open: add allowHTTP option
completely block HTTP by default
This commit is contained in:
CanadaHonk
parent
d11ac0a944
commit
7f22aa55b0
11
gluon.d.ts
vendored
11
gluon.d.ts
vendored
@ -499,7 +499,16 @@ type OpenOptions = {
|
|||||||
forceBrowser?: Browser,
|
forceBrowser?: Browser,
|
||||||
|
|
||||||
/** Force Gluon to use a specific browser engine instead of automatically finding a browser itself. */
|
/** Force Gluon to use a specific browser engine instead of automatically finding a browser itself. */
|
||||||
forceEngine?: BrowserEngine
|
forceEngine?: BrowserEngine,
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Opt-in to allowing HTTP. Not recommended to use, always keep `false` where possible. Primarily to support custom localhost servers.
|
||||||
|
* Options:
|
||||||
|
* - `false`: HTTP is **completely disabled**. Recommended.
|
||||||
|
* - `mixed`: HTTP is **enabled for mixed content**, but not as window URL. **Not recommended.**
|
||||||
|
* - `true`: HTTP is **completely enabled**. **Not recommended.**
|
||||||
|
*/
|
||||||
|
allowHTTP?: false | 'mixed' | true
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -7,12 +7,13 @@ const presets = { // Presets from OpenAsar
|
|||||||
'memory': '--in-process-gpu --js-flags="--lite-mode --optimize_for_size --wasm_opt --wasm_lazy_compilation --wasm_lazy_validation --always_compact" --renderer-process-limit=2 --enable-features=QuickIntensiveWakeUpThrottlingAfterLoading' // Less (?) memory usage
|
'memory': '--in-process-gpu --js-flags="--lite-mode --optimize_for_size --wasm_opt --wasm_lazy_compilation --wasm_lazy_validation --always_compact" --renderer-process-limit=2 --enable-features=QuickIntensiveWakeUpThrottlingAfterLoading' // Less (?) memory usage
|
||||||
};
|
};
|
||||||
|
|
||||||
export default async ({ browserPath, dataPath }, { url, windowSize }, extra) => {
|
export default async ({ browserPath, dataPath }, { url, windowSize, allowHTTP }, extra) => {
|
||||||
return await StartBrowser(browserPath, [
|
return await StartBrowser(browserPath, [
|
||||||
`--app=${url}`,
|
`--app=${url}`,
|
||||||
`--remote-debugging-pipe`,
|
`--remote-debugging-pipe`,
|
||||||
`--user-data-dir=${dataPath}`,
|
`--user-data-dir=${dataPath}`,
|
||||||
windowSize ? `--window-size=${windowSize.join(',')}` : '',
|
windowSize ? `--window-size=${windowSize.join(',')}` : '',
|
||||||
|
![true, 'mixed'].includes(allowHTTP) ? `--enable-strict-mixed-content-checking` : '--allow-running-insecure-content',
|
||||||
...`--new-window --no-first-run --no-default-browser-check --disable-component-extensions-with-background-pages --disable-extensions --disable-default-apps --disable-breakpad --disable-crashpad --disable-background-networking --disable-domain-reliability --disable-component-update --disable-sync --disable-features=AutofillServerCommunication -in-process-gpu ${presets.perf}`.split(' ')
|
...`--new-window --no-first-run --no-default-browser-check --disable-component-extensions-with-background-pages --disable-extensions --disable-default-apps --disable-breakpad --disable-crashpad --disable-background-networking --disable-domain-reliability --disable-component-update --disable-sync --disable-features=AutofillServerCommunication -in-process-gpu ${presets.perf}`.split(' ')
|
||||||
], 'stdio', extra);
|
], 'stdio', extra);
|
||||||
};
|
};
|
||||||
@ -4,7 +4,7 @@ import { join } from 'path';
|
|||||||
import StartBrowser from '../launcher/start.js';
|
import StartBrowser from '../launcher/start.js';
|
||||||
|
|
||||||
|
|
||||||
export default async ({ browserPath, dataPath }, { url, windowSize }, extra) => {
|
export default async ({ browserPath, dataPath }, { url, windowSize, allowHTTP }, extra) => {
|
||||||
await mkdir(dataPath, { recursive: true });
|
