0dad99561b
* chore: bump chromium in DEPS to 123.0.6273.0 * chore: update patches * chore: bump chromium in DEPS to 123.0.6274.0 * chore: update patches * chore: bump chromium in DEPS to 123.0.6276.0 * chore: update patches * WIP: 5239586: Change View::Layout() to take a PassKey. https://chromium-review.googlesource.com/c/chromium/src/+/5239586 * WIP: 5239586: Change View::Layout() to take a PassKey. https://chromium-review.googlesource.com/c/chromium/src/+/5239586 * chore: bump chromium in DEPS to 123.0.6278.0 * chore: bump chromium in DEPS to 123.0.6280.0 * chore: update patches * chore: use net::CanonicalCookie::SecureAttribute() renamed from IsSecure() Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5245913 * refactor: handle multiple requested device ids Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5132210 * refactor: trigger View layouts async with View::InvalidateLayout() Upstream has introduced a PassKey to restrict who can call Layout() directly. I've opted for calling `InvalidateLayout()` which is the approach that upstream recommends. If for some reason this approach doesn't work for us, we could use `DeprecatedLayoutImmediately()` as a stopgap. Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5239586 Xref: https://chromium.googlesource.com/chromium/src/+/main/ui/views/view.h#809 Xref: https://chromium.googlesource.com/chromium/src/+/main/docs/ui/learn/bestpractices/layout.md?pli=1#don_t-invoke-layout_directly * chore: bump chromium in DEPS to 123.0.6282.0 * chore: bump chromium in DEPS to 123.0.6284.0 * chore: update patches * refactor: remove use of blink::MainThreadIsolate() pt 1/3 Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5249640 * refactor: remove use of blink::MainThreadIsolate() pt 2/3 Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5249640 * refactor: remove use of blink::MainThreadIsolate() pt 3/3 Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5249640 * chore: update enum name to ui::AXMode::kPDFPrinting Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5270301 * chore: rebuild filenames.libcxx.gni * chore: sync with upstream rename of PortProvider.TaskForHandle() Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5259103 * chore: bump chromium in DEPS to 123.0.6286.0 * chore: bump chromium in DEPS to 123.0.6288.0 * WebPreferences: Initialize in declaration. Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5277099 * chore: update webview_fullscreen.patch Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5053508 Simple update to fix patch shear * chore: update feat_configure_launch_options_for_service_process.patch Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5254861 Simple update to fix patch shear * chore: add IWC::Delegate::RecordResize() stub to fix FTBFS https://chromium-review.googlesource.com/c/chromium/src/+/5268963 * chore: add FormControlType::kButtonPopover to the FormControlType converter Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5230929 * chore: e patches all * chore: node script/gen-libc++-filenames.js * chore: bump chromium in DEPS to 123.0.6290.0 * chore: bump chromium in DEPS to 123.0.6291.0 * chore: bump chromium in DEPS to 123.0.6292.0 * chore: bump chromium in DEPS to 123.0.6294.0 * chore: update fix_aspect_ratio_with_max_size.patch Xref: fix_aspect_ratio_with_max_size.patch note: simple absl::optional -> std::optional conversion * chore: update feat_filter_out_non-shareable_windows_in_the_current_application_in.patch Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5272337 * chore: update add_maximized_parameter_to_linuxui_getwindowframeprovider.patch No manual changes; just adjusting line patch offsets Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5258688 * chore: update feat_configure_launch_options_for_service_process.patch Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5281322 * chore: update fix_select_The_first_menu_item_when_opened_via_keyboard.patch Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5279376 note: simple absl::optional -> std::optional conversion * chore: update feat_allow_code_cache_in_custom_schemes.patch Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5268792 * chore: script/export_all_patches.py * chore: bump chromium in DEPS to 123.0.6296.0 * chore: update patches * fixup! chore: update feat_allow_code_cache_in_custom_schemes.patch * fix: restore MessagePort close event * spec: fix CORB testing Refs https://chromium-review.googlesource.com/c/chromium/src/+/5231506 * fix: use sync layout when content view changes * fixup! chore: update feat_configure_launch_options_for_service_process.patch * Add remote-cocoa support for context menus. Refs https://chromium-review.googlesource.com/c/chromium/src/+/5259806 * Rename //net/base/mac directory to //net/base/apple (1/n) Refs https://chromium-review.googlesource.com/c/chromium/src/+/5211389 * fixup! Add remote-cocoa support for context menus. * [Clipboard] Don't add meta charset tag for async write() method on Mac. Refs https://chromium-review.googlesource.com/c/chromium/src/+/5187335 --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com> Co-authored-by: clavin <clavin@electronjs.org> Co-authored-by: Charles Kerr <charles@charleskerr.com> Co-authored-by: deepak1556 <hop2deep@gmail.com>
404 lines
15 KiB
C++
404 lines
15 KiB
C++
// Copyright (c) 2015 GitHub, Inc.
