Check access validation

This is for checking vailiation of file access,
All webapp only can be allowed predefined path list

Change-Id: I0a7156a04c40a115c72b7806ee843b5b3d6b66b6

diff --git a/wrt_app/src/web_application.js b/wrt_app/src/web_application.js
index 863774e..c81a263 100755 (executable)
--- a/wrt_app/src/web_application.js
+++ b/wrt_app/src/web_application.js
@@ -16,7 +16,7 @@
 
 'use strict';
 
-const {BrowserWindow, app} = require('electron');
+const {BrowserWindow, app, protocol} = require('electron');
 const WAS_EVENT = require('./was_event');
 const wrt = require('../browser/wrt');
 
@@ -43,6 +43,33 @@ class WebApplication {
         } else {
             this.preloadState = 'none';
         }
+        this.accessiblePath = wrt.getAccessiblePath();
+        console.log(this.accessiblePath);
+        if (this.accessiblePath) {
+            protocol.interceptFileProtocol('file', (request, callback) => {
+                const url = require('url');
+                let access_path, parsed_info = url.parse(request.url);
+                access_path = parsed_info.host + parsed_info.pathname;
+                console.log("check path: " + access_path);
+
+                for (let p in this.accessiblePath) {
+                    if (access_path.startsWith(this.accessiblePath[p])) {
+                        callback(access_path);
+                        return;
+                    }
+                }
+                if (access_path.indexOf("/shared/res/") > -1) {
+                    callback(access_path);
+                    return;
+                }
+                else {
+                    console.log("invalid access: " + access_path);
+                    callback(403);
+                }
+            }, (error) => {
+                console.log(error);
+            });
+        }
     }
     getBrowserWindowOption(options) {
         return {