CefSharp icon indicating copy to clipboard operation
CefSharp copied to clipboard

Published 20 hours ago verified publisher icon cefsharp

Javascript Binding - Add ability to limit access to JavaScript Bound objects to specific origins

Open amaitland opened this issue 7 months ago • 8 comments

Fixes: #5001

Summary:

  • Add new JavascriptBindingSettings.JavascriptBindingApiAllowOrigins property

Changes:

  • Don't create CefSharp objects when non matching origin
  • Doesn't currently impact Legacy binding
  • Added xunit tests

How Has This Been Tested?

  • New xUnit tests have been added

Types of changes

  • [ ] Bug fix (non-breaking change which fixes an issue)
  • [x] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to change)
  • [ ] Updated documentation

Checklist:

  • [x] Tested the code(if applicable)
  • [x] Commented my code
  • [ ] Changed the documentation(if applicable)
  • [ ] New files have a license disclaimer
  • [ ] The formatting is consistent with the project (project supports .editorconfig)

Summary by CodeRabbit

  • New Features
    • Added support to restrict the creation of global JavaScript binding objects to specified allowed origins. When enabled, the JavaScript binding API will only be available on origins explicitly listed in the settings.
  • Tests
    • Introduced new tests to verify JavaScript binding API availability based on allowed origins.
  • Chores
    • Added internal settings and cleanup related to allowed origins for JavaScript binding.

amaitland avatar Apr 12 '25 03:04 amaitland

Could probably use some more tests, specifically for multiple origins in the list

amaitland avatar Apr 12 '25 03:04 amaitland

:x: Build CefSharp 135.0.170-CI5207 failed (commit https://github.com/cefsharp/CefSharp/commit/bcf0a561b5 by @amaitland)

AppVeyorBot avatar Apr 12 '25 03:04 AppVeyorBot

:x: Build CefSharp 135.0.170-CI5209 failed (commit https://github.com/cefsharp/CefSharp/commit/8a395dfd16 by @amaitland)

AppVeyorBot avatar Apr 12 '25 04:04 AppVeyorBot

:white_check_mark: Build CefSharp 135.0.170-CI5213 completed (commit https://github.com/cefsharp/CefSharp/commit/0ac4c7d444 by @amaitland)

AppVeyorBot avatar Apr 12 '25 05:04 AppVeyorBot

Walkthrough

The changes implement origin-based restrictions for JavaScript binding APIs in CefSharp. New settings and logic allow specifying allowed origins, and JavaScript binding objects are only created if the current page's origin matches these. Tests are added to verify this behavior, and internal state is updated to support the new restrictions.

Changes

File(s) Change Summary
CefSharp.BrowserSubprocess.Core/CefAppUnmanagedWrapper.cpp, CefSharp.BrowserSubprocess.Core/CefAppUnmanagedWrapper.h Added logic and private members to support checking allowed origins for JavaScript binding API object creation.
CefSharp.Core.Runtime/ManagedCefBrowserAdapter.cpp Extended browser creation to pass allowed origins and related flags via extraInfo.
CefSharp/JavascriptBinding/JavascriptBindingSettings.cs Added JavascriptBindingApiAllowOrigins property and HasJavascriptBindingApiAllowOrigins() method to settings.
CefSharp.Test/JavascriptBinding/JavascriptBindingTests.cs Added tests to verify JavaScript binding API enablement/disablement based on allowed origins.
CefSharp.Test/CefSharpFixture.cs Added (commented-out) line for possible command-line argument; no effect on logic.

Sequence Diagram(s)

sequenceDiagram
    participant BrowserProcess
    participant RendererProcess
    participant CefAppUnmanagedWrapper

    BrowserProcess->>RendererProcess: Create browser (with extraInfo: allowed origins)
    RendererProcess->>CefAppUnmanagedWrapper: OnContextCreated (frame URL)
    CefAppUnmanagedWrapper->>CefAppUnmanagedWrapper: Parse frame URL, extract origin
    CefAppUnmanagedWrapper->>CefAppUnmanagedWrapper: Check if origin is in allowed list
    alt Origin allowed or no restrictions
        CefAppUnmanagedWrapper->>RendererProcess: Create JS binding objects
    else Origin not allowed
        CefAppUnmanagedWrapper-->>RendererProcess: Do not create JS binding objects
    end

Assessment against linked issues

Objective Addressed Explanation
Restrict access to JavaScript bound objects to specific allowed origins (domains/URLs) [#5001]
Add setting/property for specifying allowed domains in JavaScript binding settings [#5001]
Ensure CefSharp enforces validation and restricts object creation based on origin [#5001]
Add tests to verify enablement/disablement of JS binding API based on allowed origins [#5001]

Poem

In the warren of code where the browsers hop, Now origins are checked before JS can pop! If your domain is trusted, the bindings appear, If not, the objects just vanish—no fear! With settings and tests, this rabbit approves, Securely, our browser now nimbly moves! 🐇✨

[!ANNOUNCEMENT]

⚡️ AI Code Reviews for VS Code, Cursor, Windsurf

CodeRabbit now has a plugin for VS Code, Cursor and Windsurf. This brings AI code reviews directly in the code editor. Each commit is reviewed immediately, finding bugs before the PR is raised. Seamless context handoff to your AI code agent ensures that you can easily incorporate review feedback. Learn more here.

[!ANNOUNCEMENT]

⚡️ Faster reviews with caching

CodeRabbit now supports caching for code and dependencies, helping speed up reviews. This means quicker feedback, reduced wait times, and a smoother review experience overall. Cached data is encrypted and stored securely. This feature will be automatically enabled for all accounts on May 16th. To opt out, configure Review - Disable Cache at either the organization or repository level. If you prefer to disable all data retention across your organization, simply turn off the Data Retention setting under your Organization Settings. Enjoy the performance boost—your workflow just got faster.

✨ Finishing Touches
  • [ ] 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot] avatar May 14 '25 20:05 coderabbitai[bot]

@coderabbitai review

amaitland avatar May 14 '25 20:05 amaitland

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai[bot] avatar May 14 '25 20:05 coderabbitai[bot]

:white_check_mark: Build CefSharp 136.1.40-CI5256 completed (commit https://github.com/cefsharp/CefSharp/commit/f728ec3ccf by @amaitland)

AppVeyorBot avatar May 14 '25 21:05 AppVeyorBot