Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: ensure the sandboxed preloads globals do not leak #17712

Merged
merged 1 commit into from Apr 16, 2019

Conversation

@MarshallOfSound
Copy link
Member

commented Apr 5, 2019

Description of Change

This PR re-adds the preload wrapping we used to have for sandboxed renderers that was accidentally removed as part of C71. It takes a different approach partially due to API changes in node and partially for performance reasons. Instead of wrapping the script at runtime, we wrap the scripts at build time.

This PR enables the --standalone flag for our browserify builds and then wraps the scripts with a fake module: { exports }. Standalone will ensure nothing leaks and the fake exports will ensure that nothing gets injected onto the window object 馃憤

Release Notes

Notes: Fixed issue where sandboxed renderers could sometimes leak globals outside of the preload script

Show resolved Hide resolved spec/api-browser-window-spec.js Outdated
Show resolved Hide resolved spec/fixtures/api/no-leak.html
Show resolved Hide resolved spec/fixtures/module/empty.js Outdated
Show resolved Hide resolved BUILD.gn Outdated
Show resolved Hide resolved BUILD.gn Outdated
Show resolved Hide resolved build/js_wrap.py Outdated
Show resolved Hide resolved spec/fixtures/api/no-leak.html

@MarshallOfSound MarshallOfSound force-pushed the wrap-bundles branch from fa8203c to 0531d8b Apr 16, 2019

@codebytere codebytere merged commit be6fb7c into master Apr 16, 2019

15 of 16 checks passed

Backportable? - 5-0-x Backport Failed
Details
Artifact Comparison No Changes
Details
Semantic Pull Request ready to be squashed
Details
WIP Ready for review
Details
appveyor: win-ia32-debug AppVeyor build succeeded
Details
appveyor: win-ia32-testing AppVeyor build succeeded
Details
appveyor: win-ia32-testing-pr AppVeyor build succeeded
Details
appveyor: win-x64-debug AppVeyor build succeeded
Details
appveyor: win-x64-testing AppVeyor build succeeded
Details
appveyor: win-x64-testing-pr AppVeyor build succeeded
Details
build-linux Workflow: build-linux
Details
build-mac Workflow: build-mac
Details
electron-arm-testing Build #20190416.4 succeeded
Details
electron-arm64-testing Build #20190416.4 succeeded
Details
lint Workflow: lint
Details
release-notes Release notes found
@release-clerk

This comment has been minimized.

Copy link

commented Apr 16, 2019

Release Notes Persisted

Fixed issue where sandboxed renderers could sometimes leak globals outside of the preload script

@codebytere

This comment has been minimized.

Copy link
Member

commented Apr 16, 2019

@MarshallOfSound this is gonna need manual bp to 5-0-x

@codebytere codebytere deleted the wrap-bundles branch Apr 16, 2019

@trop

This comment has been minimized.

Copy link
Contributor

commented Apr 16, 2019

I was unable to backport this PR to "5-0-x" cleanly;
you will need to perform this backport manually.

@trop

This comment has been minimized.

Copy link
Contributor

commented Apr 16, 2019

A maintainer has manually backported this PR to "5-0-x", please check out #17830

MarshallOfSound added a commit that referenced this pull request Apr 17, 2019

@trop

This comment has been minimized.

Copy link
Contributor

commented Apr 17, 2019

A maintainer has manually backported this PR to "5-0-x", please check out #17830

@sofianguy sofianguy added this to Fixed in 5.0.0-beta.9 in 5.0.x Apr 20, 2019

Kiku-Reise added a commit to Kiku-Reise/electron that referenced this pull request May 16, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
You can鈥檛 perform that action at this time.