From 901e5d443a1d5c770b08dd468465c7ba6a3e96f6 Mon Sep 17 00:00:00 2001 From: CanadaHonk Date: Wed, 8 Feb 2023 16:31:46 +0000 Subject: [PATCH] window: rename allowRedirects to allowNavigation --- gluon.d.ts | 10 +++++----- src/index.js | 8 ++++---- src/launcher/inject.js | 9 +++++---- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/gluon.d.ts b/gluon.d.ts index a1d68bc..2d2d4b0 100644 --- a/gluon.d.ts +++ b/gluon.d.ts @@ -521,14 +521,14 @@ type OpenOptions = { allowHTTP?: false | 'mixed' | true, /** - * Set what redirects are allowed in the window. + * Set what top-level navigation is allowed in the window. * Options: - * - `false`: **No** redirects are allowed. - * - `same-origin`: Redirects are **allowed if the redirect URL is the same origin** (as the URL given to `open()`). - * - `true`: **All** redirects are allowed. **Not recommended.** + * - `false`: **No** navigation is allowed. + * - `same-origin`: Navigation is allowed **if the redirect URL is the same origin** (as the URL given to `open()`). + * - `true`: **All** navigation is allowed. **Not recommended.** * @default 'same-origin' */ - allowRedirects?: false | 'same-origin' | true, + allowNavigation?: false | 'same-origin' | true, /** * Set the Content Security Policy when using Local (giving open() a path). diff --git a/src/index.js b/src/index.js index 8e468fb..41f0ce9 100644 --- a/src/index.js +++ b/src/index.js @@ -194,7 +194,7 @@ const defaultCSP = [ 'upgrade-insecure-requests' ].concat( [ 'connect-src', 'prefetch-src', 'font-src', 'img-src', 'media-src', 'style-src', 'form-action' ].map(x => `${x} ${csp_allowAll}`) ).join('; '); -const startBrowser = async (url, { allowHTTP = false, allowRedirects = 'same-origin', windowSize, forceBrowser, forceEngine, localCSP = defaultCSP }) => { +const startBrowser = async (url, { allowHTTP = false, allowNavigation = 'same-origin', windowSize, forceBrowser, forceEngine, localCSP = defaultCSP }) => { const [ browserPath, browserName ] = await findBrowserPath(forceBrowser, forceEngine); const browserFriendlyName = getFriendlyName(browserName); @@ -229,16 +229,16 @@ const startBrowser = async (url, { allowHTTP = false, allowRedirects = 'same-ori closeHandlers, browserType, dataPath, - allowRedirects, + allowNavigation, localCSP }); return Window; }; -const checkForDangerousOptions = ({ allowHTTP, allowRedirects }) => { +const checkForDangerousOptions = ({ allowHTTP, allowNavigation }) => { if (allowHTTP === true) dangerousAPI('Gluon.open', 'allowHTTP', 'true'); - if (allowRedirects === true) dangerousAPI('Gluon.open', 'allowRedirects', 'true'); + if (allowNavigation === true) dangerousAPI('Gluon.open', 'allowNavigation', 'true'); }; export const open = async (url, opts = {}) => { diff --git a/src/launcher/inject.js b/src/launcher/inject.js index e7a96b1..6c7cdd6 100644 --- a/src/launcher/inject.js +++ b/src/launcher/inject.js @@ -27,7 +27,7 @@ const acquireTarget = async (CDP, filter = () => true) => { })).sessionId; }; -export default async (CDP, proc, injectionType = 'browser', { dataPath, browserName, browserType, openingLocal, url, basePath, allowRedirects, localCSP, closeHandlers }) => { +export default async (CDP, proc, injectionType = 'browser', { dataPath, browserName, browserType, openingLocal, url, basePath, allowNavigation, localCSP, closeHandlers }) => { let pageLoadCallback, pageLoadPromise = new Promise(res => pageLoadCallback = res); let frameLoadCallback = () => {}, onWindowMessage = () => {}; CDP.onMessage(async msg => { @@ -42,9 +42,10 @@ export default async (CDP, proc, injectionType = 'browser', { dataPath, browserN if (msg.method === 'Page.frameScheduledNavigation' || msg.method === 'Page.frameNavigated') { let newUrl = msg.params?.frame?.url ?? msg.params?.url; - if (allowRedirects === true) return; // always allow redirects - if (allowRedirects === 'same-origin' && new URL(newUrl).origin === new URL(url).origin) return; // only allow if same origin - if (allowRedirects === false && newUrl === url) return; // only allow if identical open() url + + if (allowNavigation === true) return; // always allow redirects + if (allowNavigation === 'same-origin' && new URL(newUrl).origin === new URL(url).origin) return; // only allow if same origin + if (allowNavigation === false && newUrl === url) return; // only allow if identical open() url if (newUrl === 'about:blank') return; // allow blank urls CDP.sendMessage('Page.stopLoading', {}, sessionId);