mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
electron/shell/common/gin_converters
History
Biru Mohanathas ced2e8779f
feat: Allow detection of MITM HTTPS proxies like ZScaler (#30174) 
* feat: Allow detection of MITM HTTPS proxies like ZScaler

For security purposes, Figma heavily restrics the origins that are
allowed to load within our Electron app. Unfortunately some corporate
environments use MITM proxies like ZScaler, which intercepts our
connection to `https://www.figma.com` and serves a redirect to e.g.
`https://gateway.zscloud.net` before finally redirecting back to
`https://www.figma.com`.

In order to detect this situation and handle it gracefully, we need to
be able to know whether or not the certificate for our own origin
(`https://www.figma.com`) is chained to a known root. We do this by
exposesing `CertVerifyResult::is_issued_by_known_root`.

If the certification verification passed without the certificate being
tied to a known root, we can safely assume that we are dealing with a
MITM proxy that has its root CA installed locally on the machine. This
means that HTTPS can't be trusted so we might as well make life easier
for corporate users by loosening our origin restrictions without any
manual steps.

* Tweak docs wording
2021-08-02 10:24:58 +09:00
..
accelerator_converter.cc
accelerator_converter.h
base_converter.h refactor: move TerminationStatus converter (#26520) 2020-11-17 11:13:58 -08:00
blink_converter.cc feat: expose location and modifiers on before-input-event (#29850) 2021-07-14 20:50:02 +09:00
blink_converter.h feat: expose location and modifiers on before-input-event (#29850) 2021-07-14 20:50:02 +09:00
callback_converter.h refactor: replace base::Bind() with base::BindOnce() / base::BindRepeating() (#27447) 2021-01-25 10:27:40 +09:00
content_converter.cc feat: expose location and modifiers on before-input-event (#29850) 2021-07-14 20:50:02 +09:00
content_converter.h refactor: blink::MenuItem::Type was moved to mojom 2021-03-05 16:39:01 -08:00
extension_converter.cc
extension_converter.h chore: clean up forward declarations (#29904) 2021-07-02 09:51:37 +09:00
file_dialog_converter.cc
file_dialog_converter.h
file_path_converter.h 2757472: Reland "Reland "[LSC] Remove base::string16 alias"" 2021-03-18 15:55:51 -04:00
frame_converter.cc feat: add event.senderFrame property returning the originating webFrameMain (#26764) 2020-12-09 15:34:06 -08:00
frame_converter.h chore: clean up forward declarations (#29904) 2021-07-02 09:51:37 +09:00
gfx_converter.cc feat: include resize edge with will-resize event (#29199) 2021-06-02 11:37:10 +09:00
gfx_converter.h feat: include resize edge with will-resize event (#29199) 2021-06-02 11:37:10 +09:00
guid_converter.h chore: bump chromium to 92.0.4511.0 (master) (#29173) 2021-05-19 16:15:47 -07:00
gurl_converter.h
image_converter.cc refactor: remove path from nativeImage converter (#26546) 2021-01-04 12:58:31 -08:00
image_converter.h
message_box_converter.cc feat: add signal option to dialog.showMessageBox (#26102) 2021-07-15 07:59:27 +09:00
message_box_converter.h
native_window_converter.h chore: cleanup some typos in comments (#25770) 2020-10-13 10:25:21 -07:00
net_converter.cc feat: Allow detection of MITM HTTPS proxies like ZScaler (#30174) 2021-08-02 10:24:58 +09:00
net_converter.h chore: clean up forward declarations (#29904) 2021-07-02 09:51:37 +09:00
std_converter.h refactor: replace v8::Local<T>::Cast() with As<T>() (#29097) 2021-05-12 16:38:21 +09:00
time_converter.cc fix: crashReporter incompatible with sandbox on Linux (#23265) 2020-05-07 13:31:26 -07:00
time_converter.h chore: trim unused STL includes (#29414) 2021-06-01 10:34:44 +09:00
value_converter.cc fix: prevent crash in ListValue v8 converter when conversion fails (#22753) 2020-03-18 13:59:34 -07:00
value_converter.h