2
2
mirror of https://github.com/Llewellynvdm/nativefier.git synced 2024-12-23 02:28:55 +00:00
Commit Graph

238 Commits

Author SHA1 Message Date
Ronan Jouchet
ecfb5e92bb Old build detection: doc 2021-04-11 20:54:44 -04:00
Ronan Jouchet
da06d933df Old build detection: bump to 90 days, let packagers customize message 2021-04-11 20:40:41 -04:00
Alec Mev
d0ab749bd6
Add Apple ID to automatically-internal login pages (#1146)
Used by Notion, for example. TLDs other than `.com` don't appear to exist.
2021-04-01 18:03:07 -04:00
Evan Anderson
4298d2da06
Automatically-internal login URLs: add GitHub 2FA pages (PR #1140)
I have 2FA (FIDO/Yubikey) set up for GitHub, and the session login was redirecting to my browser. Looking at the redirect path, it appears that github.com/session is involved, so adding that to internal login details.

With this patched, I'm able to login in to https://octobox.io/ in nativefier.
2021-03-17 07:39:24 -04:00
Adam Weeden
50ce2f81dd
Add a session-interaction event to allow injected js to interact with apps Electron session object (PR #1132)
As discussed in #283 this PR will allow injected JS to do SOME interaction with the Electron session.

There is a full explanation of what this feature can, and cannot do, with examples in the api.md documentation.

This will provide a path for resolving many of our issues where users may "self-service" the solution by injecting JS that performs the task needed to meet their objectives.

Co-authored-by: Ronan Jouchet <ronan@jouchet.fr>
2021-03-13 21:24:48 -05:00
Ronan Jouchet
eaa9d8471b Old build detection: simpler error message 2021-03-11 09:37:33 -05:00
Ronan Jouchet
dcadfb0bca Bump to Electron 12.0.1 with Chrome 89.0.4389.82 2021-03-10 20:25:33 -05:00
Ronan Jouchet
74a7d3375d App: revert addition of extra flag --internal-login-pages
See discussion at https://github.com/nativefier/nativefier/pull/1124#issuecomment-794751514 :

> @TheCleric I was about to merge this, then reconsidered one little thing (yes I wrote "little", I'm not reconsidering this whole thing 😅).
>
> I'm re-considering having the extra flag. I'm not so sure this will harm a lot of use cases. I'd like to 1. merge this PR, 2. immediately follow up with a small commit removing the flag & adjusting api.md, 3. release with the change well-documented / asking for feedback if this is problematic to anyone. (I'm not asking you any extra work, and like leaving an in-tree commit trace of considering the flag). If people complain with a valid reason, we'll restore the flag with a quick revert, else we're happy with one less flag and a reasonably-handled breaking change.
>
> Thoughts / objections?

Answered by:

> That seems reasonable to me.
>
> [discussion on an extra structured way to pass flags]
2021-03-10 19:36:20 -05:00
Adam Weeden
6f7e80bafd
App: Automatically consider known login pages as internal (fix #706) (PR #1124)
Co-authored-by: Ronan Jouchet <ronan@jouchet.fr>
2021-03-10 19:20:53 -05:00
Ronan Jouchet
e59e056f59 Bump deps 2021-03-04 12:37:11 -05:00
Ronan Jouchet
c0a6604676
Fix considering "same domain-ish" URLs as internal (PR #1126)
In 6b266b7815, as I got rid of deprecated dep `wurl`, I wrote:

> This one may be problematic, as it used to do TLD stuff:
> https://github.com/websanova/node-url/blob/7982a613bc/wurl.js#L4
>
> So, the new WHATWG-URL-based implementation will consider
> `asana.com` to be "external" to `app.asana.com`, contrarily to before.
> Given the nature of Nativefier, I think it's actually what to expect,
> that in this case you're "out of the app", and in e.g. asana's landing
> page, which you'd expect to see in your browser.

