if/SymphonyElectron
1
0
Fork 0
mirror of https://github.com/finos/SymphonyElectron.git synced 2024-11-22 17:06:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

ELECTRON-512 (Create API only if the location.origin matches with whitelist or pod URL) (#421)

Browse Source 
- Create API only if the location.origin matches with whitelist or pod URL
- Include isNodeEnv for Spectron test cases to pass
- Reset whitelistUrl to support SSO login
- Remove unnecessary return statement
This commit is contained in:
Kiran Niranjan 2018-07-09 18:09:45 +05:30 committed by Vishwas Shashidhar
parent af124e3aab
commit d47e18072a
5 changed files with 51 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
js/enums/api.js
View File

@ -24,6 +24,7 @@ const cmds = keyMirror({
setIsInMeeting: null,
setLocale: null,
keyPress: null,
originCheck: null,
});
module.exports = {

6
js/mainApiMgr.js
View File

@ -18,6 +18,7 @@ const eventEmitter = require('./eventEmitter');
const { isMac } = require('./utils/misc');
const { openScreenPickerWindow } = require('./desktopCapturer');
const { optimizeMemory, setIsInMeeting } = require('./memoryMonitor');
const originCheck = require('./originCheck');
const apiEnums = require('./enums/api.js');
const apiCmds = apiEnums.cmds;
@ -169,6 +170,11 @@ electron.ipcMain.on(apiName, (event, arg) => {
windowMgr.handleKeyPress(arg.keyCode);
}
break;
case apiCmds.originCheck:
if (typeof arg.origin === 'string') {
originCheck(event.sender, arg.origin);
}
break;
default:
}

32
js/originCheck.js Normal file
View File

@ -0,0 +1,32 @@
const { isWhitelisted, matchDomains, parseDomain } = require('./utils/whitelistHandler');
const { getGlobalConfigField } = require('./config');
const { isDevEnv, isNodeEnv } = require('./utils/misc');
/**
* Validate whitelist and location.origin
* @param eventSender
* @param origin {String} location.origin
*/
function originCheck(eventSender, origin) {
if (isDevEnv || isNodeEnv) {
eventSender.send('initialize-api');
return;
}
isWhitelisted(origin)
.then(() => {
eventSender.send('initialize-api', true);
})
.catch(() => {
getGlobalConfigField('url')
.then((configUrl) => {
if (matchDomains(parseDomain(origin), parseDomain(configUrl))) {
eventSender.send('initialize-api', true);
}
});
});
}
module.exports = originCheck;

12
js/preload/preloadMain.js
View File

@ -110,7 +110,17 @@ setInterval(() => {
});
}, memoryMonitorInterval);
createAPI();
// Create API only on an allowed origin
local.ipcRenderer.once('initialize-api', () => {
createAPI();
});
setTimeout(() => {
local.ipcRenderer.send(apiName, {
cmd: apiCmds.originCheck,
origin: location.origin,
});
}, 0);
// creates API exposed from electron.
// wrapped in a function so we can abort early in function coming from an iframe

1
js/utils/whitelistHandler.js
View File

@ -159,6 +159,7 @@ function parseDomain(url) {
module.exports = {
isWhitelisted,
parseDomain,
matchDomains,
// items below here are only exported for testing, do NOT use!
checkWhitelist