|
|
// Use of this source code is governed by the MIT license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#include "shell/browser/api/electron_api_cookies.h"
|
|
|
|
#include <string>
|
|
#include <string_view>
|
|
#include <utility>
|
|
|
|
#include "base/time/time.h"
|
|
#include "base/values.h"
|
|
#include "content/public/browser/browser_context.h"
|
|
#include "content/public/browser/browser_task_traits.h"
|
|
#include "content/public/browser/browser_thread.h"
|
|
#include "content/public/browser/storage_partition.h"
|
|
#include "gin/dictionary.h"
|
|
#include "gin/object_template_builder.h"
|
|
#include "net/cookies/canonical_cookie.h"
|
|
#include "net/cookies/cookie_inclusion_status.h"
|
|
#include "net/cookies/cookie_store.h"
|
|
#include "net/cookies/cookie_util.h"
|
|
#include "shell/browser/cookie_change_notifier.h"
|
|
#include "shell/browser/electron_browser_context.h"
|
|
#include "shell/browser/javascript_environment.h"
|
|
#include "shell/common/gin_converters/gurl_converter.h"
|
|
#include "shell/common/gin_converters/value_converter.h"
|
|
#include "shell/common/gin_helper/dictionary.h"
|
|
#include "shell/common/gin_helper/object_template_builder.h"
|
|
|
|
namespace gin {
|
|
|
|
template <>
|
|
struct Converter<net::CookieSameSite> {
|
|
static v8::Local<v8::Value> ToV8(v8::Isolate* isolate,
|
|
const net::CookieSameSite& val) {
|
|
switch (val) {
|
|
case net::CookieSameSite::UNSPECIFIED:
|
|
return ConvertToV8(isolate, "unspecified");
|
|
case net::CookieSameSite::NO_RESTRICTION:
|
|
return ConvertToV8(isolate, "no_restriction");
|
|
case net::CookieSameSite::LAX_MODE:
|
|
return ConvertToV8(isolate, "lax");
|
|
case net::CookieSameSite::STRICT_MODE:
|
|
return ConvertToV8(isolate, "strict");
|
|
}
|
|
DCHECK(false);
|
|
return ConvertToV8(isolate, "unknown");
|
|
}
|
|
};
|
|
|
|
template <>
|
|
struct Converter<net::CanonicalCookie> {
|
|
static v8::Local<v8::Value> ToV8(v8::Isolate* isolate,
|
|
const net::CanonicalCookie& val) {
|
|
gin::Dictionary dict(isolate, v8::Object::New(isolate));
|
|
dict.Set("name", val.Name());
|
|
dict.Set("value", val.Value());
|
|
dict.Set("domain", val.Domain());
|
|
dict.Set("hostOnly", net::cookie_util::DomainIsHostOnly(val.Domain()));
|
|
dict.Set("path", val.Path());
|
|
dict.Set("secure", val.SecureAttribute());
|
|
dict.Set("httpOnly", val.IsHttpOnly());
|
|
dict.Set("session", !val.IsPersistent());
|
|
if (val.IsPersistent())
|
|
dict.Set("expirationDate", val.ExpiryDate().InSecondsFSinceUnixEpoch());
|
|
dict.Set("sameSite", val.SameSite());
|
|
return ConvertToV8(isolate, dict).As<v8::Object>();
|
|
}
|
|
};
|
|
|
|
template <>
|
|
struct Converter<net::CookieChangeCause> {
|
|
static v8::Local<v8::Value> ToV8(v8::Isolate* isolate,
|
|
const net::CookieChangeCause& val) {
|
|
switch (val) {
|
|
case net::CookieChangeCause::INSERTED:
|
|
case net::CookieChangeCause::EXPLICIT:
|
|
return gin::StringToV8(isolate, "explicit");
|
|
case net::CookieChangeCause::OVERWRITE:
|
|
return gin::StringToV8(isolate, "overwrite");
|
|
