Merge security/context-isolation-fix into dev

Brings the original PR#9055 changes to dev branch where they should have been merged originally.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <[email protected]>

Author: emil-wire

electron/renderer/src/actions/index.ts

@@ -191,7 +191,7 @@ export const updateAccountBadgeCount = (id: string, count: number) => {
     }, 0);
     const ignoreFlash = account?.availability === Availability.Type.BUSY;
 
-    window.sendBadgeCount(accumulatedCount, ignoreFlash);
+    window.wireDesktop?.sendBadgeCount(accumulatedCount, ignoreFlash);
 
     if (account) {
       const countHasChanged = account.badgeCount !== count;

electron/renderer/src/components/WebView/Webview.tsx

@@ -211,7 +211,7 @@ const Webview = ({
         case EVENT_TYPE.LIFECYCLE.SIGNED_IN: {
           if (conversationJoinData) {
             const {code, key, domain} = conversationJoinData;
-            window.sendConversationJoinToHost(accountId, code, key, domain);
+            window.wireDesktop?.sendConversationJoinToHost(accountId, code, key, domain);
             setConversationJoinData(accountId, undefined);
           }
           updateAccountLifecycle(accountId, channel);
@@ -241,7 +241,7 @@ const Webview = ({
 
           if (isConversationJoinData(data)) {
             if (accountLifecycle === EVENT_TYPE.LIFECYCLE.SIGNED_IN) {
-              window.sendConversationJoinToHost(accountId, data.code, data.key, data.domain);
+              window.wireDesktop?.sendConversationJoinToHost(accountId, data.code, data.key, data.domain);
               setConversationJoinData(accountId, undefined);
             } else {
               setConversationJoinData(accountId, data);
@@ -283,7 +283,7 @@ const Webview = ({
   }, [account, accountLifecycle, conversationJoinData]);
 
   const deleteWebview = (account: Account) => {
-    window.sendDeleteAccount(account.id, account.sessionID).then(() => {
+    window.wireDesktop?.sendDeleteAccount(account.id, account.sessionID)?.then(() => {
       abortAccountCreation(account.id);
     });
   };

electron/renderer/src/components/context/EditAccountMenu.tsx

@@ -64,7 +64,7 @@ const EditAccountMenu = ({
         <ContextMenuItem
           onClick={() => {
             connected.switchWebview(accountIndex);
-            window.sendLogoutAccount(accountId);
+            window.wireDesktop?.sendLogoutAccount(accountId);
           }}
         >
           {getText('wrapperLogOut')}
@@ -73,7 +73,7 @@ const EditAccountMenu = ({
 
       <ContextMenuItem
         onClick={() => {
-          window.sendDeleteAccount(accountId, sessionID).then(() => {
+          window.wireDesktop?.sendDeleteAccount(accountId, sessionID)?.then(() => {
             connected.abortAccountCreation(accountId);
           });
         }}

electron/renderer/src/lib/locale.ts

@@ -19,12 +19,12 @@
 
 import {i18nLanguageIdentifier} from '../../../src/locale';
 
-window.locStrings = window.locStrings || {};
-window.locStringsDefault = window.locStringsDefault || {};
-window.locale = window.locale || 'en';
+const locStrings = window.wireDesktop?.locStrings || {};
+const locStringsDefault = window.wireDesktop?.locStringsDefault || {};
+const locale = window.wireDesktop?.locale || 'en';
 
 export const getText = (stringIdentifier: i18nLanguageIdentifier, paramReplacements?: Record<string, string>) => {
-  let str = window.locStrings[stringIdentifier] || window.locStringsDefault[stringIdentifier] || stringIdentifier;
+  let str = locStrings[stringIdentifier] || locStringsDefault[stringIdentifier] || stringIdentifier;
 
   const replacements = {...paramReplacements};
   for (const replacement of Object.keys(replacements)) {
@@ -37,4 +37,4 @@ export const getText = (stringIdentifier: i18nLanguageIdentifier, paramReplaceme
   return str;
 };
 
