From 2a398985cf2e704f086193e868ca355da6c96685 Mon Sep 17 00:00:00 2001 From: Vendicated Date: Sat, 14 Jun 2025 00:55:14 +0200 Subject: [PATCH 1/3] fix: correctly allow resources from localhost --- src/components/VencordSettings/ThemesTab.tsx | 4 ++-- src/main/csp/index.ts | 6 ++++-- src/main/csp/manager.ts | 10 +++++----- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/src/components/VencordSettings/ThemesTab.tsx b/src/components/VencordSettings/ThemesTab.tsx index ceb59898..e3fbe53a 100644 --- a/src/components/VencordSettings/ThemesTab.tsx +++ b/src/components/VencordSettings/ThemesTab.tsx @@ -375,13 +375,13 @@ export function CspErrorCard() { const isImgurHtmlDomain = (url: string) => url.startsWith("https://imgur.com/"); const allowUrl = async (url: string) => { - const { origin: baseUrl, hostname } = new URL(url); + const { origin: baseUrl, host } = new URL(url); const result = await VencordNative.csp.requestAddOverride(baseUrl, ["connect-src", "img-src", "style-src", "font-src"], "Vencord Themes"); if (result !== "ok") return; CspBlockedUrls.forEach(url => { - if (new URL(url).hostname === hostname) { + if (new URL(url).host === host) { CspBlockedUrls.delete(url); } }); diff --git a/src/main/csp/index.ts b/src/main/csp/index.ts index fefbc774..c4192f4b 100644 --- a/src/main/csp/index.ts +++ b/src/main/csp/index.ts @@ -19,8 +19,10 @@ export const ImageScriptsAndCssSrc = [...ImageAndCssSrc, "script-src", "worker-s // script and just adding to it. But generally, you should just edit this file instead export const CspPolicies: PolicyMap = { - "localhost": ImageAndCssSrc, - "127.0.0.1": ImageAndCssSrc, + "http://localhost:*": ImageAndCssSrc, + "http://127.0.0.1:*": ImageAndCssSrc, + "localhost:*": ImageAndCssSrc, + "127.0.0.1:*": ImageAndCssSrc, "*.github.io": ImageAndCssSrc, // GitHub pages, used by most themes "github.com": ImageAndCssSrc, // GitHub content (stuff uploaded to markdown forms), used by most themes diff --git a/src/main/csp/manager.ts b/src/main/csp/manager.ts index b8fbbea3..e6b1a0e3 100644 --- a/src/main/csp/manager.ts +++ b/src/main/csp/manager.ts @@ -20,9 +20,9 @@ export function registerCspIpcHandlers() { function validate(url: string, directives: string[]) { try { - const { hostname } = new URL(url); + const { host } = new URL(url); - if (/[;'"\\]/.test(hostname)) return false; + if (/[;'"\\]/.test(host)) return false; } catch { return false; } @@ -34,7 +34,7 @@ function validate(url: string, directives: string[]) { } function getMessage(url: string, directives: string[], callerName: string) { - const domain = new URL(url).hostname; + const domain = new URL(url).host; const message = `${callerName} wants to allow connections to ${domain}`; @@ -73,7 +73,7 @@ async function addCspRule(_: IpcMainInvokeEvent, url: string, directives: string return "invalid"; } - const domain = new URL(url).hostname; + const domain = new URL(url).host; if (domain in NativeSettings.store.customCspRules) { return "conflict"; @@ -113,7 +113,7 @@ function removeCspRule(_: IpcMainInvokeEvent, domain: string) { function isDomainAllowed(_: IpcMainInvokeEvent, url: string, directives: string[]) { try { - const domain = new URL(url).hostname; + const domain = new URL(url).host; const ruleForDomain = CspPolicies[domain] ?? NativeSettings.store.customCspRules[domain]; if (!ruleForDomain) return false; From 78d3330ccf509b03cb3de2e790092b9d0707984e Mon Sep 17 00:00:00 2001 From: Vendicated Date: Sat, 14 Jun 2025 18:51:40 +0200 Subject: [PATCH 2/3] make Open