case net::CookieChangeCause::EXPIRED:
|
|
return gin::StringToV8(isolate, "expired");
|
|
case net::CookieChangeCause::EVICTED:
|
|
return gin::StringToV8(isolate, "evicted");
|
|
case net::CookieChangeCause::EXPIRED_OVERWRITE:
|
|
return gin::StringToV8(isolate, "expired-overwrite");
|
|
default:
|
|
return gin::StringToV8(isolate, "unknown");
|
|
}
|
|
}
|
|
};
|
|
|
|
} // namespace gin
|
|
|
|
namespace electron::api {
|
|
|
|
namespace {
|
|
|
|
// Returns whether |domain| matches |filter|.
|
|
bool MatchesDomain(std::string filter, const std::string& domain) {
|
|
// Add a leading '.' character to the filter domain if it doesn't exist.
|
|
if (net::cookie_util::DomainIsHostOnly(filter))
|
|
filter.insert(0, ".");
|
|
|
|
std::string sub_domain(domain);
|
|
// Strip any leading '.' character from the input cookie domain.
|
|
if (!net::cookie_util::DomainIsHostOnly(sub_domain))
|
|
sub_domain = sub_domain.substr(1);
|
|
|
|
// Now check whether the domain argument is a subdomain of the filter domain.
|
|
for (sub_domain.insert(0, "."); sub_domain.length() >= filter.length();) {
|
|
if (sub_domain == filter)
|
|
return true;
|
|
const size_t next_dot = sub_domain.find('.', 1); // Skip over leading dot.
|
|
sub_domain.erase(0, next_dot);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
// Returns whether |cookie| matches |filter|.
|
|
bool MatchesCookie(const base::Value::Dict& filter,
|
|
const net::CanonicalCookie& cookie) {
|
|
const std::string* str;
|
|
if ((str = filter.FindString("name")) && *str != cookie.Name())
|
|
return false;
|
|
if ((str = filter.FindString("path")) && *str != cookie.Path())
|
|
return false;
|
|
if ((str = filter.FindString("domain")) &&
|
|
!MatchesDomain(*str, cookie.Domain()))
|
|
return false;
|
|
std::optional<bool> secure_filter = filter.FindBool("secure");
|
|
if (secure_filter && *secure_filter != cookie.SecureAttribute())
|
|
return false;
|
|
std::optional<bool> session_filter = filter.FindBool("session");
|
|
if (session_filter && *session_filter == cookie.IsPersistent())
|
|
return false;
|
|
std::optional<bool> httpOnly_filter = filter.FindBool("httpOnly");
|
|
if (httpOnly_filter && *httpOnly_filter != cookie.IsHttpOnly())
|
|
return false;
|
|
return true;
|
|
}
|
|
|
|
// Remove cookies from |list| not matching |filter|, and pass it to |callback|.
|
|
void FilterCookies(base::Value::Dict filter,
|
|
gin_helper::Promise<net::CookieList> promise,
|
|
const net::CookieList& cookies) {
|
|
net::CookieList result;
|
|
for (const auto& cookie : cookies) {
|
|
if (MatchesCookie(filter, cookie))
|
|
result.push_back(cookie);
|
|
}
|
|
promise.Resolve(result);
|
|
}
|
|
|
|
void FilterCookieWithStatuses(
|
|
base::Value::Dict filter,
|
|
gin_helper::Promise<net::CookieList> promise,
|
|
const net::CookieAccessResultList& list,
|
|
const net::CookieAccessResultList& excluded_list) {
|
|
FilterCookies(std::move(filter), std::move(promise),
|
|
net::cookie_util::StripAccessResults(list));
|
|
}
|
|
|
|
// Parse dictionary property to CanonicalCookie time correctly.