-export const wrapperLocale = window.locale;
+export const wrapperLocale = locale;

electron/src/lib/eventType.ts

@@ -33,6 +33,7 @@ export const EVENT_TYPE = {
   ACTION: {
     CHANGE_ENVIRONMENT: 'EVENT_TYPE.ACTION.CHANGE_ENVIRONMENT',
     CHANGE_DOWNLOAD_LOCATION: 'EVENT_TYPE.ACTION.CHANGE_DOWNLOAD_LOCATION',
+    COPY_TO_CLIPBOARD: 'EVENT_TYPE.ACTION.COPY_TO_CLIPBOARD',
     CREATE_SSO_ACCOUNT: 'EVENT_TYPE.ACTION.CREATE_SSO_ACCOUNT',
     CREATE_SSO_ACCOUNT_RESPONSE: 'EVENT_TYPE.ACTION.CREATE_SSO_ACCOUNT_RESPONSE',
     DECRYPT: 'EVENT_TYPE.ACTION.DECRYPT',
@@ -85,8 +86,16 @@ export const EVENT_TYPE = {
     LOCALE_VALUES: 'EVENT_TYPE.PROXY_PROMPT.LOCALE_VALUES',
     SUBMITTED: 'EVENT_TYPE.PROXY_PROMPT.AUTHENTICATION_DATA',
   },
+  CONTEXT_MENU: {
+    SHOW: 'EVENT_TYPE.CONTEXT_MENU.SHOW',
+    COPY_TEXT: 'EVENT_TYPE.CONTEXT_MENU.COPY_TEXT',
+    COPY_IMAGE: 'EVENT_TYPE.CONTEXT_MENU.COPY_IMAGE',
+    SAVE_IMAGE: 'EVENT_TYPE.CONTEXT_MENU.SAVE_IMAGE',
+    REPLACE_MISSPELLING: 'EVENT_TYPE.CONTEXT_MENU.REPLACE_MISSPELLING',
+  },
   UI: {
     BADGE_COUNT: 'EVENT_TYPE.UI.BADGE_COUNT',
+    SHOULD_USE_DARK_COLORS: 'EVENT_TYPE.UI.SHOULD_USE_DARK_COLORS',
     SYSTEM_MENU: 'EVENT_TYPE.UI.SYSTEM_MENU',
     THEME_UPDATE: 'EVENT_TYPE.UI.THEME_UPDATE',
     WEBAPP_VERSION: 'EVENT_TYPE.UI.WEBAPP_VERSION',

electron/src/locale/index.ts

@@ -53,7 +53,7 @@ export type i18nStrings = Record<i18nLanguageIdentifier, string>;
 export type SupportedI18nLanguage = keyof typeof SUPPORTED_LANGUAGES;
 export type SupportedI18nLanguageObject = Record<SupportedI18nLanguage, i18nStrings>;
 
-const app = Electron.app || require('@electron/remote').app;
+const app = Electron.app;
 
 export const LANGUAGES: SupportedI18nLanguageObject = {
   cs,

electron/src/logging/getLogger.ts

@@ -26,8 +26,8 @@ import {LogFactory, LoggerOptions} from '@wireapp/commons';
 
 import {config} from '../settings/config';
 
-const mainProcess = process || require('@electron/remote').process;
-const app = Electron.app || require('@electron/remote').app;
+const mainProcess = process;
+const app = Electron.app;
 
 const logDir = path.join(app.getPath('userData'), 'logs');
 const logFile = path.join(logDir, 'electron.log');

electron/src/main.ts

@@ -17,15 +17,17 @@
  *
  */
 
-import * as remoteMain from '@electron/remote/main';
 import {
   app,
+  clipboard,
   dialog,
   BrowserWindow,
   BrowserWindowConstructorOptions,
   Event as ElectronEvent,
   ipcMain,
   Menu,
+  nativeImage,
+  nativeTheme,
   WebContents,
   desktopCapturer,
   safeStorage,
@@ -74,8 +76,6 @@ import {ProxyPromptWindow} from './window/ProxyPromptWindow';
 import {WindowManager} from './window/WindowManager';
 import * as WindowUtil from './window/WindowUtil';
 