Turns out it's even more problematic: @TheCleric notices in https://github.com/nativefier/nativefier/pull/1124#issuecomment-790279403
that this breaks app `https://evernote.com` doing its login in `www.evernote.com`

The present change fixes this, by behaving mostly similarly to before,
but without re-introducing `wurl` or another dep needing a TLD/SLD list.
2021-03-04 10:00:53 -05:00
Adam Weeden
adcf21a3df
macOS: Prompt for accessibility permissions if needed by Global Shortcuts using Media Keys (Fix #1120) (PR #1121)
When setting a media key (play, pause, next/previous track) as global shortcut in Mac OS 10.14+, accessibility permissions must be given to the app for it to work (see https://www.electronjs.org/docs/api/global-shortcut?q=MediaPlayPause#globalshortcutregisteraccelerator-callback).

This PR will accomplish the following on generated app launch:
- Check if global shortcuts are being setup
- Check if the host OS is Mac OS
- Check if the global shortcuts were one of the media keys
- If the above are true, check if the app has accessibility permissions
- If the app does not have the accessibility permissions it will ask the user if they would like to be prompted for these permissions, and then ask Mac OS to prompt for accessibility permissions.

~~As well, a new command line flag is added (`--no-accessibility-prompt`) to preventatively suppress these prompts if desired.~~

Screenshots of the new behavior:
![Screen Shot 2021-02-26 at 2 41 21 PM](https://user-images.githubusercontent.com/547567/109356260-76bfde00-784e-11eb-8c36-3a51b911b780.png)
![Screen Shot 2021-02-26 at 2 41 28 PM](https://user-images.githubusercontent.com/547567/109356266-79223800-784e-11eb-94eb-66437c05fd10.png)
![Screen Shot 2021-02-26 at 2 41 50 PM](https://user-images.githubusercontent.com/547567/109356270-7aebfb80-784e-11eb-9e90-e09bb49752c6.png)

Co-authored-by: Ronan Jouchet <ronan@jouchet.fr>
2021-02-28 10:24:14 -05:00
Ronan Jouchet
519e65e7da TSConfig: bump to target/lib es2018, since we require node10 2021-02-26 22:50:59 -05:00
Ronan Jouchet
6b266b7815 (Attempt to) get rid of deprecated app dep wurl
This one may be problematic, as it used to do TLD stuff:
https://github.com/websanova/node-url/blob/7982a613bc/wurl.js#L4

So, the new WHATWG-URL-based implementation will consider
`asana.com` to be "external" to `app.asana.com`, contrarily to before.
Given the nature of Nativefier, I think it's actually what to expect,
that in this case your "out of the app", and in e.g. asana landing's page,
which you'd expect to see in your browser.

Let's see if users disagree with that.
2021-02-25 18:55:28 -05:00
Ronan Jouchet
f4a0479a11 Bump default Electron to 11.3.0 with the icon fix (with Chromium 87.0.4280.141) 2021-02-25 18:28:29 -05:00
Ronan Jouchet
4bf0226da0 Deps: come back to semver ^a.b.c syntax
Thinking about it again, the user-friendlier `a.x` syntax has one disadvantage
over `^a.b.c`: it doesn't force deps upgrades when they upgrade Nativefier.
`a.x` is fine on initial install, but a user with an insecure dep
(e.g. axios 0.19.0) will _not_ get fixed axios 0.21.1 on upgrading Nativefier.
-> Come back to `a.x` everywhere.

Still not introducing package locks, they're too confusing to new devs.
See https://github.com/nativefier/nativefier/pull/1099#issuecomment-761250232
2021-02-25 08:15:39 -05:00
Jia Hao
6316d23762 Move to nativefier organization 2021-01-30 04:49:52 +00:00
erythros
9b608d4d24
Correctly start in tray when both --maximize and --tray start-in-tray are passed (fix #1015) (PR #1079)
Co-authored-by: erythros <erythros.com>
2020-12-01 19:14:06 -05:00
Matthew Ruzzi
e8d3530b43
Warn on old Electron/Chrome (fix #556) (PR #1076)
Co-authored-by: Ronan Jouchet <ronan@jouchet.fr>
2020-11-30 21:45:35 -05:00
Ronan Jouchet
292416b83f Bump default Electron to 11.0.2 2020-11-21 11:28:00 -05:00
Ronan Jouchet
b1d0d6857f Bump default Electron to 10.1.0, bump to TS 4.x 2020-08-29 16:16:25 -04:00
Ronan Jouchet
d16da7dd1f Type BrowserWindow 2020-08-10 21:21:24 -04:00
Joe Skeen
8e8cd24e0d
Add --block-external-urls flag to forbid external navigation attempts (Fix #978 - PR#1012)
Fixes #978 

Adds a `--block-external-urls` option (default: `false`) that prevents opening external links (as classified by the `--internal-urls` option).