|
|
base::Time ParseTimeProperty(const std::optional<double>& value) {
|
|
if (!value) // empty time means ignoring the parameter
|
|
return base::Time();
|
|
if (*value == 0) // FromSecondsSinceUnixEpoch would convert 0 to empty Time
|
|
return base::Time::UnixEpoch();
|
|
return base::Time::FromSecondsSinceUnixEpoch(*value);
|
|
}
|
|
|
|
std::string_view InclusionStatusToString(net::CookieInclusionStatus status) {
|
|
if (status.HasExclusionReason(net::CookieInclusionStatus::EXCLUDE_HTTP_ONLY))
|
|
return "Failed to create httponly cookie";
|
|
if (status.HasExclusionReason(
|
|
net::CookieInclusionStatus::EXCLUDE_SECURE_ONLY))
|
|
return "Cannot create a secure cookie from an insecure URL";
|
|
if (status.HasExclusionReason(
|
|
net::CookieInclusionStatus::EXCLUDE_FAILURE_TO_STORE))
|
|
return "Failed to parse cookie";
|
|
if (status.HasExclusionReason(
|
|
net::CookieInclusionStatus::EXCLUDE_INVALID_DOMAIN))
|
|
return "Failed to set cookie with an invalid domain attribute";
|
|
if (status.HasExclusionReason(
|
|
net::CookieInclusionStatus::EXCLUDE_INVALID_PREFIX))
|
|
return "Failed because the cookie violated prefix rules.";
|
|
if (status.HasExclusionReason(
|
|
net::CookieInclusionStatus::EXCLUDE_NONCOOKIEABLE_SCHEME))
|
|
return "Cannot set cookie for current scheme";
|
|
return "Setting cookie failed";
|
|
}
|
|
|
|
std::string StringToCookieSameSite(const std::string* str_ptr,
|
|
net::CookieSameSite* same_site) {
|
|
if (!str_ptr) {
|
|
*same_site = net::CookieSameSite::LAX_MODE;
|
|
return "";
|
|
}
|
|
const std::string& str = *str_ptr;
|
|
if (str == "unspecified") {
|
|
*same_site = net::CookieSameSite::UNSPECIFIED;
|
|
} else if (str == "no_restriction") {
|
|
*same_site = net::CookieSameSite::NO_RESTRICTION;
|
|
} else if (str == "lax") {
|
|
*same_site = net::CookieSameSite::LAX_MODE;
|
|
} else if (str == "strict") {
|
|
*same_site = net::CookieSameSite::STRICT_MODE;
|
|
} else {
|
|
return "Failed to convert '" + str +
|
|
"' to an appropriate cookie same site value";
|
|
}
|
|
return "";
|
|
}
|
|
|
|
} // namespace
|
|
|
|
gin::WrapperInfo Cookies::kWrapperInfo = {gin::kEmbedderNativeGin};
|
|
|
|
Cookies::Cookies(v8::Isolate* isolate, ElectronBrowserContext* browser_context)
|
|
: browser_context_(browser_context) {
|
|
cookie_change_subscription_ =
|
|
browser_context_->cookie_change_notifier()->RegisterCookieChangeCallback(
|
|
base::BindRepeating(&Cookies::OnCookieChanged,
|
|
base::Unretained(this)));
|
|
}
|
|
|
|
Cookies::~Cookies() = default;
|
|
|
|
v8::Local<v8::Promise> Cookies::Get(v8::Isolate* isolate,
|
|
const gin_helper::Dictionary& filter) {
|
|
gin_helper::Promise<net::CookieList> promise(isolate);
|
|
v8::Local<v8::Promise> handle = promise.GetHandle();
|
|
|
|
auto* storage_partition = browser_context_->GetDefaultStoragePartition();
|
|
auto* manager = storage_partition->GetCookieManagerForBrowserProcess();
|
|
|
|
base::Value::Dict dict;
|
|