Themes/Settings folder properly open the folder --- browser/VencordNativeStub.ts | 5 ++++- src/VencordNative.ts | 4 ++++ src/components/VencordSettings/ThemesTab.tsx | 4 ++-- src/components/VencordSettings/VencordTab.tsx | 8 ++------ src/main/ipcMain.ts | 4 +++- src/shared/IpcEvents.ts | 3 +++ 6 files changed, 18 insertions(+), 10 deletions(-) diff --git a/browser/VencordNativeStub.ts b/browser/VencordNativeStub.ts index 8cb3ff29..ce14d28d 100644 --- a/browser/VencordNativeStub.ts +++ b/browser/VencordNativeStub.ts @@ -48,6 +48,8 @@ window.VencordNative = { ), getThemeData: (fileName: string) => DataStore.get(fileName, themeStore), getSystemValues: async () => ({}), + + openFolder: async () => Promise.reject("themes:openFolder is not supported on web"), }, native: { @@ -111,7 +113,8 @@ window.VencordNative = { } }, set: async (s: Settings) => localStorage.setItem("VencordSettings", JSON.stringify(s)), - getSettingsDir: async () => "LocalStorage" + getSettingsDir: async () => "LocalStorage", + openFolder: async () => Promise.reject("settings:openFolder is not supported on web"), }, pluginHelpers: {} as any, diff --git a/src/VencordNative.ts b/src/VencordNative.ts index faf9b052..5c581ccf 100644 --- a/src/VencordNative.ts +++ b/src/VencordNative.ts @@ -38,6 +38,8 @@ export default { getThemesList: () => invoke>(IpcEvents.GET_THEMES_LIST), getThemeData: (fileName: string) => invoke(IpcEvents.GET_THEME_DATA, fileName), getSystemValues: () => invoke>(IpcEvents.GET_THEME_SYSTEM_VALUES), + + openFolder: () => invoke(IpcEvents.OPEN_THEMES_FOLDER), }, updater: { @@ -51,6 +53,8 @@ export default { get: () => sendSync(IpcEvents.GET_SETTINGS), set: (settings: Settings, pathToNotify?: string) => invoke(IpcEvents.SET_SETTINGS, settings, pathToNotify), getSettingsDir: () => invoke(IpcEvents.GET_SETTINGS_DIR), + + openFolder: () => invoke(IpcEvents.OPEN_SETTINGS_FOLDER), }, quickCss: { diff --git a/src/components/VencordSettings/ThemesTab.tsx b/src/components/VencordSettings/ThemesTab.tsx index e3fbe53a..9682d51a 100644 --- a/src/components/VencordSettings/ThemesTab.tsx +++ b/src/components/VencordSettings/ThemesTab.tsx @@ -28,7 +28,7 @@ import { CspBlockedUrls, useCspErrors } from "@utils/cspViolations"; import { openInviteModal } from "@utils/discord"; import { Margins } from "@utils/margins"; import { classes } from "@utils/misc"; -import { relaunch, showItemInFolder } from "@utils/native"; +import { relaunch } from "@utils/native"; import { useAwaiter, useForceUpdater } from "@utils/react"; import { getStylusWebStoreUrl } from "@utils/web"; import { findLazy } from "@webpack"; @@ -251,7 +251,7 @@ function ThemesTab() { ) : ( showItemInFolder(themeDir!)} + action={() => VencordNative.themes.openFolder()} disabled={themeDirPending} Icon={FolderIcon} /> diff --git a/src/components/VencordSettings/VencordTab.tsx b/src/components/VencordSettings/VencordTab.tsx index 54da5a3f..047ba17d 100644 --- a/src/components/VencordSettings/VencordTab.tsx +++ b/src/components/VencordSettings/VencordTab.tsx @@ -26,8 +26,7 @@ import { gitRemote } from "@shared/vencordUserAgent"; import { DONOR_ROLE_ID, VENCORD_GUILD_ID } from "@utils/constants"; import { Margins } from "@utils/margins"; import { identity, isPluginDev } from "@utils/misc"; -import { relaunch, showItemInFolder } from "@utils/native"; -import { useAwaiter } from "@utils/react"; +import { relaunch } from "@utils/native"; import { Button, Forms, GuildMemberStore, React, Select, Switch, UserStore } from "@webpack/common"; import BadgeAPI