Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
electron
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: 11-x-y
Branches Tags
electron
/
spec-main
/
api-subframe-spec.ts

api-subframe-spec.ts 9.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255 
  1. import { expect } from 'chai';
    2. 

  2. import * as path from 'path';
    3. 

  3. import * as http from 'http';
    4. 

  4. import { emittedNTimes, emittedOnce } from './events-helpers';
    5. 

  5. import { closeWindow } from './window-helpers';
    6. 

  6. import { app, BrowserWindow, ipcMain } from 'electron/main';
    7. 

  7. import { AddressInfo } from 'net';
    8. 

  8. import { ifdescribe } from './spec-helpers';
    9. 

  9. 

  10. describe('renderer nodeIntegrationInSubFrames', () => {
    11. 

  11.   const generateTests = (description: string, webPreferences: any) => {
    12. 

  12.     describe(description, () => {
    13. 

  13.       const fixtureSuffix = webPreferences.webviewTag ? '-webview' : '';
    14. 

  14.       let w: BrowserWindow;
    15. 

  15. 

  16.       beforeEach(async () => {
    17. 

  17.         await closeWindow(w);
    18. 

  18.         w = new BrowserWindow({
    19. 

  19.           show: false,
    20. 

  20.           width: 400,
    21. 

  21.           height: 400,
    22. 

  22.           webPreferences
    23. 

  23.         });
    24. 

  24.       });
    25. 

  25. 

  26.       afterEach(async () => {
    27. 

  27.         await closeWindow(w);
    28. 

  28.         w = null as unknown as BrowserWindow;
    29. 

  29.       });
    30. 

  30. 

  31.       it('should load preload scripts in top level iframes', async () => {
    32. 

  32.         const detailsPromise = emittedNTimes(ipcMain, 'preload-ran', 2);
    33. 

  33.         w.loadFile(path.resolve(__dirname, `fixtures/sub-frames/frame-container${fixtureSuffix}.html`));
    34. 

  34.         const [event1, event2] = await detailsPromise;
    35. 

  35.         expect(event1[0].frameId).to.not.equal(event2[0].frameId);
    36. 

  36.         expect(event1[0].frameId).to.equal(event1[2]);
    37. 

  37.         expect(event2[0].frameId).to.equal(event2[2]);
    38. 

  38.       });
    39. 

  39. 

  40.       it('should load preload scripts in nested iframes', async () => {
    41. 

  41.         const detailsPromise = emittedNTimes(ipcMain, 'preload-ran', 3);
    42. 

  42.         w.loadFile(path.resolve(__dirname, `fixtures/sub-frames/frame-with-frame-container${fixtureSuffix}.html`));
    43. 

  43.         const [event1, event2, event3] = await detailsPromise;
    44. 

  44.         expect(event1[0].frameId).to.not.equal(event2[0].frameId);
    45. 

  45.         expect(event1[0].frameId).to.not.equal(event3[0].frameId);
    46. 

  46.         expect(event2[0].frameId).to.not.equal(event3[0].frameId);
    47. 

  47.         expect(event1[0].frameId).to.equal(event1[2]);
    48. 

  48.         expect(event2[0].frameId).to.equal(event2[2]);
    49. 

  49.         expect(event3[0].frameId).to.equal(event3[2]);
    50. 

  50.       });
    51. 

  51. 

  52.       it('should correctly reply to the main frame with using event.reply', async () => {
    53. 

  53.         const detailsPromise = emittedNTimes(ipcMain, 'preload-ran', 2);
    54. 

  54.         w.loadFile(path.resolve(__dirname, `fixtures/sub-frames/frame-container${fixtureSuffix}.html`));
    55. 

  55.         const [event1] = await detailsPromise;
    56. 

  56.         const pongPromise = emittedOnce(ipcMain, 'preload-pong');
    57. 

  57.         event1[0].reply('preload-ping');
    58. 

  58.         const details = await pongPromise;
    59. 

  59.         expect(details[1]).to.equal(event1[0].frameId);
    60. 

  60.       });
    61. 

  61. 

  62.       it('should correctly reply to the sub-frames with using event.reply', async () => {
    63. 

  63.         const detailsPromise = emittedNTimes(ipcMain, 'preload-ran', 2);
    64. 

  64.         w.loadFile(path.resolve(__dirname, `fixtures/sub-frames/frame-container${fixtureSuffix}.html`));
    65. 

  65.         const [, event2] = await detailsPromise;
    66. 

  66.         const pongPromise = emittedOnce(ipcMain, 'preload-pong');
    67. 

  67.         event2[0].reply('preload-ping');
    68. 

  68.         const details = await pongPromise;
    69. 

  69.         expect(details[1]).to.equal(event2[0].frameId);
    70. 

  70.       });
    71. 

  71. 