Documentation and tests updated.


Example:
```
nativefier --internal-urls "classroom\.google\.com" --block-external-urls
```
![image](https://user-images.githubusercontent.com/12286274/88739501-f12d5180-d0f7-11ea-9821-86f3e9bfa070.png)
![image](https://user-images.githubusercontent.com/12286274/88739512-fab6b980-d0f7-11ea-877c-7bd565352a93.png)
2020-08-02 14:31:47 -04:00
Ronan Jouchet
8684887fc6 Bump eslint to 7.x, fix new lint errors 2020-07-18 11:19:58 -04:00
Ronan Jouchet
f23447312d Fix 'Image could not be created' app error on run (fix #992)
Electron 9.x now crashes when passed a non-existent icon.
Also, it accepts both ico and png.
So, do our best to pass it a file that exists.
2020-07-18 01:26:23 -04:00
Ronan Jouchet
e5ba8c779f Bump default Electron to 9.0.4, bump deps (jest, electron-context-menu) 2020-06-13 10:23:15 -04:00
Alexander Weps
1d3bed5f09
Fix: notifications (fix #88, fix #956), processEnvs, using as git (#955)
1. Fix (broken since 2016): Notifications broken by lambda constructor
2. Fix: `--processEnvs` broken by additional processEnvs object, the result was:
`processEnvs: {processEnvs: {...}}` which caused the conversion of the inner object into string `[object Object]`, no nesting allowed there probably. Compatibility introduced.
3. Fix: package.json missing `prepare` (or even prepublish), which breaks using as git dependency.
2020-04-27 11:52:21 -04:00
Ronan Jouchet
eef320a150 Bump default Electron to 8.2.3, and bump app/electron-context-menu to 1.x 2020-04-22 22:09:13 -04:00
Ronan Jouchet
4fbc3f7503 Fix 'Unable to load preload script' (fix #934)
No reason to use loglevel in the *app*.
It makes sense in the CLI, but in the app console.{info,log,...} is totally fine.
2020-04-22 22:02:34 -04:00
Ronan Jouchet
139a5745c8 Fix unintentionally *global*/os-wide keyboard shortcuts (fix #930) 2020-03-27 08:47:44 -04:00
Ronan Jouchet
4068497120 App/menu: back & forward: expose standard shortcuts first & handle mac, keep old weird shortcuts for backward compat 2020-03-18 08:51:46 -04:00
Ronan Jouchet
f7215814d7 App/menu: cleanup, typing, properly hide devtools when asked (fix #842) 2020-03-18 00:21:17 -04:00
Ronan Jouchet
cde5c1e13b Fix failing to global-sudo-install due to postinstall script (fix #923)
As documented in https://github.com/jiahaog/nativefier/issues/923#issuecomment-599300317 ,

- #923 is caused by installing placeholder app deps at nativefier
  *install* time, with yarn (8.0.2) or npm (8.0.3). This is new in
  Nativefier 8.x, for the motivations behind it, see
  https://github.com/jiahaog/nativefier/pull/898#issuecomment-583865045

- During testing, I did test global installs, but never to a
  system / non-user-writable path (my `$npm_config_prefix` is set to
  `"$HOME/.node_modules"`)

- But without such a config and when installing globally to a
  non-user-writable/system path with `sudo npm i -g nativefier`,

    - Installation of nativefier core works...

    - ... but then `postinstall` tries to do its job of installing
    app deps, and fails in various OS-dependent ways, but all about
    access rights.
    I suspect that, although main nativefier install runs as `su` with
    access rights to system paths, `postinstall` scripts are run *out*
    of `su`.
    That would make sense for security reasons: out of hook scripts,
    npm knows exactly what will be touched in your filesystem: it's the
    static contents of the published tarball; a postinstall script with
    sudo rights could do nasty dynamic stuff. So, although I don't see
    any mention of that in
    [npm-scripts docs / hooks](https://docs.npmjs.com/misc/scripts#hook-scripts)
    and I haven't dug npm/cli's code, I can understand it.

