* fix: pass rfh instances through to the permission helper
* refactor: use WeakDocumentPtr instead of frame node id
* fix: handle missing initiator document
* fix: dispatch openExternal event for top level webview navs still
* feat: add support for HIDDevice.forget()
* chore: remove whitespace
* chore: use `SetGetter` to serialize the render_frame_host
Co-authored-by: Samuel Maddock <samuel.maddock@gmail.com>
* fixup chore: use `SetGetter` to serialize the render_frame_host
* fixup after rebase
* fixup for crash on navigator.serial.getPorts()
* fixup for lint
Co-authored-by: Samuel Maddock <samuel.maddock@gmail.com>
* feat: add support for WebHID
* Apply suggestions from code review
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* Address review feedback
* Address review feedback
* chore: clear granted_devices on navigation
Also added test to verify devices get cleared
* fixup testing for device clear
* make sure navigator.hid.getDevices is run on correct frame
* clear granted devices on RenderFrameHost deletion/change
* manage device permissions per RenderFrameHost
This change makes sure we don't clear device permission prematurely due to child frame navigation
* Update shell/browser/api/electron_api_web_contents.cc
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* apply review feedback from @zcbenz
* Match upstream ObjectMap
This change matches what ObjectPermissionContextBase uses to cache object permissions: https://source.chromium.org/chromium/chromium/src/+/main:components/permissions/object_permission_context_base.h;l=52;drc=8f95b5eab2797a3e26bba299f3b0df85bfc98bf5;bpv=1;bpt=0
The main reason for this was to resolve this crash on Win x64:
ok 2 WebContentsView doesn't crash when GCed during allocation
Received fatal exception EXCEPTION_ACCESS_VIOLATION
Backtrace:
gin::WrappableBase::SecondWeakCallback [0x00007FF6F2AFA005+133] (o:\gin\wrappable.cc:53)
v8::internal::GlobalHandles::InvokeSecondPassPhantomCallbacks [0x00007FF6F028F9AB+171] (o:\v8\src\handles\global-handles.cc:1400)
v8::internal::GlobalHandles::InvokeSecondPassPhantomCallbacksFromTask [0x00007FF6F028F867+391] (o:\v8\src\handles\global-handles.cc:1387)
node::PerIsolatePlatformData::RunForegroundTask [0x00007FF6F3B4D065+317] (o:\third_party\electron_node\src\node_platform.cc:415)
node::PerIsolatePlatformData::FlushForegroundTasksInternal [0x00007FF6F3B4C424+776] (o:\third_party\electron_node\src\node_platform.cc:479)
uv_run [0x00007FF6F2DDD07C+492] (o:\third_party\electron_node\deps\uv\src\win\core.c:609)
electron::NodeBindings::UvRunOnce [0x00007FF6EEE1E036+294] (o:\electron\shell\common\node_bindings.cc:631)
base::TaskAnnotator::RunTask [0x00007FF6F2318A19+457] (o:\base\task\common\task_annotator.cc:178)
base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl [0x00007FF6F2E6F553+963] (o:\base\task\sequence_manager\thread_controller_with_message_pump_impl.cc:361)
base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork [0x00007FF6F2E6EC69+137] (o:\base\task\sequence_manager\thread_controller_with_message_pump_impl.cc:266)
base::MessagePumpForUI::DoRunLoop [0x00007FF6F235AA58+216] (o:\base\message_loop\message_pump_win.cc:221)
base::MessagePumpWin::Run [0x00007FF6F235A01A+106] (o:\base\message_loop\message_pump_win.cc:79)
base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run [0x00007FF6F2E702DA+682] (o:\base\task\sequence_manager\thread_controller_with_message_pump_impl.cc:470)
base::RunLoop::Run [0x00007FF6F22F95BA+842] (o:\base\run_loop.cc:136)
content::BrowserMainLoop::RunMainMessageLoop [0x00007FF6F14423CC+208] (o:\content\browser\browser_main_loop.cc:990)
content::BrowserMainRunnerImpl::Run [0x00007FF6F144402F+143] (o:\content\browser\browser_main_runner_impl.cc:153)
content::BrowserMain [0x00007FF6F143F911+257] (o:\content\browser\browser_main.cc:49)
content::RunBrowserProcessMain [0x00007FF6EFFA7D18+112] (o:\content\app\content_main_runner_impl.cc:608)
content::ContentMainRunnerImpl::RunBrowser [0x00007FF6EFFA8CF4+1220] (o:\content\app\content_main_runner_impl.cc:1104)
content::ContentMainRunnerImpl::Run [0x00007FF6EFFA87C9+393] (o:\content\app\content_main_runner_impl.cc:971)
content::RunContentProcess [0x00007FF6EFFA73BD+733] (o:\content\app\content_main.cc:394)
content::ContentMain [0x00007FF6EFFA79E1+54] (o:\content\app\content_main.cc:422)
wWinMain [0x00007FF6EECA1535+889] (o:\electron\shell\app\electron_main.cc:291)
__scrt_common_main_seh [0x00007FF6F6F88482+262] (d:\A01\_work\6\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288)
BaseThreadInitThunk [0x00007FFEC0087034+20]
RtlUserThreadStart [0x00007FFEC1F02651+33]
✗ Electron tests failed with code 0xc0000005.
