Skip to content

Commit d3efc52

Browse files
miniakalexeykuzmin
miniak
authored and
alexeykuzmin
committed
feat: add webPreferences.enableRemoteModule option (electron#13028)
1 parent 72db5ed commit d3efc52

36 files changed

+303
-45
lines changed

atom/browser/api/atom_api_web_contents.cc

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1904,6 +1904,13 @@ v8::Local<v8::Value> WebContents::GetLastWebPreferences(
19041904
return mate::ConvertToV8(isolate, *web_preferences->last_preference());
19051905
}
19061906

1907+
bool WebContents::IsRemoteModuleEnabled() const {
1908+
if (auto* web_preferences = WebContentsPreferences::From(web_contents())) {
1909+
return web_preferences->IsRemoteModuleEnabled();
1910+
}
1911+
return true;
1912+
}
1913+
19071914
v8::Local<v8::Value> WebContents::GetOwnerBrowserWindow() const {
19081915
if (owner_window())
19091916
return BrowserWindow::From(isolate(), owner_window());
@@ -2074,6 +2081,7 @@ void WebContents::BuildPrototype(v8::Isolate* isolate,
20742081
.SetMethod("_getPreloadPath", &WebContents::GetPreloadPath)
20752082
.SetMethod("getWebPreferences", &WebContents::GetWebPreferences)
20762083
.SetMethod("getLastWebPreferences", &WebContents::GetLastWebPreferences)
2084+
.SetMethod("_isRemoteModuleEnabled", &WebContents::IsRemoteModuleEnabled)
20772085
.SetMethod("getOwnerBrowserWindow", &WebContents::GetOwnerBrowserWindow)
20782086
.SetMethod("hasServiceWorker", &WebContents::HasServiceWorker)
20792087
.SetMethod("unregisterServiceWorker",

atom/browser/api/atom_api_web_contents.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -248,6 +248,8 @@ class WebContents : public mate::TrackableObject<WebContents>,
248248
v8::Local<v8::Value> GetWebPreferences(v8::Isolate* isolate) const;
249249
v8::Local<v8::Value> GetLastWebPreferences(v8::Isolate* isolate) const;
250250

251+
bool IsRemoteModuleEnabled() const;
252+
251253
// Returns the owner window.
252254
v8::Local<v8::Value> GetOwnerBrowserWindow() const;
253255

atom/browser/web_contents_preferences.cc

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -171,6 +171,10 @@ bool WebContentsPreferences::GetPreference(const base::StringPiece& name,
171171
return GetAsString(&preference_, name, value);
172172
}
173173

174+
bool WebContentsPreferences::IsRemoteModuleEnabled() const {
175+
return IsEnabled(options::kEnableRemoteModule, true);
176+
}
177+
174178
bool WebContentsPreferences::GetPreloadPath(
175179
base::FilePath::StringType* path) const {
176180
DCHECK(path);
@@ -267,6 +271,10 @@ void WebContentsPreferences::AppendCommandLineSwitches(
267271
}
268272
}
269273

274+
// Whether to enable the remote module
275+
if (!IsRemoteModuleEnabled())
276+
command_line->AppendSwitch(switches::kDisableRemoteModule);
277+
270278
// Run Electron APIs and preload script in isolated world
271279
if (IsEnabled(options::kContextIsolation))
272280
command_line->AppendSwitch(switches::kContextIsolation);

atom/browser/web_contents_preferences.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,9 @@ class WebContentsPreferences
5555
// Return true if the particular preference value exists.
5656
bool GetPreference(const base::StringPiece& name, std::string* value) const;
5757

58+
// Whether to enable the remote module
59+
bool IsRemoteModuleEnabled() const;
60+
5861
// Returns the preload script path.
5962
bool GetPreloadPath(base::FilePath::StringType* path) const;
6063

atom/common/options_switches.cc

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,9 @@ const char kPreloadURL[] = "preloadURL";
110110
// Enable the node integration.
111111
const char kNodeIntegration[] = "nodeIntegration";
112112

113+
// Enable the remote module
114+
const char kEnableRemoteModule[] = "enableRemoteModule";
115+
113116
// Enable context isolation of Electron APIs and preload script
114117
const char kContextIsolation[] = "contextIsolation";
115118