  72.       it('should correctly reply to the nested sub-frames with using event.reply', async () => {
    73. 

  73.         const detailsPromise = emittedNTimes(ipcMain, 'preload-ran', 3);
    74. 

  74.         w.loadFile(path.resolve(__dirname, `fixtures/sub-frames/frame-with-frame-container${fixtureSuffix}.html`));
    75. 

  75.         const [, , event3] = await detailsPromise;
    76. 

  76.         const pongPromise = emittedOnce(ipcMain, 'preload-pong');
    77. 

  77.         event3[0].reply('preload-ping');
    78. 

  78.         const details = await pongPromise;
    79. 

  79.         expect(details[1]).to.equal(event3[0].frameId);
    80. 

  80.       });
    81. 

  81. 

  82.       it('should not expose globals in main world', async () => {
    83. 

  83.         const detailsPromise = emittedNTimes(ipcMain, 'preload-ran', 2);
    84. 

  84.         w.loadFile(path.resolve(__dirname, `fixtures/sub-frames/frame-container${fixtureSuffix}.html`));
    85. 

  85.         const details = await detailsPromise;
    86. 

  86.         const senders = details.map(event => event[0].sender);
    87. 

  87.         const isolatedGlobals = await Promise.all(senders.map(sender => sender.executeJavaScript('window.isolatedGlobal')));
    88. 

  88.         for (const result of isolatedGlobals) {
    89. 

  89.           if (webPreferences.contextIsolation) {
    90. 

  90.             expect(result).to.be.undefined();
    91. 

  91.           } else {
    92. 

  92.             expect(result).to.equal(true);
    93. 

  93.           }
    94. 

  94.         }
    95. 

  95.       });
    96. 

  96.     });
    97. 

  97.   };
    98. 

  98. 

  99.   const generateConfigs = (webPreferences: any, ...permutations: {name: string, webPreferences: any}[]) => {
    100. 

  100.     const configs = [{ webPreferences, names: [] as string[] }];
    101. 

  101.     for (let i = 0; i < permutations.length; i++) {
    102. 

  102.       const length = configs.length;
    103. 

  103.       for (let j = 0; j < length; j++) {
    104. 

  104.         const newConfig = Object.assign({}, configs[j]);
    105. 

  105.         newConfig.webPreferences = Object.assign({},
    106. 

  106.           newConfig.webPreferences, permutations[i].webPreferences);
    107. 

  107.         newConfig.names = newConfig.names.slice(0);
    108. 

  108.         newConfig.names.push(permutations[i].name);
    109. 

  109.         configs.push(newConfig);
    110. 

  110.       }
    111. 

  111.     }
    112. 

  112. 

  113.     return configs.map((config: any) => {
    114. 

  114.       if (config.names.length > 0) {
    115. 

  115.         config.title = `with ${config.names.join(', ')} on`;
    116. 

  116.       } else {
    117. 

  117.         config.title = 'without anything special turned on';
    118. 

  118.       }
    119. 

  119.       delete config.names;
    120. 

  120. 

  121.       return config as {title: string, webPreferences: any};
    122. 

  122.     });
    123. 

  123.   };
    124. 

  124. 

  125.   generateConfigs(
    126. 

  126.     {
    127. 

  127.       preload: path.resolve(__dirname, 'fixtures/sub-frames/preload.js'),
    128. 

  128.       nodeIntegrationInSubFrames: true
    129. 

  129.     },
    130. 

  130.     {
    131. 

  131.       name: 'sandbox',
    132. 

  132.       webPreferences: { sandbox: true }
    133. 

  133.     },
    134. 

  134.     {
    135. 

  135.       name: 'context isolation',
    136. 

  136.       webPreferences: { contextIsolation: true }
    137. 

  137.     },
    138. 

  138.     {
    139. 

  139.       name: 'webview',
    140. 

  140.       webPreferences: { webviewTag: true, preload: false }
    141. 

  141.     }
    142. 

  142.   ).forEach(config => {
    143. 

  143.     generateTests(config.title, config.webPreferences);
    144. 

  144.   });
    145. 

  145. 

  146.   describe('internal <iframe> inside of <webview>', () => {
    147. 

  147.     let w: BrowserWindow;
    148. 

  148. 

  149.     beforeEach(async () => {
    150. 

  150.       await closeWindow(w);
    151. 

  151.       w = new BrowserWindow({
    152. 

  152.         show: false,
    153. 

  153.         width: 400,
    154. 

  154.         height: 400,
    155. 

  155.         webPreferences: {
    156. 

  156.           preload: path.resolve(__dirname, 'fixtures/sub-frames/webview-iframe-preload.js'),
    157. 

  157.           nodeIntegrationInSubFrames: true,
    158. 

  158.           webviewTag: true
    159. 

  159.         }
    160. 

  160.       });
    161. 

