mirror of
https://github.com/finos/SymphonyElectron.git
synced 2024-12-26 08:51:22 -06:00
ELECTRON-453: add functionality to ignore cert transparency checks (#373)
- add functionality to ignore cert transparency checks for specific urls - fix reading config file as per PR comments
This commit is contained in:
parent
2362febc58
commit
4ba0db73f5
@ -7,6 +7,7 @@
|
||||
"whitelistUrl": "*",
|
||||
"isCustomTitleBar": true,
|
||||
"memoryRefresh": true,
|
||||
"ctWhitelist": [],
|
||||
"notificationSettings": {
|
||||
"position": "upper-right",
|
||||
"display": ""
|
||||
|
@ -158,6 +158,7 @@ function parseDomain(url) {
|
||||
|
||||
module.exports = {
|
||||
isWhitelisted,
|
||||
parseDomain,
|
||||
|
||||
// items below here are only exported for testing, do NOT use!
|
||||
checkWhitelist
|
||||
|
@ -23,7 +23,7 @@ const throttle = require('./utils/throttle.js');
|
||||
const { getConfigField, updateConfigField, readConfigFileSync } = require('./config.js');
|
||||
const { isMac, isNodeEnv, isWindows10, isWindowsOS } = require('./utils/misc');
|
||||
const { deleteIndexFolder } = require('./search/search.js');
|
||||
const { isWhitelisted } = require('./utils/whitelistHandler');
|
||||
const { isWhitelisted, parseDomain } = require('./utils/whitelistHandler');
|
||||
const { initCrashReporterMain, initCrashReporterRenderer } = require('./crashReporter.js');
|
||||
|
||||
// show dialog when certificate errors occur
|
||||
@ -56,6 +56,9 @@ const MIN_HEIGHT = 300;
|
||||
const DEFAULT_WIDTH = 300;
|
||||
const DEFAULT_HEIGHT = 600;
|
||||
|
||||
// Certificate transparency whitelist
|
||||
let ctWhitelist = [];
|
||||
|
||||
/**
|
||||
* Adds a window key
|
||||
* @param key
|
||||
@ -119,8 +122,12 @@ function doCreateMainWindow(initialUrl, initialBounds) {
|
||||
&& typeof config.isCustomTitleBar === 'boolean'
|
||||
&& config.isCustomTitleBar
|
||||
&& isWindows10();
|
||||
|
||||
log.send(logLevels.INFO, 'creating main window url: ' + url);
|
||||
log.send(logLevels.INFO, `we are configuring a custom title bar for windows -> ${isCustomTitleBarEnabled}`);
|
||||
|
||||
ctWhitelist = config && config.ctWhitelist;
|
||||
log.send(logLevels.INFO, `we are configuring certificate transparency whitelist for the domains -> ${ctWhitelist}`);
|
||||
|
||||
log.send(logLevels.INFO, `creating main window for ${url}`);
|
||||
|
||||
if (config && config !== null && config.customFlags) {
|
||||
|
||||
@ -308,6 +315,7 @@ function doCreateMainWindow(initialUrl, initialBounds) {
|
||||
|
||||
// open external links in default browser - a tag with href='_blank' or window.open
|
||||
mainWindow.webContents.on('new-window', handleNewWindow);
|
||||
mainWindow.webContents.session.setCertificateVerifyProc(handleCertificateTransparencyChecks);
|
||||
|
||||
function handleNewWindow(event, newWinUrl, frameName, disposition, newWinOptions) {
|
||||
|
||||
@ -453,6 +461,8 @@ function doCreateMainWindow(initialUrl, initialBounds) {
|
||||
});
|
||||
|
||||
handlePermissionRequests(browserWin.webContents);
|
||||
|
||||
browserWin.webContents.session.setCertificateVerifyProc(handleCertificateTransparencyChecks);
|
||||
}
|
||||
});
|
||||
} else {
|
||||
@ -567,6 +577,24 @@ function doCreateMainWindow(initialUrl, initialBounds) {
|
||||
})
|
||||
|
||||
}
|
||||
|
||||
function handleCertificateTransparencyChecks(request, callback) {
|
||||
|
||||
const { hostname: hostUrl, errorCode } = request;
|
||||
|
||||
if (errorCode === 0) {
|
||||
return callback(0);
|
||||
}
|
||||
|
||||
let { tld, domain } = parseDomain(hostUrl);
|
||||
let host = domain + tld;
|
||||
|
||||
if (ctWhitelist && Array.isArray(ctWhitelist) && ctWhitelist.length > 0 && ctWhitelist.indexOf(host) > -1) {
|
||||
return callback(0);
|
||||
}
|
||||
|
||||
return callback(-2);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user