Skip to content

Commit

Permalink
Merge branch '21-x-y' into trop/21-x-y-bp-feat-allow-custom-v8-snapsh…
Browse files Browse the repository at this point in the history
…ots-to-be-used-in-the-main-process-and-the-default-snapshot-in-the-renderer-process-1663273306165
  • Loading branch information
jkleinsc committed Sep 21, 2022
2 parents a9dc05a + 199ccfd commit aeec599
Show file tree
Hide file tree
Showing 30 changed files with 342 additions and 38 deletions.
2 changes: 1 addition & 1 deletion .nvmrc
@@ -1 +1 @@
14
16
2 changes: 1 addition & 1 deletion ELECTRON_VERSION
@@ -1 +1 @@
21.0.0-beta.5
21.0.0-beta.7
10 changes: 10 additions & 0 deletions docs/api/web-frame-main.md
Expand Up @@ -169,6 +169,16 @@ convenient when `nodeIntegrationInSubFrames` is not enabled.

A `string` representing the current URL of the frame.

#### `frame.origin` _Readonly_

A `string` representing the current origin of the frame, serialized according
to [RFC 6454](https://www.rfc-editor.org/rfc/rfc6454). This may be different
from the URL. For instance, if the frame is a child window opened to
`about:blank`, then `frame.origin` will return the parent frame's origin, while
`frame.url` will return the empty string. Pages without a scheme/host/port
triple origin will have the serialized origin of `"null"` (that is, the string
containing the letters n, u, l, l).

#### `frame.top` _Readonly_

A `WebFrameMain | null` representing top frame in the frame hierarchy to which `frame`
Expand Down
2 changes: 1 addition & 1 deletion docs/tutorial/security.md
Expand Up @@ -256,7 +256,7 @@ the sandbox in all renderers. Loading, reading or processing any untrusted
content in an unsandboxed process, including the main process, is not advised.

:::info
For more information on what `contextIsolation` is and how to enable it please
For more information on what Process Sandboxing is and how to enable it please
see our dedicated [Process Sandboxing](sandbox.md) document.
:::info

Expand Down
2 changes: 1 addition & 1 deletion lib/browser/.eslintrc.json
Expand Up @@ -18,4 +18,4 @@
}
]
}
}
}
23 changes: 23 additions & 0 deletions lib/common/.eslintrc.json
@@ -0,0 +1,23 @@
{
"rules": {
"no-restricted-imports": [
"error",
{
"paths": [
"electron",
"electron/main",
"electron/renderer"
],
"patterns": [
"./*",
"../*",
"@electron/internal/browser/*",
"@electron/internal/isolated_renderer/*",
"@electron/internal/renderer/*",
"@electron/internal/sandboxed_worker/*",
"@electron/internal/worker/*"
]
}
]
}
}
1 change: 1 addition & 0 deletions lib/common/api/clipboard.ts
@@ -1,5 +1,6 @@
import { IPC_MESSAGES } from '@electron/internal/common/ipc-messages';

// eslint-disable-next-line no-restricted-imports
import type * as ipcRendererUtilsModule from '@electron/internal/renderer/ipc-renderer-internal-utils';

const clipboard = process._linkedBinding('electron_common_clipboard');
Expand Down
18 changes: 18 additions & 0 deletions lib/isolated_renderer/.eslintrc.json
@@ -0,0 +1,18 @@
{
"rules": {
"no-restricted-imports": [
"error",
{
"paths": [
"electron",
"electron/main"
],
"patterns": [
"./*",
"../*",
"@electron/internal/browser/*"
]
}
]
}
}
18 changes: 18 additions & 0 deletions lib/renderer/.eslintrc.json
@@ -0,0 +1,18 @@
{
"rules": {
"no-restricted-imports": [
"error",
{
"paths": [
"electron",
"electron/main"
],
"patterns": [
"./*",
"../*",
"@electron/internal/browser/*"
]
}
]
}
}
2 changes: 1 addition & 1 deletion lib/renderer/common-init.ts
@@ -1,4 +1,4 @@
import { ipcRenderer } from 'electron';
import { ipcRenderer } from 'electron/renderer';
import { ipcRendererInternal } from '@electron/internal/renderer/ipc-renderer-internal';

import type * as webViewInitModule from '@electron/internal/renderer/web-view/web-view-init';
Expand Down
2 changes: 1 addition & 1 deletion lib/renderer/inspector.ts
Expand Up @@ -2,7 +2,7 @@ import { internalContextBridge } from '@electron/internal/renderer/api/context-b
import { ipcRendererInternal } from '@electron/internal/renderer/ipc-renderer-internal';
import * as ipcRendererUtils from '@electron/internal/renderer/ipc-renderer-internal-utils';
import { webFrame } from 'electron/renderer';
import { IPC_MESSAGES } from '../common/ipc-messages';
import { IPC_MESSAGES } from '@electron/internal/common/ipc-messages';

const { contextIsolationEnabled } = internalContextBridge;

