy in CreateEnvironment
Microtasks policy should not be updated for the renderer because
`NodeBindings::CreateEnvironment` might be entered with or without
`UvRunOnce()` on stack. One of the examples of such calls is
`window.open()` which is possible to invoke while `uv_run()` is still
running (e.g. with `setImmediate()`).
All in all, it doesn't matter that much which policy we use since
`v8::MicrotasksScope` has a check for the policy in its destructor and
no commits will be made if the policy is `kExplicit`. It is important,
however, to not change the policy in the middle of `UvRunOnce()` so we
should respect whatever we currently have and move on.
Fix: #29463
* Move test to a better place
* Update spec-main/fixtures/crash-cases/setimmediate-window-open-crash/index.html
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
* Update spec-main/fixtures/crash-cases/setimmediate-window-open-crash/index.html
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
* simplify crash-case
* comment
* fix comment
Co-authored-by: Fedor Indutny <79877362+indutny-signal@users.noreply.github.com>
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
Co-authored-by: Fedor Indutny <indutny@signal.org>
If the app is run with LC_ALL=C on Linux, the test would fail as
app.getLocaleCountryCode() would return "".
Signed-off-by: Darshan Sen <raisinten@gmail.com>
* fix: ensure the typescript definitions only export correct value types
In typescript there are two main types of "types" you can export, value types (class, const) and definition types (type, interface). The typescript compiler will let anything declared via const or class be used as a value. Unfortunately we were exporting a bunch of things (see the diff) as class/const when they weren't actually exported values. This lead to typescript being happy but the runtime throwing errors (not something we want).
This change passes "exported-in" context through our docs, to the parser and then to the definitions generator to ensure we only mark things as exported in the ts defs that we actually export.
Fixes#22167
* chore: update typescript-defs
* chore: update typescript-defs
* chore: fix bad typescript in IPC test
* docs: test rendering of new syntax
* chore: update per feedback, use same syntax but with 'this is not exportedd' line