Merge pull request #163 from vector-im/jryans/context-isolation

Enable context isolation, bridge expected IPC
2024-10-05 10:32:40 +00:00 · 2021-01-13 16:50:26 +00:00 · 2021-01-13 16:50:26 +00:00 · faa217c767
commit faa217c767
parent 19515b614f 5ad0967b07
2 changed files with 43 additions and 11 deletions
--- a/src/electron-main.js
+++ b/src/electron-main.js
@ -1,9 +1,8 @@
 /*
 Copyright 2016 Aviral Dasgupta
 Copyright 2016 OpenMarket Ltd
-Copyright 2018, 2019 New Vector Ltd
 Copyright 2017, 2019 Michael Telatynski <7t3chguy@gmail.com>
-Copyright 2020 The Matrix.org Foundation C.I.C.
+Copyright 2018 - 2021 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@ -922,11 +921,7 @@ app.on('ready', async () => {
            nodeIntegration: false,
            //sandbox: true, // We enable sandboxing from app.enableSandbox() above
            enableRemoteModule: false,
-            // We don't use this: it's useful for the preload script to
-            // share a context with the main page so we can give select
-            // objects to the main page. The sandbox option isolates the
-            // main page from the background script.
-            contextIsolation: false,
+            contextIsolation: true,
            webgl: false,
            spellcheck: true,
        },
--- a/src/preload.js
+++ b/src/preload.js
@ -1,5 +1,5 @@
 /*
-Copyright 2018, 2019 New Vector Ltd
+Copyright 2018, 2019, 2021 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@ -14,7 +14,44 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-const { ipcRenderer } = require('electron');
+const { contextBridge, ipcRenderer } = require("electron");

-// expose ipcRenderer to the renderer process
-window.ipcRenderer = ipcRenderer;
+// Expose only expected IPC wrapper APIs to the renderer process to avoid
+// handing out generalised messaging access.
+
+const CHANNELS = [
+    "app_onAction",
+    "before-quit",
+    "check_updates",
+    "install_update",
+    "ipcCall",
+    "ipcReply",
+    "loudNotification",
+    "preferences",
+    "seshat",
+    "seshatReply",
+    "setBadgeCount",
+    "update-downloaded",
+    "userDownloadCompleted",
+    "userDownloadOpen",
+];
+
+contextBridge.exposeInMainWorld(
+    "electron",
+    {
+        on(channel, listener) {
+            if (!CHANNELS.includes(channel)) {
+                console.error(`Unknown IPC channel ${channel} ignored`);
+                return;
+            }
+            ipcRenderer.on(channel, listener);
+        },
+        send(channel, ...args) {
+            if (!CHANNELS.includes(channel)) {
+                console.error(`Unknown IPC channel ${channel} ignored`);
+                return;
+            }
+            ipcRenderer.send(channel, ...args);
+        },
+    },
+);