@@ -193,6 +196,7 @@ const char kBackgroundColor[] = "background-color";
193196
const char kPreloadScript[] = "preload";
194197
const char kPreloadScripts[] = "preload-scripts";
195198
const char kNodeIntegration[] = "node-integration";
199+
const char kDisableRemoteModule[] = "disable-remote-module";
196200
const char kContextIsolation[] = "context-isolation";
197201
const char kGuestInstanceID[] = "guest-instance-id";
198202
const char kOpenerID[] = "opener-id";

atom/common/options_switches.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@ extern const char kZoomFactor[];
5858
extern const char kPreloadScript[];
5959
extern const char kPreloadURL[];
6060
extern const char kNodeIntegration[];
61+
extern const char kEnableRemoteModule[];
6162
extern const char kContextIsolation[];
6263
extern const char kGuestInstanceID[];
6364
extern const char kExperimentalFeatures[];
@@ -97,6 +98,7 @@ extern const char kBackgroundColor[];
9798
extern const char kPreloadScript[];
9899
extern const char kPreloadScripts[];
99100
extern const char kNodeIntegration[];
101+
extern const char kDisableRemoteModule[];
100102
extern const char kContextIsolation[];
101103
extern const char kGuestInstanceID[];
102104
extern const char kOpenerID[];

atom/renderer/renderer_client_base.cc

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,15 @@ std::vector<std::string> ParseSchemesCLISwitch(base::CommandLine* command_line,
7979
base::SPLIT_WANT_NONEMPTY);
8080
}
8181

82+
void SetHiddenValue(v8::Handle<v8::Context> context,
83+
const base::StringPiece& key,
84+
v8::Local<v8::Value> value) {
85+
v8::Isolate* isolate = context->GetIsolate();
86+
v8::Local<v8::Private> privateKey =
87+
v8::Private::ForApi(isolate, mate::StringToV8(isolate, key));
88+
context->Global()->SetPrivate(context, privateKey, value);
89+
}
90+
8291
} // namespace
8392

8493
RendererClientBase::RendererClientBase() {
@@ -108,10 +117,13 @@ void RendererClientBase::DidCreateScriptContext(
108117
auto context_id = base::StringPrintf(
109118
"%s-%" PRId64, renderer_client_id_.c_str(), ++next_context_id_);
110119
v8::Isolate* isolate = context->GetIsolate();
111-
v8::Local<v8::String> key = mate::StringToSymbol(isolate, "contextId");
112-
v8::Local<v8::Private> private_key = v8::Private::ForApi(isolate, key);
113-
v8::Local<v8::Value> value = mate::ConvertToV8(isolate, context_id);
114-
context->Global()->SetPrivate(context, private_key, value);
120+
SetHiddenValue(context, "contextId", mate::ConvertToV8(isolate, context_id));
121+
122+
auto* command_line = base::CommandLine::ForCurrentProcess();
123+
bool enableRemoteModule =
124+
!command_line->HasSwitch(switches::kDisableRemoteModule);
125+
SetHiddenValue(context, "enableRemoteModule",
126+
mate::ConvertToV8(isolate, enableRemoteModule));
115127
}
116128

117129
void RendererClientBase::AddRenderBindings(

docs/api/browser-window.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -270,6 +270,8 @@ It creates a new `BrowserWindow` with native properties as set by the `options`.
270270
are more limited. Read more about the option [here](sandbox-option.md).
271271
**Note:** This option is currently experimental and may change or be
272272
removed in future Electron releases.
273+
* `enableRemoteModule` Boolean (optional) - Whether to enable the [`remote`](remote.md) module.
274+
Default is `true`.
273275
* `session` [Session](session.md#class-session) (optional) - Sets the session used by the
274276
page. Instead of passing the Session object directly, you can also choose to
275277
use the `partition` option instead, which accepts a partition string. When

docs/api/clipboard.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,9 @@
44
55
Process: [Main](../glossary.md#main-process), [Renderer](../glossary.md#renderer-process)
66

7+
In the renderer process context it depends on the [`remote`](remote.md) module on Linux,
8+
it is therefore not available when this module is disabled.
9+
710
The following example shows how to write a string to the clipboard:
811

912
```javascript

docs/api/remote.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,10 @@ win.loadURL('https://github.com')
2424
**Note:** For the reverse (access the renderer process from the main process),
2525
you can use [webContents.executeJavaScript](web-contents.md#contentsexecutejavascriptcode-usergesture-callback).
2626

27+
**Note:** The remote module can be disabled for security reasons in the following contexts:
28+
- [`BrowserWindow`](browser-window.md) - by setting the `enableRemoteModule` option to `false`.
29+
- [`<webview>`](webview-tag.md) - by setting the `enableremotemodule` attribute to `false`.
30+
2731
## Remote Objects
2832

2933
Each object (including functions) returned by the `remote` module represents an
@@ -180,7 +184,7 @@ belongs.
180184
**Note:** Do not use `removeAllListeners` on [`BrowserWindow`](browser-window.md).
181185
Use of this can remove all [`blur`](https://developer.mozilla.org/en-US/docs/Web/Events/blur)
182186
listeners, disable click events on touch bar buttons, and other unintended
183-
consequences.
187+
consequences.
184188

185189
### `remote.getCurrentWebContents()`
186190

0 commit comments

Comments
 (0)