from "../../plugins/_api/badges"; @@ -53,9 +52,6 @@ type KeysOfType = { }[keyof Object]; function VencordSettings() { - const [settingsDir, , settingsDirPending] = useAwaiter(VencordNative.settings.getSettingsDir, { - fallbackValue: "Loading..." - }); const settings = useSettings(); const donateImage = React.useMemo(() => Math.random() > 0.5 ? DEFAULT_DONATE_IMAGE : SHIGGY_DONATE_IMAGE, []); @@ -171,7 +167,7 @@ function VencordSettings() { showItemInFolder(settingsDir)} + action={() => VencordNative.settings.openFolder()} /> )} ({ "os-accent-color": `#${systemPreferences.getAccentColor?.() || ""}` })); +ipcMain.handle(IpcEvents.OPEN_THEMES_FOLDER, () => shell.openPath(THEMES_DIR)); +ipcMain.handle(IpcEvents.OPEN_SETTINGS_FOLDER, () => shell.openPath(SETTINGS_DIR)); export function initIpc(mainWindow: BrowserWindow) { let quickCssWatcher: FSWatcher | undefined; diff --git a/src/shared/IpcEvents.ts b/src/shared/IpcEvents.ts index 914a0a9f..0354e697 100644 --- a/src/shared/IpcEvents.ts +++ b/src/shared/IpcEvents.ts @@ -46,4 +46,7 @@ export const enum IpcEvents { CSP_IS_DOMAIN_ALLOWED = "VencordCspIsDomainAllowed", CSP_REMOVE_OVERRIDE = "VencordCspRemoveOverride", CSP_REQUEST_ADD_OVERRIDE = "VencordCspRequestAddOverride", + + OPEN_THEMES_FOLDER = "VencordOpenThemesFolder", + OPEN_SETTINGS_FOLDER = "VencordOpenSettingsFolder", } From 3a1e17e04d70cec42967942e8da758c22693c09a Mon Sep 17 00:00:00 2001 From: Vendicated Date: Sat, 14 Jun 2025 18:55:12 +0200 Subject: [PATCH 3/3] remove redundant methods --- browser/VencordNativeStub.ts | 2 -- src/VencordNative.ts | 2 -- src/components/VencordSettings/ThemesTab.tsx | 2 -- src/main/ipcMain.ts | 1 - src/main/settings.ts | 1 - src/shared/IpcEvents.ts | 26 +++++++++++--------- 6 files changed, 14 insertions(+), 20 deletions(-) diff --git a/browser/VencordNativeStub.ts b/browser/VencordNativeStub.ts index ce14d28d..c99c176c 100644 --- a/browser/VencordNativeStub.ts +++ b/browser/VencordNativeStub.ts @@ -42,7 +42,6 @@ window.VencordNative = { themes: { uploadTheme: (fileName: string, fileData: string) => DataStore.set(fileName, fileData, themeStore), deleteTheme: (fileName: string) => DataStore.del(fileName, themeStore), - getThemesDir: async () => "", getThemesList: () => DataStore.entries(themeStore).then(entries => entries.map(([name, css]) => getThemeInfo(css, name.toString())) ), @@ -113,7 +112,6 @@ window.VencordNative = { } }, set: async (s: Settings) => localStorage.setItem("VencordSettings", JSON.stringify(s)), - getSettingsDir: async () => "LocalStorage", openFolder: async () => Promise.reject("settings:openFolder is not supported on web"), }, diff --git a/src/VencordNative.ts b/src/VencordNative.ts index 5c581ccf..048b30c7 100644 --- a/src/VencordNative.ts +++ b/src/VencordNative.ts @@ -34,7 +34,6 @@ export default { themes: { uploadTheme: (fileName: string, fileData: string) => invoke(IpcEvents.UPLOAD_THEME, fileName, fileData), deleteTheme: (fileName: string) => invoke(IpcEvents.DELETE_THEME, fileName), - getThemesDir: () => invoke(IpcEvents.GET_THEMES_DIR), getThemesList: () => invoke>(IpcEvents.GET_THEMES_LIST), getThemeData: (fileName: string) => invoke(IpcEvents.GET_THEME_DATA, fileName), getSystemValues: () => invoke>(IpcEvents.GET_THEME_SYSTEM_VALUES), @@ -52,7 +51,6 @@ export default { settings: { get: () => sendSync(IpcEvents.GET_SETTINGS), set: (settings: Settings, pathToNotify?: string) => invoke(IpcEvents.SET_SETTINGS, settings, pathToNotify), - getSettingsDir: () => invoke(IpcEvents.GET_SETTINGS_DIR), openFolder: () => invoke(IpcEvents.OPEN_SETTINGS_FOLDER), }, diff --git a/src/components/VencordSettings/ThemesTab.tsx b/src/components/VencordSettings/ThemesTab.tsx index 9682d51a..128b6817 100644 --- a/src/components/VencordSettings/ThemesTab.tsx +++ b/src/components/VencordSettings/ThemesTab.tsx @@ -163,7 +163,6 @@ function ThemesTab() { const [currentTab, setCurrentTab] = useState(ThemeTab.LOCAL); const [themeText, setThemeText] = useState(settings.themeLinks.join("\n")); const [userThemes, setUserThemes] = useState(null); - const [themeDir, , themeDirPending] = useAwaiter(VencordNative.themes.getThemesDir); useEffect(() => { refreshLocalThemes(); @@ -252,7 +251,6 @@ function ThemesTab() { VencordNative.themes.openFolder()} - disabled={themeDirPending} Icon={FolderIcon} /> )} diff --git a/src/main/ipcMain.ts b/src/main/ipcMain.ts index 324a20e1..6990cea9 100644 --- a/src/main/ipcMain.ts +++ b/src/main/ipcMain.ts @@ -92,7 +92,6 @@ ipcMain.handle(IpcEvents.SET_QUICK_CSS, (_, css) => writeFileSync(QUICKCSS_PATH, css) ); -ipcMain.handle(IpcEvents.GET_THEMES_DIR, () => THEMES_DIR); ipcMain.handle(IpcEvents.GET_THEMES_LIST, () => listThemes()); ipcMain.handle(IpcEvents.GET_THEME_DATA, (_, fileName) => getThemeData(fileName)); ipcMain.handle(IpcEvents.GET_THEME_SYSTEM_VALUES, () => ({ diff --git a/src/main/settings.ts b/src/main/settings.ts index ed2f4850..962bbaa7 100644 --- a/src/main/settings.ts +++ b/src/main/settings.ts @@ -36,7 +36,6 @@ RendererSettings.addGlobalChangeListener(() => { } }); -ipcMain.handle(IpcEvents.GET_SETTINGS_DIR, () => SETTINGS_DIR); ipcMain.on(IpcEvents.GET_SETTINGS, e => e.returnValue = RendererSettings.plain); ipcMain.handle(IpcEvents.SET_SETTINGS, (_, data: Settings, pathToNotify?: string) => { diff --git a/src/shared/IpcEvents.ts b/src/shared/IpcEvents.ts index 0354e697..e7eb7594 100644 --- a/src/shared/IpcEvents.ts +++ b/src/shared/IpcEvents.ts @@ -17,25 +17,30 @@ */ export const enum IpcEvents { - QUICK_CSS_UPDATE = "VencordQuickCssUpdate", - THEME_UPDATE = "VencordThemeUpdate", + OPEN_QUICKCSS = "VencordOpenQuickCss", GET_QUICK_CSS = "VencordGetQuickCss", SET_QUICK_CSS = "VencordSetQuickCss", - UPLOAD_THEME = "VencordUploadTheme", - DELETE_THEME = "VencordDeleteTheme", - GET_THEMES_DIR = "VencordGetThemesDir", + QUICK_CSS_UPDATE = "VencordQuickCssUpdate", + + GET_SETTINGS = "VencordGetSettings", + SET_SETTINGS = "VencordSetSettings", + GET_THEMES_LIST = "VencordGetThemesList", GET_THEME_DATA = "VencordGetThemeData", GET_THEME_SYSTEM_VALUES = "VencordGetThemeSystemValues", - GET_SETTINGS_DIR = "VencordGetSettingsDir", - GET_SETTINGS = "VencordGetSettings", - SET_SETTINGS = "VencordSetSettings", + UPLOAD_THEME = "VencordUploadTheme", + DELETE_THEME = "VencordDeleteTheme", + THEME_UPDATE = "VencordThemeUpdate", + OPEN_EXTERNAL = "VencordOpenExternal", - OPEN_QUICKCSS = "VencordOpenQuickCss", + OPEN_THEMES_FOLDER = "VencordOpenThemesFolder", + OPEN_SETTINGS_FOLDER = "VencordOpenSettingsFolder", + GET_UPDATES = "VencordGetUpdates", GET_REPO = "VencordGetRepo", UPDATE = "VencordUpdate", BUILD = "VencordBuild", + OPEN_MONACO_EDITOR = "VencordOpenMonacoEditor", GET_PLUGIN_IPC_METHOD_MAP = "VencordGetPluginIpcMethodMap", @@ -46,7 +51,4 @@ export const enum IpcEvents { CSP_IS_DOMAIN_ALLOWED = "VencordCspIsDomainAllowed", CSP_REMOVE_OVERRIDE = "VencordCspRemoveOverride", CSP_REQUEST_ADD_OVERRIDE = "VencordCspRequestAddOverride", - - OPEN_THEMES_FOLDER = "VencordOpenThemesFolder", - OPEN_SETTINGS_FOLDER = "VencordOpenSettingsFolder", }