-remoteMain.initialize();
-
 const APP_PATH = path.join(app.getAppPath(), config.electronDirectory);
 const INDEX_HTML = path.join(APP_PATH, 'renderer/index.html');
 const LOG_DIR = path.join(app.getPath('userData'), 'logs');
@@ -278,7 +278,7 @@ const showMainWindow = async (mainWindowState: windowStateKeeper.State): Promise
     title: config.name,
     webPreferences: {
       backgroundThrottling: false,
-      contextIsolation: false,
+      contextIsolation: true,
       nodeIntegration: false,
       preload: PRELOAD_JS,
       sandbox: false,
@@ -296,10 +296,49 @@ const showMainWindow = async (mainWindowState: windowStateKeeper.State): Promise
   ipcMain.handle(EVENT_TYPE.ACTION.DECRYPT, (event, encrypted: Uint8Array) =>
     safeStorage.decryptString(Buffer.from(encrypted)),
   );
+  ipcMain.handle(EVENT_TYPE.UI.SHOULD_USE_DARK_COLORS, () => {
+    return nativeTheme.shouldUseDarkColors;
+  });
 
-  main = new BrowserWindow(options);
+  ipcMain.handle(EVENT_TYPE.CONTEXT_MENU.COPY_TEXT, (event, text: string) => {
+    clipboard.writeText(text);
+  });
+
+  ipcMain.handle(EVENT_TYPE.CONTEXT_MENU.COPY_IMAGE, async (event, imageUrl: string) => {
+    try {
+      const response = await fetch(imageUrl, {
+        headers: {
+          'User-Agent': config.userAgent,
+        },
+      });
+      const bytes = await response.arrayBuffer();
+      const image = nativeImage.createFromBuffer(Buffer.from(bytes));
+      clipboard.writeImage(image);
+    } catch (error) {
+      console.error('Failed to copy image:', error);
+    }
+  });
 
-  remoteMain.enable(main.webContents);
+  ipcMain.handle(EVENT_TYPE.CONTEXT_MENU.SAVE_IMAGE, async (event, imageUrl: string, timestamp?: string) => {
+    try {
+      const response = await fetch(imageUrl, {
+        headers: {
+          'User-Agent': config.userAgent,
+        },
+      });
+      const bytes = await response.arrayBuffer();
+      ipcMain.emit(EVENT_TYPE.ACTION.SAVE_PICTURE, event, new Uint8Array(bytes), timestamp);
+    } catch (error) {
+      console.error('Failed to save image:', error);
+    }
+  });
+
+  ipcMain.handle(EVENT_TYPE.CONTEXT_MENU.REPLACE_MISSPELLING, (event, suggestion: string) => {
+    const webContents = event.sender;
+    webContents.replaceMisspelling(suggestion);
+  });
+
+  main = new BrowserWindow(options);
 
   main.setMenuBarVisibility(showMenuBar);
 
@@ -632,7 +671,6 @@ class ElectronWrapperInit {
     const enableSpellChecking = settings.restore(SettingsType.ENABLE_SPELL_CHECKING, true);
 
     app.on('web-contents-created', async (webviewEvent: ElectronEvent, contents: WebContents) => {
-      remoteMain.enable(contents);
       // disable new Windows by default on everything
       contents.setWindowOpenHandler(() => {
         return {action: 'deny'};
@@ -645,7 +683,7 @@ class ElectronWrapperInit {
             params.contextIsolation = 'true';
             params.plugins = 'false';
             webPreferences.allowRunningInsecureContent = false;
-            webPreferences.contextIsolation = false;
+            webPreferences.contextIsolation = true;
             webPreferences.experimentalFeatures = false;
             webPreferences.nodeIntegration = false;
             webPreferences.preload = PRELOAD_RENDERER_JS;