So, reverting back to `webpack`ing the placeholder app, as done pre-8.0.
2020-03-16 21:06:03 -04:00
Ronan Jouchet
c9ee6667d4
Revamp and move to TypeScript (#898)
## Breaking changes

- Require **Node >= 8.10.0 and npm 5.6.0**
- Move to **Electron 8.1.1**.
- That's it. Lots of care went into breaking CLI & programmatic behavior
  as little as possible. **Please report regressions**.
- Known issue: build may fail behind a proxy. Get in touch if you use one:
  https://github.com/jiahaog/nativefier/issues/907#issuecomment-596144768

## Changes summary

Nativefier didn't get much love recently, to the point that it's
becoming hard to run on recent Node, due to old dependencies.
Also, some past practices now seem weird, as better expressible
by modern JS/TS, discouraging contributions including mine.

Addressing this, and one thing leading to another, came a
bigger-than-expected revamp, aiming at making Nativefier more
**lean, stable, future-proof, user-friendly and dev-friendly**,
while **not changing the CLI/programmatic interfaces**. Highlights:

- **Require Node>=8**, as imposed by many of our dependencies. Node 8
  is twice LTS, and easily available even in conservative Linux distros.
  No reason not to demand it.
- **Default to Electron 8**.
- **Bump** all dependencies to latest version, including electron-packager.
- **Move to TS**. TS is great. As of today, I see no reason not to use it,
  and fight interface bugs at runtime rather than at compile time.
  With that, get rid of everything Babel/Webpack.
- **Move away from Gulp**. Gulp's selling point is perf via streaming,
  but for small builds like Nativefier, npm tasks are plenty good
  and less dependency bloat. Gulp was the driver for this PR: broken
  on Node 12, and I didn't feel like just upgrading and keeping it.
- Add tons of **verbose logs** everywhere it makes sense, to have a
  fine & clear trace of the program flow. This will be helpful to
  debug user-reported issues, and already helped me fix a few bugs.
    - With better simple logging, get rid of the quirky and buggy
      progress bar based on package `progress`. Nice logging (minimal
      by default, the verbose logging mentioned above is only used
      when passing `--verbose`) is better and one less dependency.
- **Dump `async` package**, a relic from old callback-hell early Node.
  Also dump a few other micro-packages unnecessary now.
- A first pass of code **cleanup** thanks to modern JS/TS features:
  fixes, simplifications, jsdoc type annotations to types, etc.
- **Remove GitHub integrations Hound & CodeClimate**, which are more
  exotic than good'ol'linters, and whose signal-to-noise ratio is too low.
- Quality: **Add tests** and add **Windows + macOS CI builds**.
  Also, add a **manual test script**, helping to quickly verify the
  hard-to-programatically-test stuff before releases, and limit regressions.
- **Fix a very small number of existing bugs**. The goal of this PR was
  *not* to fix bugs, but to get Nativefier in better shape to do so.
  Bugfixes will come later. Still, these got addressed:
  - Add common `Alt`+`Left`/`Right` for previous/next navigation.
  - Improve #379: fix zoom with `Ctrl` + numpad `+`/`-`
  - Fix pinch-to-zoom (see https://github.com/jiahaog/nativefier/issues/379#issuecomment-598612128 )
2020-03-15 16:50:01 -04:00
Roberto Leinardi
261ee2913b
Fix #903: JS error when using Electron 7+ and --tray (PR #904)
The API `tray.setHighlightMode(mode)` has been be removed in electron v7.0
without replacement.

This causes the display of an error dialog every time an app is
shown/hidden if the parameter `--tray` is used when nativefying. This is
completely independent form the website you are nativefying and it
happens with all the version of electron after 6.x.

Source: https://www.electronjs.org/docs/api/breaking-changes#tray
2020-02-16 18:11:48 -05:00
Adrian DC
359f57c1f7 app: fix: nativefier application menu support on Electron 5.0 (#876) 2019-10-27 15:42:02 -04:00
otato.z
ef13ff1e1d feat: proxy rules with --proxy-rules flag (#854)
See https://electronjs.org/docs/api/session?q=proxy#sessetproxyconfig-callback
2019-10-22 19:38:39 -04:00
Adrian DC
84f06e3e79 app: handle nativefier.json readonly access with options.maximize (#856)
**Resolves #855**

**Example result upon Terminal launch:**

`WARNING: Ignored nativefier.json rewrital (Error: EACCES: permission denied, open '/usr/lib/jupyter-remote-client/resources/app/nativefier.json')`

**Behaviour:**

+ Instead of crashing, the application properly opens and is always maximized.