Expand Down
2 changes: 1 addition & 1 deletion lib/renderer/web-frame-init.ts
@@ -1,4 +1,4 @@
import { webFrame, WebFrame } from 'electron';
import { webFrame, WebFrame } from 'electron/renderer';
import * as ipcRendererUtils from '@electron/internal/renderer/ipc-renderer-internal-utils';
import { IPC_MESSAGES } from '@electron/internal/common/ipc-messages';

Expand Down
18 changes: 18 additions & 0 deletions lib/sandboxed_renderer/.eslintrc.json
@@ -0,0 +1,18 @@
{
"rules": {
"no-restricted-imports": [
"error",
{
"paths": [
"electron",
"electron/main"
],
"patterns": [
"./*",
"../*",
"@electron/internal/browser/*"
]
}
]
}
}
18 changes: 18 additions & 0 deletions lib/worker/.eslintrc.json
@@ -0,0 +1,18 @@
{
"rules": {
"no-restricted-imports": [
"error",
{
"paths": [
"electron",
"electron/main"
],
"patterns": [
"./*",
"../*",
"@electron/internal/browser/*"
]
}
]
}
}
2 changes: 1 addition & 1 deletion package.json
@@ -1,6 +1,6 @@
{
"name": "electron",
"version": "21.0.0-beta.5",
"version": "21.0.0-beta.7",
"repository": "https://github.com/electron/electron",
"description": "Build cross platform desktop apps with JavaScript, HTML, and CSS",
"devDependencies": {
Expand Down
1 change: 1 addition & 0 deletions patches/chromium/.patches
Expand Up @@ -121,4 +121,5 @@ fix_revert_emulationhandler_update_functions_to_early_return.patch
fix_return_v8_value_from_localframe_requestexecutescript.patch
disable_optimization_guide_for_preconnect_feature.patch
fix_the_gn_gen_for_components_segmentation_platform.patch
fix_crash_loading_non-standard_schemes_in_iframes.patch
create_browser_v8_snapshot_file_name_fuse.patch
@@ -0,0 +1,78 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 29 Aug 2022 11:44:57 +0200
Subject: fix: crash loading non-standard schemes in iframes

This fixes a crash that occurs when loading non-standard schemes from
iframes or webviews. This was happening because
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
exceptions to allow built-in non-standard schemes, but does not check
for non-standard schemes registered by the embedder.

Upstream, https://bugs.chromium.org/p/chromium/issues/detail?id=1081397
contains several paths forward - here I chose to swap out the
CHECK in navigation_request.cc from policy->CanAccessDataForOrigin to
policy->CanCommitOriginAndUrl.

Upstreamed at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.

diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
index 37434a26db44ed035fcbebd9febbda10efa859da..060b310d38db85944e37b8a202493212106d8946 100644
--- a/content/browser/renderer_host/navigation_request.cc
+++ b/content/browser/renderer_host/navigation_request.cc
@@ -6573,10 +6573,11 @@ std::pair<url::Origin, std::string> NavigationRequest::
if (IsForMhtmlSubframe())
return origin_with_debug_info;

- int process_id = GetRenderFrameHost()->GetProcess()->GetID();
- auto* policy = ChildProcessSecurityPolicyImpl::GetInstance();
- CHECK(
- policy->CanAccessDataForOrigin(process_id, origin_with_debug_info.first));
+ CanCommitStatus can_commit = GetRenderFrameHost()->CanCommitOriginAndUrl(
+ origin_with_debug_info.first, GetURL(), IsSameDocument(), IsPdf(),
+ GetUrlInfo().is_sandboxed);
+ CHECK_EQ(CanCommitStatus::CAN_COMMIT_ORIGIN_AND_URL, can_commit);
+
return origin_with_debug_info;
}

diff --git a/content/browser/renderer_host/render_frame_host_impl.h b/content/browser/renderer_host/render_frame_host_impl.h
index 6aff64db8cc09f95d658fe9e0bd54c0b4c6ff433..e1dda0c951f9ea6f28b6d43ab2b9d4481f5d7773 100644
--- a/content/browser/renderer_host/render_frame_host_impl.h
+++ b/content/browser/renderer_host/render_frame_host_impl.h
@@ -2557,6 +2557,17 @@ class CONTENT_EXPORT RenderFrameHostImpl
HandleAXEvents(tree_id, std::move(updates_and_events), reset_token);
}

