diff options
Diffstat (limited to 'packages/main/src/infrastructure/electron/impl')
-rw-r--r-- | packages/main/src/infrastructure/electron/impl/hardenSession.ts | 87 | ||||
-rw-r--r-- | packages/main/src/infrastructure/electron/impl/lockWebContentsToFile.ts | 59 |
2 files changed, 146 insertions, 0 deletions
diff --git a/packages/main/src/infrastructure/electron/impl/hardenSession.ts b/packages/main/src/infrastructure/electron/impl/hardenSession.ts new file mode 100644 index 0000000..71d8148 --- /dev/null +++ b/packages/main/src/infrastructure/electron/impl/hardenSession.ts | |||
@@ -0,0 +1,87 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2022 Kristóf Marussy <kristof@marussy.com> | ||
3 | * | ||
4 | * This file is part of Sophie. | ||
5 | * | ||
6 | * Sophie is free software: you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU Affero General Public License as | ||
8 | * published by the Free Software Foundation, version 3. | ||
9 | * | ||
10 | * This program is distributed in the hope that it will be useful, | ||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | * GNU Affero General Public License for more details. | ||
14 | * | ||
15 | * You should have received a copy of the GNU Affero General Public License | ||
16 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
17 | * | ||
18 | * SPDX-License-Identifier: AGPL-3.0-only | ||
19 | */ | ||
20 | |||
21 | import { URL } from 'node:url'; | ||
22 | |||
23 | import type { Session } from 'electron'; | ||
24 | |||
25 | import { getLogger } from '../../../utils/log'; | ||
26 | import type Resources from '../../resources/Resources'; | ||
27 | |||
28 | import { DEVMODE_ALLOWED_URL_PREFIXES } from './devTools'; | ||
29 | |||
30 | const log = getLogger('hardenSession'); | ||
31 | |||
32 | /** | ||
33 | * Hardens a session to prevent loading resources outside the renderer resources and | ||
34 | * to reject all permission requests. | ||
35 | * | ||
36 | * In dev mode, installation of extensions and opening the devtools will be allowed. | ||
37 | * | ||
38 | * @param resources The resource handle associated with the paths and URL of the application. | ||
39 | * @param devMode Whether the application is in development mode. | ||
40 | * @param session The session to harden. | ||
41 | */ | ||
42 | export default function hardenSession( | ||
43 | resources: Resources, | ||
44 | devMode: boolean, | ||
45 | session: Session, | ||
46 | ): void { | ||
47 | session.setPermissionRequestHandler((_webContents, _permission, callback) => { | ||
48 | callback(false); | ||
49 | }); | ||
50 | |||
51 | const rendererBaseURL = resources.getRendererURL('/'); | ||
52 | log.debug('Renderer base URL:', rendererBaseURL); | ||
53 | |||
54 | const webSocketBaseURL = rendererBaseURL.replace(/^http(s)?:/, 'ws$1:'); | ||
55 | log.debug('WebSocket base URL:', webSocketBaseURL); | ||
56 | |||
57 | function shouldCancelRequest(url: string, method: string): boolean { | ||
58 | if (method !== 'GET') { | ||
59 | return true; | ||
60 | } | ||
61 | let normalizedURL: string; | ||
62 | try { | ||
63 | normalizedURL = new URL(url).toString(); | ||
64 | } catch { | ||
65 | return true; | ||
66 | } | ||
67 | if ( | ||
68 | devMode && | ||
69 | DEVMODE_ALLOWED_URL_PREFIXES.some((prefix) => | ||
70 | normalizedURL.startsWith(prefix), | ||
71 | ) | ||
72 | ) { | ||
73 | return false; | ||
74 | } | ||
75 | const isHttp = normalizedURL.startsWith(rendererBaseURL); | ||
76 | const isWs = normalizedURL.startsWith(webSocketBaseURL); | ||
77 | return !isHttp && !isWs; | ||
78 | } | ||
79 | |||
80 | session.webRequest.onBeforeRequest(({ url, method }, callback) => { | ||
81 | const cancel = shouldCancelRequest(url, method); | ||
82 | if (cancel) { | ||
83 | log.error('Prevented loading', method, url); | ||
84 | } | ||
85 | callback({ cancel }); | ||
86 | }); | ||
87 | } | ||
diff --git a/packages/main/src/infrastructure/electron/impl/lockWebContentsToFile.ts b/packages/main/src/infrastructure/electron/impl/lockWebContentsToFile.ts new file mode 100644 index 0000000..6b458e0 --- /dev/null +++ b/packages/main/src/infrastructure/electron/impl/lockWebContentsToFile.ts | |||
@@ -0,0 +1,59 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2022 Kristóf Marussy <kristof@marussy.com> | ||
3 | * | ||
4 | * This file is part of Sophie. | ||
5 | * | ||
6 | * Sophie is free software: you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU Affero General Public License as | ||
8 | * published by the Free Software Foundation, version 3. | ||
9 | * | ||
10 | * This program is distributed in the hope that it will be useful, | ||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | * GNU Affero General Public License for more details. | ||
14 | * | ||
15 | * You should have received a copy of the GNU Affero General Public License | ||
16 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
17 | * | ||
18 | * SPDX-License-Identifier: AGPL-3.0-only | ||
19 | */ | ||
20 | |||
21 | import { WebContents } from 'electron'; | ||
22 | |||
23 | import { getLogger } from '../../../utils/log'; | ||
24 | import type Resources from '../../resources/Resources'; | ||
25 | |||
26 | const log = getLogger('lockWebContentsToFile'); | ||
27 | |||
28 | /** | ||
29 | * Loads the specified file in the webContents and prevent navigating away. | ||
30 | * | ||
31 | * Both navigating away to a different URL and opening a new window will be disallowed. | ||
32 | * | ||
33 | * @param resources The resource handle associated with the paths and URL of the application. | ||
34 | * @param filePath The path to the file in the render package to load. | ||
35 | * @param webContents The webContents to lock. | ||
36 | */ | ||
37 | export default function lockWebContentsToFile( | ||
38 | resources: Resources, | ||
39 | filePath: string, | ||
40 | webContents: WebContents, | ||
41 | ): Promise<void> { | ||
42 | const pageURL = resources.getRendererURL(filePath); | ||
43 | |||
44 | webContents.setWindowOpenHandler(() => ({ action: 'deny' })); | ||
45 | |||
46 | webContents.on('will-navigate', (event, url) => { | ||
47 | if (url !== pageURL) { | ||
48 | log.error( | ||
49 | 'Prevented webContents locked to', | ||
50 | pageURL, | ||
51 | 'from navigating to', | ||
52 | url, | ||
53 | ); | ||
54 | event.preventDefault(); | ||
55 | } | ||
56 | }); | ||
57 | |||
58 | return webContents.loadURL(pageURL); | ||
59 | } | ||