* feat: add a new contextBridge module (#20307)
* feat: add a new contextBridge module
* chore: fix docs linting
* feat: add support for function arguments being proxied
* chore: ensure that contextBridge can only be used when contextIsolation is enabled
* docs: getReverseBinding can be null
* docs: fix broken links in md file
* feat: add support for promises in function parameters
* fix: linting failure for explicit constructor
* Update atom_api_context_bridge.cc
* chore: update docs and API design as per feedback
* refactor: remove reverse bindings and handle GC'able functions across the bridge
* chore: only expose debugGC in testing builds
* fix: do not proxy promises as objects
* spec: add complete spec coverage for contextBridge
* spec: add tests for null/undefined and the anti-overwrite logic
* chore: fix linting
* spec: add complex nested back-and-forth function calling
* fix: expose contextBridge in sandboxed renderers
* refactor: improve security of default_app using the new contextBridge module
* s/bindAPIInMainWorld/exposeInMainWorld
* chore: sorry for this commit, its a big one, I fixed like everything and refactored a lot
* chore: remove PassedValueCache as it is unused now
Values transferred from context A to context B are now cachde in the RenderFramePersistenceStore
* chore: move to anonymous namespace
* refactor: remove PassValueToOtherContextWithCache
* chore: remove commented unused code blocks
* chore: remove .only
* chore: remote commented code
* refactor: extract RenderFramePersistenceStore
* spec: ensure it works with numbered keys
* fix: handle number keys correctly
* fix: sort out the linter
* spec: update default_app asar spec for removed file
* refactor: change signatures to return v8 objects directly rather than the mate dictionary handle
* refactor: use the v8 serializer to support cloneable buffers and other object types
* chore: fix linting
* fix: handle hash collisions with a linked list in the map
* fix: enforce a recursion limit on the context bridge
* chore: fix linting
* chore: remove TODO
* chore: adapt for PR feedback
* chore: remove .only
* chore: clean up docs and clean up the proxy map when objects are released
* chore: ensure we cache object values that are cloned through the V8 serializer
* docs: mark contextBridge as experimental (#20638)
* docs: mark contextBridge as experimental
This commit didn't make it to the original PR, quick addition here
* Update context-bridge.md
* chore: update for 7-0-x differences
* chore: update callback header
* chore: add v8 serializer converter, cherry picked from 2fad53e66b
* chore: update for 7-0-x differences
* fix: don't handle browser messages before document element is created
* fix: bind ElectronApiServiceImpl later
DidCreateDocumentElement is called before the ElectronApiServiceImpl
gets bound.
* chore: add comment
* fix: make child windows not crash when ipc messages are received
This also adds a path forward for apps using child windows with
nodeIntegration to migrate into a non-leaky way of doing it.
1. Ensure that if ipcNative is missing we don't crash rather log that it
is missing
2. Add a hidden option `--enable-node-leakage-in-renderers` (temporary
measure) to allow app devs to opt in to leaking node in child windows
3. Bypasses the Opener() check if renderer process reuse is enabled
(which would prevent the leak anyway)
So the path forward is: it no longer crashes --> folks use the hidden
option --> folks opt in to renderer process reuse.
* Apply suggestions from code review
Co-Authored-By: Jeremy Apthorp <jeremya@chromium.org>
* Update shell/renderer/atom_renderer_client.cc
Co-Authored-By: Jeremy Apthorp <jeremya@chromium.org>
* chore: update to node 12.4.0
* chore: fix js2c compilation and usage
* update branch reference
* chore: roll node
* refactor: use the new node::options_parser::Parse method
* fix: make node create our context for us so that everything is initialized correctly
* fix: let node do it's thing to the all contexts
We need to let node know about all the contexts that Chromium creates for the renderer processes so that it does not crash when trying to access primordials. Similar to node::NewContext but with an existing context
* chore: roll node
* chore: roll node
* chore: roll node
* chore: roll node
* fix: ensure that _noBrowserGlobals is set before the node bootstrapper runs
Co-authored-by: Jeremy Apthorp <jeremya@chromium.org>