+ // Returns whether the given origin and URL is allowed to commit in the
+ // current RenderFrameHost. The |url| is used to ensure it matches the origin
+ // in cases where it is applicable. This is a more conservative check than
+ // RenderProcessHost::FilterURL, since it will be used to kill processes that
+ // commit unauthorized origins.
+ CanCommitStatus CanCommitOriginAndUrl(const url::Origin& origin,
+ const GURL& url,
+ bool is_same_document_navigation,
+ bool is_pdf,
+ bool is_sandboxed);
+
protected:
friend class RenderFrameHostFactory;

@@ -2892,17 +2903,6 @@ class CONTENT_EXPORT RenderFrameHostImpl
// relevant.
void ResetWaitingState();

- // Returns whether the given origin and URL is allowed to commit in the
- // current RenderFrameHost. The |url| is used to ensure it matches the origin
- // in cases where it is applicable. This is a more conservative check than
- // RenderProcessHost::FilterURL, since it will be used to kill processes that
- // commit unauthorized origins.
- CanCommitStatus CanCommitOriginAndUrl(const url::Origin& origin,
- const GURL& url,
- bool is_same_document_navigation,
- bool is_pdf,
- bool is_sandboxed);
-
// Returns whether a subframe navigation request should be allowed to commit
// to the current RenderFrameHost.
bool CanSubframeCommitOriginAndUrl(NavigationRequest* navigation_request);
16 changes: 15 additions & 1 deletion patches/node/fix_crash_caused_by_gethostnamew_on_windows_7.patch
Expand Up @@ -6,7 +6,7 @@ Subject: fix: crash caused by GetHostNameW on Windows 7
Backported from https://github.com/libuv/libuv/pull/3285.

diff --git a/deps/uv/src/win/util.c b/deps/uv/src/win/util.c
index 33e874ac442f88b58d2b68c8ec9764f6f664552e..2d4cc0aaa02e61bf359e80eca27527efb49fd85e 100644
index 33e874ac442f88b58d2b68c8ec9764f6f664552e..37ece5e2867ab836492a8b7faa0aa5e1b8e562f0 100644
--- a/deps/uv/src/win/util.c
+++ b/deps/uv/src/win/util.c
@@ -37,6 +37,7 @@
Expand Down Expand Up @@ -166,3 +166,17 @@ index 33e874ac442f88b58d2b68c8ec9764f6f664552e..2d4cc0aaa02e61bf359e80eca27527ef
int uv_os_gethostname(char* buffer, size_t* size) {
WCHAR buf[UV_MAXHOSTNAMESIZE];
size_t len;
@@ -1674,10 +1803,10 @@ int uv_os_gethostname(char* buffer, size_t* size) {

uv__once_init(); /* Initialize winsock */

- if (pGetHostNameW == NULL)
- return UV_ENOSYS;
+ uv_sGetHostNameW gethostnamew =
+ pGetHostNameW == NULL ? uv__gethostnamew_nt60 : pGetHostNameW;

- if (pGetHostNameW(buf, UV_MAXHOSTNAMESIZE) != 0)
+ if (gethostnamew(buf, UV_MAXHOSTNAMESIZE) != 0)
return uv_translate_sys_error(WSAGetLastError());

convert_result = uv__convert_utf16_to_utf8(buf, -1, &utf8_str);
Expand Up @@ -6,7 +6,7 @@ Subject: fix: suppress clang -Wdeprecated-declarations in libuv
Should be upstreamed.

diff --git a/deps/uv/src/win/util.c b/deps/uv/src/win/util.c
index 2d4cc0aaa02e61bf359e80eca27527efb49fd85e..aaa16052e2a9c7d1dca82763c41c0890371f1471 100644
index 37ece5e2867ab836492a8b7faa0aa5e1b8e562f0..d50296728f7e0810064647125a469f3ed714f8ea 100644
--- a/deps/uv/src/win/util.c
+++ b/deps/uv/src/win/util.c
@@ -1950,10 +1950,17 @@ int uv_os_uname(uv_utsname_t* buffer) {
Expand Down
3 changes: 2 additions & 1 deletion script/check-symlinks.js
Expand Up @@ -2,13 +2,14 @@ const fs = require('fs');
const path = require('path');