await mkdir(dataPath, { recursive: true });
|
||||||
await writeFile(join(dataPath, 'user.js'), `
|
await writeFile(join(dataPath, 'user.js'), `
|
||||||
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
|
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
|
||||||
@ -20,6 +20,11 @@ user_pref('fission.bfcacheInParent', false);
|
|||||||
user_pref('fission.webContentIsolationStrategy', 0);
|
user_pref('fission.webContentIsolationStrategy', 0);
|
||||||
user_pref('ui.key.menuAccessKeyFocuses', false);
|
user_pref('ui.key.menuAccessKeyFocuses', false);
|
||||||
${process.platform === 'darwin' ? `user_pref('browser.tabs.inTitlebar', 0);` : `` }
|
${process.platform === 'darwin' ? `user_pref('browser.tabs.inTitlebar', 0);` : `` }
|
||||||
|
|
||||||
|
user_pref('security.mixed_content.block_active_content', ${![true, 'mixed'].includes(allowHTTP) ? 'true' : 'false'});
|
||||||
|
user_pref('security.mixed_content.block_display_content', ${![true, 'mixed'].includes(allowHTTP) ? 'true' : 'false'});
|
||||||
|
user_pref('security.mixed_content.block_object_subrequest', ${![true, 'mixed'].includes(allowHTTP) ? 'true' : 'false'});
|
||||||
|
user_pref('security.mixed_content.upgrade_display_content', true);
|
||||||
`);
|
`);
|
||||||
|
|
||||||
// user_pref('privacy.resistFingerprinting', false);
|
// user_pref('privacy.resistFingerprinting', false);
|
||||||
|
|||||||
13
src/index.js
13
src/index.js
@ -175,7 +175,7 @@ const getBrowserType = name => { // todo: not need this
|
|||||||
const portRange = [ 10000, 60000 ];
|
const portRange = [ 10000, 60000 ];
|
||||||
const generatePort = () => (Math.floor(Math.random() * (portRange[1] - portRange[0] + 1)) + portRange[0]);
|
const generatePort = () => (Math.floor(Math.random() * (portRange[1] - portRange[0] + 1)) + portRange[0]);
|
||||||
|
|
||||||
const startBrowser = async (url, { windowSize, forceBrowser, forceEngine }) => {
|
const startBrowser = async (url, { allowHTTP, windowSize, forceBrowser, forceEngine }) => {
|
||||||
const [ browserPath, browserName ] = await findBrowserPath(forceBrowser, forceEngine);
|
const [ browserPath, browserName ] = await findBrowserPath(forceBrowser, forceEngine);
|
||||||
const browserFriendlyName = getFriendlyName(browserName);
|
const browserFriendlyName = getFriendlyName(browserName);
|
||||||
|
|
||||||
@ -199,7 +199,8 @@ const startBrowser = async (url, { windowSize, forceBrowser, forceEngine }) => {
|
|||||||
browserPath
|
browserPath
|
||||||
}, {
|
}, {
|
||||||
url: openingLocal ? localUrl : url,
|
url: openingLocal ? localUrl : url,
|
||||||
windowSize
|
windowSize,
|
||||||
|
allowHTTP
|
||||||
}, {
|
}, {
|
||||||
browserName: browserFriendlyName,
|
browserName: browserFriendlyName,
|
||||||
url: openingLocal ? basePath : url,
|
url: openingLocal ? basePath : url,
|
||||||
@ -213,10 +214,14 @@ const startBrowser = async (url, { windowSize, forceBrowser, forceEngine }) => {
|
|||||||
return Window;
|
return Window;
|
||||||
};
|
};
|
||||||
|
|
||||||
export const open = async (url, { windowSize, onLoad, forceBrowser, forceEngine } = {}) => {
|
export const open = async (url, opts = {}) => {
|
||||||
|
const { onLoad, allowHTTP } = opts;
|
||||||
|
|
||||||
|
if (allowHTTP !== true && url.startsWith('http://')) throw new Error(`HTTP URLs are blocked by default. Please use HTTPS, or if not possible, enable the 'allowHTTP' option.`);
|
||||||
|
|
||||||
log('starting browser...');
|
log('starting browser...');
|
||||||
|
|
||||||
const Browser = await startBrowser(url, { windowSize, forceBrowser, forceEngine });
|
const Browser = await startBrowser(url, opts);
|
||||||
|
|
||||||
if (onLoad) {
|
if (onLoad) {
|
||||||
const toRun = `(() => {
|
const toRun = `(() => {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user