gin::ConvertFromV8(isolate, filter.GetHandle(), &dict);
|
|
|
|
std::string url;
|
|
filter.Get("url", &url);
|
|
if (url.empty()) {
|
|
manager->GetAllCookies(
|
|
base::BindOnce(&FilterCookies, std::move(dict), std::move(promise)));
|
|
} else {
|
|
net::CookieOptions options;
|
|
options.set_include_httponly();
|
|
options.set_same_site_cookie_context(
|
|
net::CookieOptions::SameSiteCookieContext::MakeInclusive());
|
|
options.set_do_not_update_access_time();
|
|
|
|
manager->GetCookieList(GURL(url), options,
|
|
net::CookiePartitionKeyCollection::Todo(),
|
|
base::BindOnce(&FilterCookieWithStatuses,
|
|
std::move(dict), std::move(promise)));
|
|
}
|
|
|
|
return handle;
|
|
}
|
|
|
|
v8::Local<v8::Promise> Cookies::Remove(v8::Isolate* isolate,
|
|
const GURL& url,
|
|
const std::string& name) {
|
|
gin_helper::Promise<void> promise(isolate);
|
|
v8::Local<v8::Promise> handle = promise.GetHandle();
|
|
|
|
auto cookie_deletion_filter = network::mojom::CookieDeletionFilter::New();
|
|
cookie_deletion_filter->url = url;
|
|
cookie_deletion_filter->cookie_name = name;
|
|
|
|
auto* storage_partition = browser_context_->GetDefaultStoragePartition();
|
|
auto* manager = storage_partition->GetCookieManagerForBrowserProcess();
|
|
|
|
manager->DeleteCookies(
|
|
std::move(cookie_deletion_filter),
|
|
base::BindOnce(
|
|
[](gin_helper::Promise<void> promise, uint32_t num_deleted) {
|
|
gin_helper::Promise<void>::ResolvePromise(std::move(promise));
|
|
},
|
|
std::move(promise)));
|
|
|
|
return handle;
|
|
}
|
|
|
|
v8::Local<v8::Promise> Cookies::Set(v8::Isolate* isolate,
|
|
base::Value::Dict details) {
|
|
gin_helper::Promise<void> promise(isolate);
|
|
v8::Local<v8::Promise> handle = promise.GetHandle();
|
|
|
|
const std::string* url_string = details.FindString("url");
|
|
if (!url_string) {
|
|
promise.RejectWithErrorMessage("Missing required option 'url'");
|
|
return handle;
|
|
}
|
|
const std::string* name = details.FindString("name");
|
|
const std::string* value = details.FindString("value");
|
|
const std::string* domain = details.FindString("domain");
|
|
const std::string* path = details.FindString("path");
|
|
bool http_only = details.FindBool("httpOnly").value_or(false);
|
|
const std::string* same_site_string = details.FindString("sameSite");
|
|
net::CookieSameSite same_site;
|
|
std::string error = StringToCookieSameSite(same_site_string, &same_site);
|
|
if (!error.empty()) {
|
|
promise.RejectWithErrorMessage(error);
|
|
return handle;
|
|
}
|
|
bool secure = details.FindBool("secure").value_or(
|
|
same_site == net::CookieSameSite::NO_RESTRICTION);
|
|
|
|
GURL url(url_string ? *url_string : "");
|
|
if (!url.is_valid()) {
|
|
promise.RejectWithErrorMessage(
|
|
InclusionStatusToString(net::CookieInclusionStatus(
|
|
net::CookieInclusionStatus::EXCLUDE_INVALID_DOMAIN)));
|
|
return handle;
|
|
}
|
|
|
|
net::CookieInclusionStatus status;
|
|
auto canonical_cookie = net::CanonicalCookie::CreateSanitizedCookie(