const utils = require('./lib/utils');
const branding = require('../shell/app/BRANDING.json');

if (process.platform !== 'darwin') {
console.log('Not checking symlinks on non-darwin platform');
process.exit(0);
}

const appPath = path.resolve(__dirname, '..', '..', 'out', utils.getOutDir(), 'Electron.app');
const appPath = path.resolve(__dirname, '..', '..', 'out', utils.getOutDir(), `${branding.product_name}.app`);
const visited = new Set();
const traverse = (p) => {
if (visited.has(p)) return;
Expand Down
7 changes: 5 additions & 2 deletions shell/browser/api/electron_api_web_contents.cc
Expand Up @@ -143,6 +143,10 @@
#include "shell/browser/osr/osr_web_contents_view.h"
#endif

#if BUILDFLAG(IS_WIN)
#include "shell/browser/native_window_views.h"
#endif

#if !BUILDFLAG(IS_MAC)
#include "ui/aura/window.h"
#else
Expand Down Expand Up @@ -175,9 +179,8 @@

#if BUILDFLAG(IS_WIN)
#include "printing/backend/win_helper.h"
#include "shell/browser/native_window_views.h"
#endif
#endif
#endif // BUILDFLAG(ENABLE_PRINTING)

#if BUILDFLAG(ENABLE_PICTURE_IN_PICTURE)
#include "chrome/browser/picture_in_picture/picture_in_picture_window_manager.h"
Expand Down
7 changes: 7 additions & 0 deletions shell/browser/api/electron_api_web_frame_main.cc
Expand Up @@ -296,6 +296,12 @@ GURL WebFrameMain::URL() const {
return render_frame_->GetLastCommittedURL();
}

std::string WebFrameMain::Origin() const {
if (!CheckRenderFrame())
return std::string();
return render_frame_->GetLastCommittedOrigin().Serialize();
}

blink::mojom::PageVisibilityState WebFrameMain::VisibilityState() const {
if (!CheckRenderFrame())
return blink::mojom::PageVisibilityState::kHidden;
Expand Down Expand Up @@ -397,6 +403,7 @@ v8::Local<v8::ObjectTemplate> WebFrameMain::FillObjectTemplate(
.SetProperty("processId", &WebFrameMain::ProcessID)
.SetProperty("routingId", &WebFrameMain::RoutingID)
.SetProperty("url", &WebFrameMain::URL)
.SetProperty("origin", &WebFrameMain::Origin)
.SetProperty("visibilityState", &WebFrameMain::VisibilityState)
.SetProperty("top", &WebFrameMain::Top)
.SetProperty("parent", &WebFrameMain::Parent)
Expand Down
1 change: 1 addition & 0 deletions shell/browser/api/electron_api_web_frame_main.h
Expand Up @@ -109,6 +109,7 @@ class WebFrameMain : public gin::Wrappable<WebFrameMain>,
int ProcessID() const;
int RoutingID() const;
GURL URL() const;
std::string Origin() const;
blink::mojom::PageVisibilityState VisibilityState() const;

content::RenderFrameHost* Top() const;
Expand Down
4 changes: 2 additions & 2 deletions shell/browser/resources/win/electron.rc
Expand Up @@ -50,8 +50,8 @@ END
//

VS_VERSION_INFO VERSIONINFO
FILEVERSION 21,0,0,5
PRODUCTVERSION 21,0,0,5
FILEVERSION 21,0,0,7
PRODUCTVERSION 21,0,0,7
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
Expand Down
10 changes: 6 additions & 4 deletions shell/browser/serial/electron_serial_delegate.cc
Expand Up @@ -66,16 +66,18 @@ device::mojom::SerialPortManager* ElectronSerialDelegate::GetPortManager(
return GetChooserContext(frame)->GetPortManager();
}

void ElectronSerialDelegate::AddObserver(content::RenderFrameHost* frame,
Observer* observer) {
void ElectronSerialDelegate::AddObserver(
content::RenderFrameHost* frame,
content::SerialDelegate::Observer* observer) {
observer_list_.AddObserver(observer);
auto* chooser_context = GetChooserContext(frame);
if (!port_observation_.IsObserving())
port_observation_.Observe(chooser_context);
}

void ElectronSerialDelegate::RemoveObserver(content::RenderFrameHost* frame,
Observer* observer) {
void ElectronSerialDelegate::RemoveObserver(
content::RenderFrameHost* frame,
content::SerialDelegate::Observer* observer) {
observer_list_.RemoveObserver(observer);
}

Expand Down

0 comments on commit aeec599

Please sign in to comment.