+ When permissions are R/W, the application is maximized on first launch and the closing states are remembered by the OS throughout launches.
2019-10-22 19:36:40 -04:00
shun
e00f08e5d6 Fix filter exception when injecting CSS (PR #837)
When injecting CSS, an `onBeforeRequest paramater 'filter' must have property 'urls'` error is thrown.

![image](https://user-images.githubusercontent.com/599164/63574823-a3dd6180-c5c3-11e9-89c0-a9debdd4f696.png)

This is caused by [Electron PR #19337: Throw on invalid webRequest filters](https://github.com/electron/electron/pull/19337).

So, pass filter argument properly, like Electron expects it strictly.
2019-08-28 07:28:18 -04:00
Alex D'Andrea
b4d1ee0d39 Restore login functionality broken since Electron 5.x (PR #826)
nodeIntegration is required if eg. Javascript code makes use of the
`require` expression to import classes into the current scope. login.js
uses an electron import - without it, the callback mechanism does not
work, and thus the whole login functionality.

Electron seems to have changed the default value for a windows `nodeIntegration` to `false` since version 5 (see https://stackoverflow.com/questions/55093700/electron-5-0-0-uncaught-referenceerror-require-is-not-defined)

Without the integration, the login component's functionality is broken, though. This PR enables the nodeIntegration feature for the login window and makes it properly propagate the given credentials.

Tested with Electron 6.0.0 on Linux.
2019-08-22 21:41:37 +02:00
FabulousCupcake
d0a0614ba3 Add --browserwindow-options to completely expose Electron options (PR #835)
This adds a new flag `--browserwindow-options`, taking a stringified JSON object as input.  
It will be inserted directly into the options when BrowserConfig is initialized.

This allows total configurability of the electron BrowserWindow configuration via nativefier.

An example use case is added to the documentation, which modifies the default font family in the browser.

#### References

- https://github.com/electron/electron/blob/master/docs/api/browser-window.md#new-browserwindowoptions
  - See the following for electron v3.1.7
  - https://github.com/electron/electron/blob/v3.1.7/docs/api/browser-window.md#new-browserwindowoptions
2019-08-22 21:37:49 +02:00
Umair Ahmed
81c422d4e0 Support setting background color (fixes #795) (PR #819)
Adds a `--background-color` flag for the background of the window when the app isn't loaded.
2019-08-22 21:25:58 +02:00
Adrian DC
b959956a38 Squirrel: resolve .quit() issue with missing ../screen (PR #784)
* As explained in: https://github.com/electron/electron/issues/8862#issuecomment-294303518
    an issue with .quit() exists with a "Cannot find module '../screen'" issue,
    while using the .exit() alternative avoids the issue

* Validated on Windows with the same logic as #744 where the issue recently appeared
2019-04-19 13:21:36 -04:00
Ying
479611ecc4 Fix crash when launching a second instance using option --single-instance (Fixes #664)
This refactors the deprecated call to `app.makeSingleInstance()`.
See [electron / app.requestSingleInstanceLock()](https://electronjs.org/docs/all?q=app.requestSingleInstanceLock).
2019-03-25 11:16:28 -04:00
Anas Emad
a27bb0fd35 Prevent menu from opening on Alt+Shift, by defining Alt+... menu shortcuts (#768)
On Linux if you try to change the keyboard layout with Alt + Shift,
the menu will pop up. Shortcuts are needed because Electron opens
the first menu on pressing `Alt` if no hotkey is assigned.