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* feat: Allow detection of MITM HTTPS proxies like ZScaler
For security purposes, Figma heavily restrics the origins that are
allowed to load within our Electron app. Unfortunately some corporate
environments use MITM proxies like ZScaler, which intercepts our
connection to `https://www.figma.com` and serves a redirect to e.g.
`https://gateway.zscloud.net` before finally redirecting back to
`https://www.figma.com`.
In order to detect this situation and handle it gracefully, we need to
be able to know whether or not the certificate for our own origin
(`https://www.figma.com`) is chained to a known root. We do this by
exposesing `CertVerifyResult::is_issued_by_known_root`.
If the certification verification passed without the certificate being
tied to a known root, we can safely assume that we are dealing with a
MITM proxy that has its root CA installed locally on the machine. This
means that HTTPS can't be trusted so we might as well make life easier
for corporate users by loosening our origin restrictions without any
manual steps.
* Tweak docs wording
* fix: ensure the typescript definitions only export correct value types
In typescript there are two main types of "types" you can export, value types (class, const) and definition types (type, interface). The typescript compiler will let anything declared via const or class be used as a value. Unfortunately we were exporting a bunch of things (see the diff) as class/const when they weren't actually exported values. This lead to typescript being happy but the runtime throwing errors (not something we want).
This change passes "exported-in" context through our docs, to the parser and then to the definitions generator to ensure we only mark things as exported in the ts defs that we actually export.
Fixes#22167
* chore: update typescript-defs
* chore: update typescript-defs
* chore: fix bad typescript in IPC test
* docs: test rendering of new syntax
* chore: update per feedback, use same syntax but with 'this is not exportedd' line
* fix: correctly identify clipboard read permission
* Update tests for variable clipboard content
* chore: add all possible permission conversions
* VIDEO_CAPTURE and AUDIO_CAPTURE were already defined
* Handle all PermissionTypes
* use skewer case for accessibility events to match permissions api
https://developer.mozilla.org/en-US/docs/Web/API/Permissions_API
* feat: Added support for all proxy modes
This commit extended setProxy to support all proxy modes including
direct, auto_detect, pac_script, fixed_servers and system.
* feat: New api for reload proxy configurations
These methods are needed for closing all idle and in-flight connections after
switching to another proxy from same origin for a session, otherwise
these connections may be reused for future requests which is
unexpected for most of users.
* feat: add serial api support
resolves#22478
* Put serial port support behind a flag and mark as experimental
* Update docs/api/session.md
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* Use enable-blink-features=Serial instead of enable-experimental-web-platform-features
* Set enableBlinkFeatures on webPreferences instead of commandline
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
* feat(extensions): expose ExtensionRegistryObserver events in Session
Extensions can be loaded and unloaded for various reasons. In some cases this can
occur by no means of the Electron programmer, such as in the case of chrome.runtime.reload().
In order to be able to manage state about extensions outside of Electron's APIs, events
reloaded to loading and unloaded are needed.
* docs(extensions): elaborate on extension-loaded/unloaded details
* fix: remove scoped extension registry observer
* docs: update extension-unloaded
