Skip to content

Commit

Permalink
Working contextIsolation
Browse files Browse the repository at this point in the history
  • Loading branch information
@lacymorrow
lacymorrow committed Jan 26, 2021
1 parent 70d5e1f commit af5f82f
Show file tree
Hide file tree
Showing 9 changed files with 7,543 additions and 54 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
},
"devDependencies": {
"ava": "^3.8.2",
"electron": "^9.4.1",
"electron": "^11.2.1",
"electron-builder": "^22.9.1",
"electron-builder-squirrel-windows": "^22.9.1",
"electron-reloader": "^1.2.0",
Expand Down
3 changes: 2 additions & 1 deletion src/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@
<head>
<meta charset="utf-8">
<title>CrossOver</title>
<link rel="stylesheet" href="vendor/pickr.nano.min.css"/>
<link rel="stylesheet" href="vendor/pickr/pickr.nano.min.css"/>
<link rel="stylesheet" href="index.css">
<script type="text/javascript" src="vendor/pickr/pickr.min.js"></script>
</head>
<body>
<div class="container" id="drag-file">
Expand Down
11 changes: 7 additions & 4 deletions src/main.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,11 +99,11 @@ const createMainWindow = async () => {
width: 200,
height: 350,
webPreferences: {
nodeIntegration: true // We don't absolutely need this, but renderer require's some things
contextIsolation: true,
enableRemoteModule: true,
nodeIntegration: true, // We don't absolutely need this, but renderer require's some things
preload: path.join( __dirname, 'preload.js' )

// preload: path.join( __dirname, 'preload.js' )

// Sandbox: true,

}
} )
Expand Down Expand Up @@ -150,6 +150,9 @@ const createChildWindow = async _ => {
width: 600,
height: 500,
webPreferences: {
nodeIntegration: false, // is default value after Electron v5
contextIsolation: true, // protect against prototype pollution
enableRemoteModule: false, // turn off remote
preload: path.join( __dirname, 'preload-settings.js' )
}
} )
Expand Down
36 changes: 18 additions & 18 deletions src/preload-settings.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,35 +3,35 @@
const path = require( 'path' )

const {
contextBridge,
ipcRenderer
} = require( 'electron' )

window.crossover = {
path,
send: ( channel, data ) => {
contextBridge.exposeInMainWorld('crossover', {
path,
send: ( channel, data ) => {

// Whitelist channels
const validChannels = new Set( [ 'log', 'save_crosshair', 'save_custom_image', 'close_chooser', 'get_crosshairs' ] )
// Whitelist channels
const validChannels = new Set( [ 'log', 'save_crosshair', 'save_custom_image', 'close_chooser', 'get_crosshairs' ] )

if ( validChannels.has( channel ) ) {
if ( validChannels.has( channel ) ) {

ipcRenderer.send( channel, data )
ipcRenderer.send( channel, data )

}
}

},
},

receive: ( channel, func ) => {
receive: ( channel, func ) => {

const validChannels = new Set( [ 'load_crosshairs' ] )
const validChannels = new Set( [ 'load_crosshairs' ] )

if ( validChannels.has( channel ) ) {
if ( validChannels.has( channel ) ) {

// Deliberately strip event as it includes `sender`
ipcRenderer.on( channel, ( event, ...args ) => func( ...args ) )
// Deliberately strip event as it includes `sender`
ipcRenderer.on( channel, ( event, ...args ) => func( ...args ) )

}
}

}

}
}
})
43 changes: 43 additions & 0 deletions src/preload.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
// Via https://github.com/reZach/secure-electron-template
const {
contextBridge,
ipcRenderer
} = require( 'electron' )
const { is } = require( 'electron-util' )
const Pickr = require( '@simonwep/pickr' )
const { debounce } = require( './util' )

contextBridge.exposeInMainWorld('crossover', {
colorPicker: Pickr.create,
debounce,
isMacOs: is.macos,
send: ( channel, data ) => {

// Whitelist channels
const validChannels = new Set( [ 'save_color', 'save_opacity', 'save_size', 'save_sight', 'center_window', 'open_chooser', 'save_custom_image' ] )

if ( validChannels.has( channel ) ) {

ipcRenderer.send( channel, data )

}

},

receive: ( channel, func ) => {

const validChannels = new Set( [ 'load_color', 'set_crosshair', 'set_custom_image', 'set_opacity', 'set_size', 'set_sight', 'lock_window' ] )

if ( validChannels.has( channel ) ) {

// Deliberately strip event as it includes `sender`
ipcRenderer.on( channel, ( event, ...args ) => func( ...args ) )

}

}
})

window.colorPicker = {
Pickr
}
55 changes: 25 additions & 30 deletions src/renderer.js
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,5 @@
( () => {

// Imports
const { ipcRenderer } = require( 'electron' )
const { is } = require( 'electron-util' )
const Pickr = require( '@simonwep/pickr' )
const { debounce } = require( './util' )
// const Pickr = require( '@simonwep/pickr' )

