Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
electron
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix: disallow loading extensions in temp sessions (#22090) (#22571)

Co-authored-by: Jeremy Apthorp <[email protected]>
Co-authored-by: John Kleinschmidt <[email protected]>
Samuel Maddock 5 years ago
parent
0f08c6c874
commit
60f16eaf95
2 changed files with 17 additions and 8 deletions
Split View Show Diff Stats
  1. 5 0
      shell/browser/api/electron_api_session.cc
  2. 12 8
      spec-main/extensions-spec.ts

+ 5 - 0
shell/browser/api/electron_api_session.cc
View File 

@@ -676,6 +676,11 @@ v8::Local<v8::Promise> Session::LoadExtension(
 
     const base::FilePath& extension_path) {
 
   gin_helper::Promise<const extensions::Extension*> promise(isolate());
 
   v8::Local<v8::Promise> handle = promise.GetHandle();
 
+  if (browser_context()->IsOffTheRecord()) {
 
+    promise.RejectWithErrorMessage(
 
+        "Extensions cannot be loaded in a temporary session");
 
+    return handle;
 
+  }
 
 
   auto* extension_system = static_cast<extensions::ElectronExtensionSystem*>(
 
       extensions::ExtensionSystem::Get(browser_context()));

+ 12 - 8
spec-main/extensions-spec.ts
View File 

@@ -24,8 +24,13 @@ ifdescribe(process.electronBinding('features').isExtensionsEnabled())('chrome ex
 
   after(() => {
 
     server.close()
 
   })
 
-
 
   afterEach(closeAllWindows)
 
+  afterEach(() => {
 
+    session.defaultSession.getAllExtensions().forEach((e: any) => {
 
+      session.defaultSession.removeExtension(e.id)
 
+    })
 
+  })
 
+
 
   it('loads an extension', async () => {
 
     // NB. we have to use a persist: session (i.e. non-OTR) because the
 
     // extension registry is redirected to the main session. so installing an
 
@@ -73,13 +78,18 @@ ifdescribe(process.electronBinding('features').isExtensionsEnabled())('chrome ex
 
 
   it('confines an extension to the session it was loaded in', async () => {
 
     const customSession = session.fromPartition(`persist:${require('uuid').v4()}`)
 
-    customSession.loadExtension(path.join(fixtures, 'extensions', 'red-bg'))
 
+    await customSession.loadExtension(path.join(fixtures, 'extensions', 'red-bg'))
 
     const w = new BrowserWindow({ show: false }) // not in the session
 
     await w.loadURL(url)
 
     const bg = await w.webContents.executeJavaScript('document.documentElement.style.backgroundColor')
 
     expect(bg).to.equal('')
 
   })
 
 
+  it('loading an extension in a temporary session throws an error', async () => {
 
+    const customSession = session.fromPartition(require('uuid').v4())
 
+    await expect(customSession.loadExtension(path.join(fixtures, 'extensions', 'red-bg'))).to.eventually.be.rejectedWith('Extensions cannot be loaded in a temporary session')
 
+  })
 
+
 
   describe('chrome.i18n', () => {
 
     let w: BrowserWindow
 
     let extension: Extension
 
@@ -281,12 +291,6 @@ ifdescribe(process.electronBinding('features').isExtensionsEnabled())('chrome ex
 
   })
 
 
   describe('deprecation shims', () => {
 
-    afterEach(() => {
 
-      session.defaultSession.getAllExtensions().forEach((e: any) => {
 
-        session.defaultSession.removeExtension(e.id)
 
-      })
 
-    })
 
-
 
     it('loads an extension through BrowserWindow.addExtension', async () => {
 
       BrowserWindow.addExtension(path.join(fixtures, 'extensions', 'red-bg'))
 
       const w = new BrowserWindow({ show: false })