feat: add webUtils module with getPathForFile method #38776
Conversation
MarshallOfSound
force-pushed
the
replace-file-path
branch
from
9b10514 to
7ea03b7
Compare
ckerr
left a comment
ckerr
left a comment
There was a problem hiding this comment.
What's here so far LGTM.
Agree on the TODO for adding tests. I have no opinion on the naming but surely the API WG will want to bikeshed 😸
dsanders11
left a comment
dsanders11
left a comment
There was a problem hiding this comment.
Another todo: note deprecation of .path in docs/breaking-changes.md
I'm not in API WG but my 2 cents on the namespace would be not including blink since that feels a bit too internal/unnecessary detail for end API users. Possible alternatives:
|
zcbenz
left a comment
zcbenz
left a comment
There was a problem hiding this comment.
API LGTM
The API name is fine to me, but I'm also good with other alternatives.
I agree that |
itsananderson
left a comment
itsananderson
left a comment
There was a problem hiding this comment.
The old File.path augmentation always struck me as a weird privacy gap because AFAIK there's no way to prevent an "untrusted" renderer from accessing the full path of an uploaded file. If we're going to deprecate the old API, would it be worth considering the privacy implications of the new API, and perhaps having a way to limit its availability? Having a way to enable it in "preload" but disable it in the main world might be useful, for example.
At it's core the file path is available to the renderer process (this just returns a value that blink already had). Following our standard security assumptions this doesn't change the availability of that information to the process. All it does is improve web compatibility with things that don't expect Any permission model we put in place would be self-governing because it would be the renderer guarding itself (which doesn't make sense) |
|
@MarshallOfSound does it make sense to expose this in sandboxed renderers as well? |
Per my comment above
This isn't exposing any new capabilities to the process, so I think exposing this information to the slightly-more-privileged isolated preload context is perfectly valid 👍 |
|
@MarshallOfSound what I mean is that the PR is not doing that, it's not listed in |
|
@MarshallOfSound in case it's added there, it should be listed in |
Yeah I think it will still be useful because you could take that path (albeit untrusted) and hand it off to the main process to do something with 🤔 |
MarshallOfSound
force-pushed
the
replace-file-path
branch
from
7ea03b7 to
b59cc61
Compare
|
Thanks for the reviews folks @dsanders11 @ckerr @itsananderson @zcbenz @miniak I've renamed the module to the suggested |
|
API LGTM |
electron-cation
bot
added
api-review/approved ✅
and removed
api-review/requested 🗳
labels
jkleinsc
changed the title
jkleinsc
left a comment
jkleinsc
left a comment
There was a problem hiding this comment.
Requesting changes so that this doesn't get merged without tests.
MarshallOfSound
force-pushed
the
replace-file-path
branch
from
a94e2c6 to
e063b12
Compare
This is designed to replace the File.path augmentation we currently have in place to allow apps to get the filesystem path for a file that blink has a representation of. File.path is non-standard and messes with certain websites, using a method like this is effectively 0-cost and removes one of the final deviations we have with web standards.
MarshallOfSound
force-pushed
the
replace-file-path
branch
from
4e87064 to
6ff3dde
Compare
… replace-file-path
electron-cation
bot
added
api-review/approved ✅
and removed
api-review/requested 🗳
labels
|
Both test failures are known flakes, merging |
|
Release Notes Persisted
|
* feat: add blinkUtils module with getPathForFile method This is designed to replace the File.path augmentation we currently have in place to allow apps to get the filesystem path for a file that blink has a representation of. File.path is non-standard and messes with certain websites, using a method like this is effectively 0-cost and removes one of the final deviations we have with web standards. * add error * refactor: update per PR feedback * chore: update patches * oops * chore: update patches * chore: update patches * feat: add blinkUtils module with getPathForFile method This is designed to replace the File.path augmentation we currently have in place to allow apps to get the filesystem path for a file that blink has a representation of. File.path is non-standard and messes with certain websites, using a method like this is effectively 0-cost and removes one of the final deviations we have with web standards. * add error * refactor: update per PR feedback * chore: update patches * oops * chore: update patches * chore: update patches * chore: update patches * fix: provide isolate to WebBlob::FromV8Value * chore: add tests * build: fix depshash mismatch on arm64 macOS --------- Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
This is designed to replace the File.path augmentation we currently have in place to allow apps to get the filesystem path for a file that blink has a representation of.
File.path is non-standard and messes with certain websites, using a method like this is effectively 0-cost and removes one of the final deviations we have with web standards.
TODO:
blinkUtilsnamespacegetPathForFilemethod nameNotes: Added new
webUtils.getPathForFilemethod to replaceFile.pathaugmentation