diff --git a/src/greeter.c b/src/greeter.c index 46236bb..5f5b3e7 100644 --- a/src/greeter.c +++ b/src/greeter.c @@ -157,28 +157,6 @@ theme_heartbeat_exit_handler(void) { } -static void -script_loaded_cb(GObject *object, - GAsyncResult *result, - gpointer user_data) { - - WebKitJavascriptResult *js_result; - GError *error = NULL; - - js_result = webkit_web_view_run_javascript_from_gresource_finish( - WEBKIT_WEB_VIEW(object), - result, - &error - ); - - if (!js_result) { - g_error_free(error); - } else { - webkit_javascript_result_unref(js_result); - } -} - - /** * Makes the greeter behave a bit more like a screensaver if it was launched as * a lock-screen by blanking the screen. @@ -194,24 +172,6 @@ lock_hint_enabled_handler(void) { } -static void -load_script(char *script) { - webkit_web_view_run_javascript_from_gresource( - WEBKIT_WEB_VIEW(web_view), - script, - NULL, - (GAsyncReadyCallback) script_loaded_cb, - NULL - ); -} - - -static void -greeter_loaded_handler(void) { - //load_script(GRESOURCE_PATH "/js/bundle.js"); -} - - /** * Message received callback. * @@ -247,10 +207,7 @@ message_received_cb(WebKitUserContentManager *manager, printf("Error running javascript: unexpected return value"); } - if (strcmp(message_str, "GreeterLoaded") == 0) { - greeter_loaded_handler(); - - } else if (strcmp(message_str, "LockHint") == 0) { + if (strcmp(message_str, "LockHint") == 0) { lock_hint_enabled_handler(); } else if (strcmp(message_str, "Heartbeat") == 0) { @@ -293,6 +250,7 @@ javascript_bundle_injection_setup() { WebKitUserScript *bundle; GBytes *data; guint8 *data_as_guint; + gsize data_size; gchar *script; data = g_resource_lookup_data( @@ -302,7 +260,7 @@ javascript_bundle_injection_setup() { NULL ); - data_as_guint = g_byte_array_free(g_bytes_unref_to_array(data), FALSE); + data_as_guint = g_bytes_unref_to_data(data, &data_size); script = g_strdup_printf("%s", data_as_guint); bundle = webkit_user_script_new( diff --git a/src/gresource/js/Greeter.js b/src/gresource/js/Greeter.js index 783e5f0..a459c81 100644 --- a/src/gresource/js/Greeter.js +++ b/src/gresource/js/Greeter.js @@ -313,7 +313,7 @@ const __lightdm = new Promise( (resolve, reject) => { } check_window_prop(); - }, 1 ); + }, 0 ); }; check_window_prop(); diff --git a/src/gresource/js/GreeterConfig.js b/src/gresource/js/GreeterConfig.js index 3d466e5..bc0b95c 100644 --- a/src/gresource/js/GreeterConfig.js +++ b/src/gresource/js/GreeterConfig.js @@ -167,7 +167,7 @@ const __greeter_config = new Promise( (resolve, reject) => { } check_window_prop(); - }, 1 ); + }, 0 ); }; check_window_prop(); diff --git a/src/gresource/js/ThemeUtils.js b/src/gresource/js/ThemeUtils.js index 5594974..7c7c8e0 100644 --- a/src/gresource/js/ThemeUtils.js +++ b/src/gresource/js/ThemeUtils.js @@ -213,7 +213,7 @@ const __theme_utils = new Promise( (resolve, reject) => { } check_window_prop(); - }, 1 ); + }, 0 ); }; check_window_prop(); diff --git a/src/webkit2-extension.c b/src/webkit2-extension.c index 869e437..045fa52 100644 --- a/src/webkit2-extension.c +++ b/src/webkit2-extension.c @@ -91,6 +91,8 @@ static JSClassRef greeter_config_class, theme_utils_class; +static gboolean secure_mode; +static gboolean secure_mode_checked = FALSE; static gboolean SESSION_STARTING = FALSE; static WebKitWebExtension *WEB_EXTENSION; @@ -1189,8 +1191,6 @@ get_conf_str_cb(JSContextRef context, value = g_key_file_get_string(keyfile, section, key, &err); } - - if (err) { _mkexception(context, exception, err->message); g_error_free(err); @@ -1653,11 +1653,6 @@ window_object_cleared_callback(WebKitScriptWorld *world, dom_window = webkit_dom_document_get_default_view(dom_document); if (dom_window) { - /* Notify the UI process that the greeter is loaded */ - webkit_dom_dom_window_webkit_message_handlers_post_message( - dom_window, "GreeterBridge", "GreeterLoaded" - ); - /* If the greeter was started as a lock-screen, notify our UI process. */ if (lightdm_greeter_get_lock_hint(greeter)) { webkit_dom_dom_window_webkit_message_handlers_post_message( @@ -1795,6 +1790,7 @@ get_config_option_as_bool(const gchar *section, const gchar *key, GError *err) { return g_key_file_get_boolean(keyfile, section, key, &err); } + static gchar* get_config_option_as_string(const gchar *section, const gchar *key) { gchar *value; @@ -1867,7 +1863,7 @@ should_block_request(const char *file_path) { * @return TRUE to stop other handlers from being invoked for the event (block the request). * FALSE to continue emission of the event (allow the request). */ -static gboolean +gboolean web_page_send_request_cb(WebKitWebPage *web_page, WebKitURIRequest *request, WebKitURIResponse *redirected_response, @@ -1876,6 +1872,7 @@ web_page_send_request_cb(WebKitWebPage *web_page, char *request_scheme; gchar *request_file_path; char *request_file_path_without_query; + gboolean decision; const char *request_uri = webkit_uri_request_get_uri(request); request_scheme = g_uri_parse_scheme(request_uri); @@ -1884,26 +1881,33 @@ web_page_send_request_cb(WebKitWebPage *web_page, * :face_with_rolling_eyes: */ - if (strcmp(request_scheme, "data") == 0) { - g_free(request_scheme); - return FALSE; /* Allowed */ - } + if (NULL != strstr(request_uri, "mock.js")) { + /* Never allow mock greeter script to be loaded in the greeter */ + decision = TRUE; /* Blocked */ + + } else if (FALSE == secure_mode) { + decision = FALSE; /* Allowed */ + + } else if (0 == strcmp(request_scheme, "data") || 0 == strcmp(request_scheme, "resource")) { + decision = FALSE; /* Allowed */ + + } else if (0 == strcmp(request_scheme, "file")) { + request_file_path = g_filename_from_uri(request_uri, NULL, NULL); + request_file_path_without_query = g_strdup(request_file_path); - if (strcmp(request_scheme, "file") != 0) { + request_file_path_without_query = remove_query_and_hash(request_file_path_without_query); + + decision = should_block_request(request_file_path_without_query); + + } else { /* In order to ensure the user's privacy & security, only local requests are allowed. */ g_warning("request scheme error: %s", request_scheme); - g_free(request_scheme); - return TRUE; /* Blocked */ + decision = TRUE; /* Blocked */ } - request_file_path = g_filename_from_uri(request_uri, NULL, NULL); - request_file_path_without_query = g_strdup(request_file_path); - - request_file_path_without_query = remove_query_and_hash(request_file_path_without_query); - g_free(request_scheme); - return should_block_request(request_file_path_without_query); + return decision; } @@ -1912,26 +1916,23 @@ page_created_cb(WebKitWebExtension *extension, WebKitWebPage *web_page, gpointer user_data) { - gboolean secure_mode; GError *err = NULL; // save the page_id (global variable) page_id = webkit_web_page_get_id(web_page); - // Determine if secure_mode is enabled and connect callback to signal if so. - secure_mode = get_config_option_as_bool("greeter", "secure_mode", err); + // Make sure secure_mode variable has been set + if (FALSE == secure_mode_checked) { + secure_mode = get_config_option_as_bool("greeter", "secure_mode", err); + secure_mode_checked = TRUE; - if (FALSE == secure_mode && NULL == err) { - // secure_mode is disabled in our config file. bail. - return; + if (NULL != err) { + // Use default value + secure_mode = TRUE; + } } - g_signal_connect( - web_page, - "send-request", - G_CALLBACK(web_page_send_request_cb), - NULL - ); + g_signal_connect(web_page, "send-request", G_CALLBACK(web_page_send_request_cb), NULL); }