search

asvd / jailed

execute untrusted code with custom permissions
MIT License
1k stars 73 forks source link

Plugin disconnects but nothing happens #27

Open florianb opened 8 years ago

florianb commented 8 years ago

Hi - i am still trying to get jailed up and running in the Electron-environment (Node 5.1.1, Chrome 47.0.2526.110, Electron 0.36.9) and feel i make no progress. I am using the following code from within my app for debugging purposes:

  var api = {
    alert: alert
  };

  var code = "application.remote.alert('Hello from the plugin!');";
  var plugin = new jailed.DynamicPlugin(code, api);

  plugin.whenConnected(function() {
    console.info('plugin connected..');
  });

  plugin.whenDisconnected(function() {
    console.info('plugin disconnected..');
  });

  plugin.whenFailed(function() {
    console.info('plugin failed..');
  });

This returns plugin disconnected.. which let me assume that the plugin code should be run. However, the alert is not being invoked as well as any Api-calls (i tried to pass variables as well, binding this).

A debugging attempt -- running the commands by hand from the console -- failed completely with an Uncaught TypeError: this._connect is not a function in jailed.js:612.

I really appreciate any hint. Thanks in advance - :cake: :coffee:

asvd commented 8 years ago

Looks like a bug in Jailed, I will have to investigate on this by installing Electron.

The disconnect event should not fire first, upon connection it fires either connection event, or failure..

florianb commented 8 years ago

Thank you very much - let me know if i can help you.

asvd commented 8 years ago

Well actually you can, if you try to debug it yourself ;-)

I will have a look at the issue, but cannot promise when, since I am not familiar with Electron, and besides there is a bunch of tickets for the project, and I have only limited amount of time..

asvd commented 8 years ago

Can you maybe include the callstack of the mentioned exception?

florianb commented 8 years ago

Sure, i will debug it as soon as i have a clue what the reason may be.

Uncaught TypeError: this._connect is not a function(…)DynamicPlugin @ .../jailed.js:612
(anonymous function) @ VM189:2
InjectedScript._evaluateOn @ VM184:875
InjectedScript._evaluateAndWrap @ VM184:808
InjectedScript.evaluate @ VM184:664

It is worth mentioning that this happens only in the live dev-console after live requiring jailed and executing just a plugin (without any special arguments).

Intercepting the constructor of DynamicPlugin(with debugger; in the jailed.js:611) showed that all methods and attributes were missing at this point besides from this._code and this._initialInterface.

I will try to do some more investigations on this issue (if any promising further tests come in mind).

florianb commented 8 years ago

1st Update - running jailed in the Node-REPL (5.5.0) works:

> var code = "application.remote.log('Hello from the plugin!');";
undefined
> var api = { log: console.log };
undefined
> var plugin = new jailed.DynamicPlugin(code, api);
undefined
> Hello from the plugin!