[multi] Enable contextIsolation in main window #3492
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Promise is now a built-in js class, so no need to import.
This is needed once contextIsolation is enabled due to electronStore instances not being proxied.
This adds a client tracking layer to gRPC clients returned by the wallet pkg. Instead of directly returning the gRPC client instance, the wallet keeps track of the client and returns a random string ID to the UI code. Subsequent calls to gRPC functions fetch the actual client from the tracked map. This is needed due to contextIsolation not allowing non-primitive values from crossing the preload -> ipcRenderer layers.
This changes the wallet package and UI code so that calls to the wallet pkg no longer return instances of the protobuf objects but rather standard js objects. This is needed because when contextIsolation is turned on, the protobuf objects cannot cross the preload -> ipcRenderer barrier.
This sets the contextIsolation flag to true when starting the main wallet window. This improves security by isolating the preload and ipcRenderer scripts from each other.
matheusd
force-pushed
the
enable-context-isolation
branch
from
85d1c27
to
b809371
Compare
This should've been moved on an earlier commit.
matheusd
force-pushed
the
enable-context-isolation
branch
from
3afc3bd
to
7eb6648
Compare
alexlyp
approved these changes
Jun 9, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rebased on top of #3486This makes the final changes and switches on
contextIsolationfor the main window.contextIsolationis a recommended security feature for electron apps which makes the vm that runs the preload script layer code completely independent from the vm that runs the ipc renderer code. This prevents UI code from modifying data stored in the preload layer.contextIsolationis currently on by default in electron apps starting on version 12, but we had to turn it off due to the mixed usage of node and electron APIs across Decrediton's UI code. This PR finally completes the migrations necessary to turn it on and enable Decrediton to leverage the security features offered by it.The main change necessary to enable
contextIsolationintroduced by this PR is to change all calls in the wallet package that involve gRPC to use primitive jsObjectinstances instead of the gRPC and protobuf class instances. This is necessary because the preload <-> renderer boundary conversion does not copy prototype definitions, only simple values.Care was taken to make the commits reasonably self-contained, so that reviewers can have an easier time reviewing the code changes.
Main changes in this PR:
import Promiselines which are no longer necessary due to electron version natively suporting it.Objectinstead ofElectronLoaderinstances.getXXXX()call to using the correspondingXXXXfield and modifying wallet functions to usetoObject()to return the response data directly