From bd66d837a501bd5c1ec2e6209e218c598376de23 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Fri, 8 Mar 2024 15:25:46 +0100 Subject: [PATCH] [PM-6377] Fix HCaptcha accessibility and resolve Checkmarx warning (#8005) Turns out the HCaptcha accessibility feature on desktop stopped working a while back. This PR resolves it and tweaks the implementation to use norefeerer and noopener for improved sandboxing. This comes with the slight tweak in behaviour namely we now get the cookie when you click the back button. To fix hcaptcha not working I needed to use the correct session storage. --- .../auth/accessibility-cookie.component.html | 2 +- .../auth/accessibility-cookie.component.ts | 32 ++----------------- apps/desktop/src/main/window.main.ts | 2 +- .../electron-main-messaging.service.ts | 14 ++------ 4 files changed, 7 insertions(+), 43 deletions(-) diff --git a/apps/desktop/src/auth/accessibility-cookie.component.html b/apps/desktop/src/auth/accessibility-cookie.component.html index b5de1e766f..e81f754cd7 100644 --- a/apps/desktop/src/auth/accessibility-cookie.component.html +++ b/apps/desktop/src/auth/accessibility-cookie.component.html @@ -28,7 +28,7 @@ - + diff --git a/apps/desktop/src/auth/accessibility-cookie.component.ts b/apps/desktop/src/auth/accessibility-cookie.component.ts index 5ec0dbfb56..fc72b1a9d7 100644 --- a/apps/desktop/src/auth/accessibility-cookie.component.ts +++ b/apps/desktop/src/auth/accessibility-cookie.component.ts @@ -2,14 +2,11 @@ import { Component, NgZone } from "@angular/core"; import { UntypedFormControl, UntypedFormGroup, Validators } from "@angular/forms"; import { Router } from "@angular/router"; -import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service"; import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; import { Utils } from "@bitwarden/common/platform/misc/utils"; -const BroadcasterSubscriptionId = "AccessibilityCookieComponent"; - @Component({ selector: "app-accessibility-cookie", templateUrl: "accessibility-cookie.component.html", @@ -27,40 +24,21 @@ export class AccessibilityCookieComponent { protected platformUtilsService: PlatformUtilsService, protected environmentService: EnvironmentService, protected i18nService: I18nService, - private broadcasterService: BroadcasterService, protected ngZone: NgZone, ) {} - async ngOnInit() { - this.broadcasterService.subscribe(BroadcasterSubscriptionId, async (message: any) => { - this.ngZone.run(() => { - switch (message.command) { - case "windowIsFocused": - if (this.listenForCookie) { - this.listenForCookie = false; - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.checkForCookie(); - } - break; - default: - } - }); - }); - } - registerhCaptcha() { this.platformUtilsService.launchUri("https://www.hcaptcha.com/accessibility"); } - async checkForCookie() { - this.hCaptchaWindow.close(); + async close() { const [cookie] = await ipc.auth.getHcaptchaAccessibilityCookie(); if (cookie) { this.onCookieSavedSuccess(); } else { this.onCookieSavedFailure(); } + await this.router.navigate(["/login"]); } onCookieSavedSuccess() { @@ -89,10 +67,6 @@ export class AccessibilityCookieComponent { return; } this.listenForCookie = true; - this.hCaptchaWindow = window.open(this.accessibilityForm.value.link); - } - - ngOnDestroy() { - this.broadcasterService.unsubscribe(BroadcasterSubscriptionId); + window.open(this.accessibilityForm.value.link, "_blank", "noopener noreferrer"); } } diff --git a/apps/desktop/src/main/window.main.ts b/apps/desktop/src/main/window.main.ts index 3154a8ccc1..644e4d5f7d 100644 --- a/apps/desktop/src/main/window.main.ts +++ b/apps/desktop/src/main/window.main.ts @@ -30,7 +30,7 @@ export class WindowMain { private windowStateChangeTimer: NodeJS.Timeout; private windowStates: { [key: string]: WindowState } = {}; private enableAlwaysOnTop = false; - private session: Electron.Session; + session: Electron.Session; readonly defaultWidth = 950; readonly defaultHeight = 600; diff --git a/apps/desktop/src/services/electron-main-messaging.service.ts b/apps/desktop/src/services/electron-main-messaging.service.ts index b7e5712a0c..71e1b1d7d5 100644 --- a/apps/desktop/src/services/electron-main-messaging.service.ts +++ b/apps/desktop/src/services/electron-main-messaging.service.ts @@ -1,16 +1,6 @@ import * as path from "path"; -import { - app, - dialog, - ipcMain, - Menu, - MenuItem, - nativeTheme, - session, - Notification, - shell, -} from "electron"; +import { app, dialog, ipcMain, Menu, MenuItem, nativeTheme, Notification, shell } from "electron"; import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service"; import { ThemeType } from "@bitwarden/common/platform/enums"; @@ -64,7 +54,7 @@ export class ElectronMainMessagingService implements MessagingService { }); ipcMain.handle("getCookie", async (event, options) => { - return await session.defaultSession.cookies.get(options); + return await this.windowMain.session.cookies.get(options); }); ipcMain.handle("loginRequest", async (event, options) => {