From b5ae10cf90ba4087bc5d94f923ed97c83bf6a44a Mon Sep 17 00:00:00 2001 From: Snider Date: Wed, 15 Apr 2026 20:15:45 +0100 Subject: [PATCH] Fix manifest-backed preload trust --- pkg/display/manifest.go | 8 +++++++- pkg/display/preload.go | 8 ++++++++ pkg/display/preload_test.go | 30 ++++++++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 1 deletion(-) diff --git a/pkg/display/manifest.go b/pkg/display/manifest.go index 21644b5c..23c5a234 100644 --- a/pkg/display/manifest.go +++ b/pkg/display/manifest.go @@ -132,7 +132,13 @@ func discoverManifestPath(pageURL string) (string, error) { } default: if parsed.Host != "" { - candidates = append(candidates, filepath.Join(core.Env("DIR_HOME"), ".core", "apps", parsed.Host, ".core", "view.yaml")) + home := strings.TrimSpace(os.Getenv("DIR_HOME")) + if home == "" { + home = strings.TrimSpace(core.Env("DIR_HOME")) + } + if home != "" { + candidates = append(candidates, filepath.Join(home, ".core", "apps", parsed.Host, ".core", "view.yaml")) + } } } for _, candidate := range candidates { diff --git a/pkg/display/preload.go b/pkg/display/preload.go index d161881f..2d06b4a2 100644 --- a/pkg/display/preload.go +++ b/pkg/display/preload.go @@ -31,6 +31,9 @@ func (s *Service) InjectPreload(webview PreloadTarget, origin string) error { // Use: script, _ := display.BuildPreloadScript("https://example.com") func (s *Service) BuildPreloadScript(pageURL string) (string, error) { trustedOrigin := trustedPreloadOrigin(pageURL) + if !trustedOrigin && s.manifestBackedPreloadOrigin(pageURL) { + trustedOrigin = true + } storageBootstrap := map[string]map[string]string{} if s.storage != nil { storageBootstrap = s.storage.Snapshot(pageURL) @@ -56,6 +59,11 @@ func (s *Service) BuildPreloadScript(pageURL string) (string, error) { return strings.Join(parts, "\n"), nil } +func (s *Service) manifestBackedPreloadOrigin(pageURL string) bool { + loaded, err := s.loadManifestForOrigin(pageURL) + return err == nil && loaded != nil +} + func trustedPreloadOrigin(pageURL string) bool { trimmed := strings.TrimSpace(pageURL) if trimmed == "" { diff --git a/pkg/display/preload_test.go b/pkg/display/preload_test.go index 8f9af050..c7545f60 100644 --- a/pkg/display/preload_test.go +++ b/pkg/display/preload_test.go @@ -66,6 +66,36 @@ func TestDisplay_Good_WindowOpenTrustedOriginIncludesPrivilegedBridge(t *testing assert.Contains(t, script, "globalThis.core.ml") } +func TestDisplay_Good_WindowOpenManifestBackedOriginIncludesPrivilegedBridge(t *testing.T) { + home := t.TempDir() + require.NoError(t, os.MkdirAll(filepath.Join(home, ".core", "apps", "example.com", ".core"), 0o755)) + require.NoError(t, os.WriteFile(filepath.Join(home, ".core", "apps", "example.com", ".core", "view.yaml"), []byte("name: example\n"), 0o644)) + t.Setenv("DIR_HOME", home) + + platform := window.NewMockPlatform() + c := core.New( + core.WithService(Register(nil)), + core.WithService(window.Register(platform)), + core.WithServiceLock(), + ) + require.True(t, c.ServiceStartup(context.Background(), nil).OK) + + result := c.Action("window.open").Run(context.Background(), core.NewOptions( + core.Option{Key: "task", Value: window.TaskOpenWindow{ + Options: []window.WindowOption{ + window.WithName("manifest-backed"), + window.WithURL("https://example.com/app"), + }, + }}, + )) + require.True(t, result.OK) + require.Len(t, platform.Windows, 1) + script := platform.Windows[0].ExecJSCalls()[0] + assert.Contains(t, script, "globalThis.electron") + assert.Contains(t, script, "core.background.serviceWorker.register") + assert.Contains(t, script, "globalThis.core.ml") +} + func TestDisplay_Good_CoreSchemeRoutesThroughBackend(t *testing.T) { platform := window.NewMockPlatform() c := core.New(