// DOM elements
const dragger = document.querySelector( '.drag-me' )
Expand All @@ -19,7 +14,7 @@
const systemModifier = document.querySelector( '#system-modifier' )

// Set System Modifier on first load
systemModifier.textContent = is.macos ? 'OPTION' : 'ALT'
systemModifier.textContent = window.crossover.isMacOs ? 'OPTION' : 'ALT'

// Create color picker
const pickr = Pickr.create( {
Expand Down Expand Up @@ -81,7 +76,7 @@

}

ipcRenderer.on( 'set_crosshair', ( event, arg ) => {
window.crossover.receive( 'set_crosshair', arg => {

setCrosshair( arg )

Expand All @@ -94,7 +89,7 @@

}

ipcRenderer.on( 'set_custom_image', ( event, arg ) => {
window.crossover.receive( 'set_custom_image', arg => {

setCustomImage( arg )

Expand All @@ -116,7 +111,7 @@

const loadColor = color => {

pickr.setColor( color )
window.pickr.setColor( color )
setColor( color )

}
Expand All @@ -129,40 +124,40 @@

}

pickr
window.pickr
.on( 'change', color => {

setColor( stripHex( color ) )

} )
.on( 'save', color => {

pickr.hide()
window.window.pickr.hide()

ipcRenderer.send( 'save_color', stripHex( color ) )
window.crossover.send( 'save_color', stripHex( color ) )

} )
.on( 'show', () => {

document.body.classList.add( 'pickr-open' )
document.body.classList.add( 'window.pickr-open' )

} )
.on( 'hide', () => {

document.body.classList.remove( 'pickr-open' )
document.body.classList.remove( 'window.pickr-open' )

} )

ipcRenderer.on( 'load_color', ( event, arg ) => {
window.crossover.receive( 'load_color', arg => {

loadColor( arg )

} )

// Opacity
const dOpacityInput = debounce( value => {
const dOpacityInput = window.crossover.debounce( value => {

ipcRenderer.send( 'save_opacity', value )
window.crossover.send( 'save_opacity', value )

}, 1000 )

Expand All @@ -182,16 +177,16 @@

} )

ipcRenderer.on( 'set_opacity', ( event, arg ) => {
window.crossover.receive( 'set_opacity', arg => {

setOpacity( arg )

} )

// Size
const dSizeInput = debounce( value => {
const dSizeInput = window.crossover.debounce( value => {

ipcRenderer.send( 'save_size', value )
window.crossover.send( 'save_size', value )

}, 1000 )

Expand All @@ -210,7 +205,7 @@

} )

ipcRenderer.on( 'set_size', ( event, arg ) => {
window.crossover.receive( 'set_size', arg => {

setSize( arg )

Expand All @@ -222,7 +217,7 @@
document.querySelector( '.sight' ).classList.remove( 'dot', 'cross', 'off' )
document.querySelector( '.sight' ).classList.add( sight )
document.querySelector( `.radio.${sight} input` ).checked = true
ipcRenderer.send( 'save_sight', sight )
window.crossover.send( 'save_sight', sight )

}

Expand All @@ -237,16 +232,16 @@

}

ipcRenderer.on( 'set_sight', ( event, arg ) => {
window.crossover.receive( 'set_sight', arg => {

setSight( arg )

} )

// Lock
ipcRenderer.on( 'lock_window', ( event, arg ) => {
window.crossover.receive( 'lock_window', arg => {

pickr.hide()
window.pickr.hide()
if ( arg ) {

document.body.classList.remove( 'draggable' )
Expand All @@ -262,21 +257,21 @@
// Center window on double click
dragger.addEventListener( 'dblclick', () => {

ipcRenderer.send( 'center_window' )
window.crossover.send( 'center_window' )

} )

crosshairElement.addEventListener( 'dblclick', () => {

ipcRenderer.send( 'open_chooser', crosshairImg.src )
window.crossover.send( 'open_chooser', crosshairImg.src )

} )

// Button to open crosshair chooser
selectCrosshairBtn.addEventListener( 'click', () => {

// Send open request with current crosshair
ipcRenderer.send( 'open_chooser', crosshairImg.src )
window.crossover.send( 'open_chooser', crosshairImg.src )

} )

Expand Down Expand Up @@ -315,7 +310,7 @@
dragDrop.classList.remove( 'dropping' )

// Send file path to main
ipcRenderer.send( 'save_custom_image', event.dataTransfer.files[0].path )
window.crossover.send( 'save_custom_image', event.dataTransfer.files[0].path )

} )

Expand Down
5 changes: 5 additions & 0 deletions src/vendor/pickr/pickr.min.js
View file

Large diffs are not rendered by default.

0 src/vendor/pickr.nano.min.css → src/vendor/pickr/pickr.nano.min.css
View file
File renamed without changes.

0 comments on commit af5f82f

Please sign in to comment.