  161.     });
    162. 

  162. 

  163.     afterEach(async () => {
    164. 

  164.       await closeWindow(w);
    165. 

  165.       w = null as unknown as BrowserWindow;
    166. 

  166.     });
    167. 

  167. 

  168.     it('should not load preload scripts', async () => {
    169. 

  169.       const promisePass = emittedOnce(ipcMain, 'webview-loaded');
    170. 

  170.       const promiseFail = emittedOnce(ipcMain, 'preload-in-frame').then(() => {
    171. 

  171.         throw new Error('preload loaded in internal frame');
    172. 

  172.       });
    173. 

  173.       await w.loadURL('about:blank');
    174. 

  174.       return Promise.race([promisePass, promiseFail]);
    175. 

  175.     });
    176. 

  176.   });
    177. 

  177. });
    178. 

  178. 

  179. // app.getAppMetrics() does not return sandbox information on Linux.
    180. 

  180. ifdescribe(process.platform !== 'linux')('cross-site frame sandboxing', () => {
    181. 

  181.   let server: http.Server;
    182. 

  182.   let crossSiteUrl: string;
    183. 

  183.   let serverUrl: string;
    184. 

  184. 

  185.   before(function (done) {
    186. 

  186.     server = http.createServer((req, res) => {
    187. 

  187.       res.end(`<iframe name="frame" src="${crossSiteUrl}" />`);
    188. 

  188.     });
    189. 

  189.     server.listen(0, '127.0.0.1', () => {
    190. 

  190.       serverUrl = `http://127.0.0.1:${(server.address() as AddressInfo).port}/`;
    191. 

  191.       crossSiteUrl = `http://localhost:${(server.address() as AddressInfo).port}/`;
    192. 

  192.       done();
    193. 

  193.     });
    194. 

  194.   });
    195. 

  195. 

  196.   after(() => {
    197. 

  197.     server.close();
    198. 

  198.     server = null as unknown as http.Server;
    199. 

  199.   });
    200. 

  200. 

  201.   let w: BrowserWindow;
    202. 

  202. 

  203.   afterEach(async () => {
    204. 

  204.     await closeWindow(w);
    205. 

  205.     w = null as unknown as BrowserWindow;
    206. 

  206.   });
    207. 

  207. 

  208.   const generateSpecs = (description: string, webPreferences: any) => {
    209. 

  209.     describe(description, () => {
    210. 

  210.       it('iframe process is sandboxed if possible', async () => {
    211. 

  211.         w = new BrowserWindow({
    212. 

  212.           show: false,
    213. 

  213.           webPreferences
    214. 

  214.         });
    215. 

  215. 

  216.         await w.loadURL(serverUrl);
    217. 

  217. 

  218.         const pidMain = w.webContents.getOSProcessId();
    219. 

  219.         const pidFrame = (w.webContents as any)._getOSProcessIdForFrame('frame', crossSiteUrl);
    220. 

  220. 

  221.         const metrics = app.getAppMetrics();
    222. 

  222.         const isProcessSandboxed = function (pid: number) {
    223. 

  223.           const entry = metrics.filter(metric => metric.pid === pid)[0];
    224. 

  224.           return entry && entry.sandboxed;
    225. 

  225.         };
    226. 

  226. 

  227.         const sandboxMain = !!(webPreferences.sandbox || process.mas);
    228. 

  228.         const sandboxFrame = sandboxMain || !webPreferences.nodeIntegrationInSubFrames;
    229. 

  229. 

  230.         expect(isProcessSandboxed(pidMain)).to.equal(sandboxMain);
    231. 

  231.         expect(isProcessSandboxed(pidFrame)).to.equal(sandboxFrame);
    232. 

  232.       });
    233. 

  233.     });
    234. 

  234.   };
    235. 

  235. 

  236.   generateSpecs('nodeIntegrationInSubFrames = false, sandbox = false', {
    237. 

  237.     nodeIntegrationInSubFrames: false,
    238. 

  238.     sandbox: false
    239. 

  239.   });
    240. 

  240. 

  241.   generateSpecs('nodeIntegrationInSubFrames = false, sandbox = true', {
    242. 

  242.     nodeIntegrationInSubFrames: false,
    243. 

  243.     sandbox: true
    244. 

  244.   });
    245. 

  245. 

  246.   generateSpecs('nodeIntegrationInSubFrames = true, sandbox = false', {
    247. 

  247.     nodeIntegrationInSubFrames: true,
    248. 

  248.     sandbox: false
    249. 

  249.   });
    250. 

  250. 

  251.   generateSpecs('nodeIntegrationInSubFrames = true, sandbox = true', {
    252. 

  252.     nodeIntegrationInSubFrames: true,
    253. 

  253.     sandbox: true
    254. 

  254.   });
    255. 

  255. });
    256.