[Similar issue in RocketChat](https://github.com/RocketChat/Rocket.Chat.Electron/issues/50)
2019-03-17 11:29:15 -04:00
Adrian DC
5b6cc89f22 Fix #316: Add --clear-cache flag to cleanup session on start/exit ("incognito" mode) (PR #747)
- Add a new `clearCache` option and `--clear-cache` parameter
  to trigger session cleanups upon window launch and close

- Covers the feature request from issue #316 

- Use case example: Forcing authentification / login between sessions without limiting cache size
2019-02-08 10:03:29 -05:00
Adrian DC
310d63e397 Support packaging nativefier applications into Squirrel-based installers (#744)
[Squirrel](https://github.com/Squirrel/Squirrel.Windows) is *"an installation and update
framework for Windows desktop apps "*.

This PR adds `electron-squirrel-startup`, allowing to package nativefier applications 
into squirrel-based setup installers. Squirrel require this entrypoint to perform
desktop and startup menu creations, without showing the UI on setup launches.

- References: https://github.com/mongodb-js/electron-squirrel-startup

- Resolves `electron-winstaller` and `electron-installer-windows` support of desktop / startup menu shortcuts for nativefier packaged applications.

- The `electron-squirrel-startup` entrypoint has no effect on both Linux and Darwin, only on Windows

- Supporting it directly inside `nativefier` avoids having to "hack" around the existing `main.js`
  and including dependencies from `electron-squirrel-startup` in an intermediate package
  to be included in a third layer for the final installer executable

- The following script based on both `nativefier` and `electron-winstaller` templates
   represents a portable proof of concept for this merge request :

```js
var nativefier = require('nativefier').default;
var electronInstaller = require('electron-winstaller');

var options = {
  name: 'Web WhatsApp',
  targetUrl: 'http://web.whatsapp.com',
  platform: 'windows',
  arch: 'x64',
  version: '0.36.4',
  out: '.',
  overwrite: false,
  asar: false,
  counter: false,
  bounce: false,
  width: 1280,
  height: 800,
  showMenuBar: false,
  fastQuit: false,
  userAgent: 'Mozilla ...',
  ignoreCertificate: false,
  ignoreGpuBlacklist: false,
  enableEs3Apis: false,
  insecure: false,
  honest: false,
  zoom: 1.0,
  singleInstance: false,
  fileDownloadOptions: {
    saveAs: true
  },
  processEnvs: {
    GOOGLE_API_KEY: '<your-google-api-key>'
  }
};

nativefier(options, function(error, appPath) {
  if (error) {
    console.error(error);
    return;
  }
  console.log('App has been nativefied to', appPath);

  resultPromise = electronInstaller.createWindowsInstaller({
    appDirectory: 'Web WhatsApp-win32-x64',
    outputDirectory: './',
    authors: 'Web WhatsApp',
    exe: 'Web WhatsApp.exe'
  });

  resultPromise.then(() => console.log('It worked!'), e => console.log(`No dice: ${e.message}`));
});
```
2019-02-08 09:57:32 -05:00
Dominic Hopton
e064f765cb Fix CSS & JavaScript injection (Fixes #703, Fixes #731, PR #732)
* Fix for CSS Injection not working (#703)

Issue:
When using `onHeadersReceived`, the code was passing `null` for the filters.
This appears to trigger behaviour that matches _no_ urls at all.
This results in it never being called to inject the CSS.

Fix:
Pass an empty array instead. Now it's called for all URLs.

Tests pass & linting is clean

* Fix JavaScript injection (#731)

Issue:
It appears that on low endd evices (Core m3 MacBook), the attachment to
`DOMContentLoaded` happens _after_ the event has been raised, so does
not have a chance to inject the script.

Fix:
Move the attachment to the top of the file -- before the imports. This
triggers a bunch of linting erros, so also added disablement inplace.

Additional:
Clarified when the injected JS gets loaded, and what it can assume about
the DOM.
2019-01-01 23:38:45 -05:00
Felix Eckhofer
8600c78d1a Add --start-in-tray CLI flag to let app start in background (PR #564, Fixes #522) 2018-12-01 14:04:55 -05:00
Luccas Clezar
114b4a9724 Fix CSS injection broken with Electron 3 (PR #709, Fixes #703)
See Electron 3.0 breaking API changes:
https://electronjs.org/blog/electron-3-0#breaking-api-changes

  [#12477] https://github.com/electron/electron/pull/12477
           refactor: removed `did-get-response-details` and `did-get-redirect-request events`
2018-11-30 21:14:20 -05:00