|
|
url, name ? *name : "", value ? *value : "", domain ? *domain : "",
|
|
path ? *path : "", ParseTimeProperty(details.FindDouble("creationDate")),
|
|
ParseTimeProperty(details.FindDouble("expirationDate")),
|
|
ParseTimeProperty(details.FindDouble("lastAccessDate")), secure,
|
|
http_only, same_site, net::COOKIE_PRIORITY_DEFAULT, std::nullopt,
|
|
&status);
|
|
|
|
if (!canonical_cookie || !canonical_cookie->IsCanonical()) {
|
|
promise.RejectWithErrorMessage(InclusionStatusToString(
|
|
!status.IsInclude()
|
|
? status
|
|
: net::CookieInclusionStatus(
|
|
net::CookieInclusionStatus::EXCLUDE_FAILURE_TO_STORE)));
|
|
return handle;
|
|
}
|
|
|
|
net::CookieOptions options;
|
|
if (http_only) {
|
|
options.set_include_httponly();
|
|
}
|
|
options.set_same_site_cookie_context(
|
|
net::CookieOptions::SameSiteCookieContext::MakeInclusive());
|
|
|
|
auto* storage_partition = browser_context_->GetDefaultStoragePartition();
|
|
auto* manager = storage_partition->GetCookieManagerForBrowserProcess();
|
|
manager->SetCanonicalCookie(
|
|
*canonical_cookie, url, options,
|
|
base::BindOnce(
|
|
[](gin_helper::Promise<void> promise, net::CookieAccessResult r) {
|
|
if (r.status.IsInclude()) {
|
|
promise.Resolve();
|
|
} else {
|
|
promise.RejectWithErrorMessage(InclusionStatusToString(r.status));
|
|
}
|
|
},
|
|
std::move(promise)));
|
|
|
|
return handle;
|
|
}
|
|
|
|
v8::Local<v8::Promise> Cookies::FlushStore(v8::Isolate* isolate) {
|
|
gin_helper::Promise<void> promise(isolate);
|
|
v8::Local<v8::Promise> handle = promise.GetHandle();
|
|
|
|
auto* storage_partition = browser_context_->GetDefaultStoragePartition();
|
|
auto* manager = storage_partition->GetCookieManagerForBrowserProcess();
|
|
|
|
manager->FlushCookieStore(base::BindOnce(
|
|
gin_helper::Promise<void>::ResolvePromise, std::move(promise)));
|
|
|
|
return handle;
|
|
}
|
|
|
|
void Cookies::OnCookieChanged(const net::CookieChangeInfo& change) {
|
|
v8::Isolate* isolate = JavascriptEnvironment::GetIsolate();
|
|
v8::HandleScope scope(isolate);
|
|
Emit("changed", gin::ConvertToV8(isolate, change.cookie),
|
|
gin::ConvertToV8(isolate, change.cause),
|
|
gin::ConvertToV8(isolate,
|
|
change.cause != net::CookieChangeCause::INSERTED));
|
|
}
|
|
|
|
// static
|
|
gin::Handle<Cookies> Cookies::Create(v8::Isolate* isolate,
|
|
ElectronBrowserContext* browser_context) {
|
|
return gin::CreateHandle(isolate, new Cookies(isolate, browser_context));
|
|
}
|
|
|
|
gin::ObjectTemplateBuilder Cookies::GetObjectTemplateBuilder(
|
|
v8::Isolate* isolate) {
|
|
return gin_helper::EventEmitterMixin<Cookies>::GetObjectTemplateBuilder(
|
|
isolate)
|
|
.SetMethod("get", &Cookies::Get)
|
|
.SetMethod("remove", &Cookies::Remove)
|
|
.SetMethod("set", &Cookies::Set)
|
|
.SetMethod("flushStore", &Cookies::FlushStore);
|
|
}
|
|
|
|
const char* Cookies::GetTypeName() {
|
|
return "Cookies";
|
|
}
|
|
|
|
} // namespace electron::api
|