mirror of
https://github.com/Microsoft/vscode
synced 2024-09-18 01:58:27 +00:00
Add way to disable markdown preview security warnings in a given workspace
Does not effect the content security level, only toggle the warning popup Fixes #32251
This commit is contained in:
parent
af8d4d89f3
commit
34c44f872c
|
@ -12,7 +12,7 @@
|
|||
let didShow = false;
|
||||
|
||||
const showCspWarning = () => {
|
||||
if (didShow) {
|
||||
if (didShow || settings.disableSecurityWarnings) {
|
||||
return;
|
||||
}
|
||||
didShow = true;
|
||||
|
|
|
@ -46,7 +46,7 @@ export function activate(context: vscode.ExtensionContext) {
|
|||
context.subscriptions.push(telemetryReporter);
|
||||
}
|
||||
|
||||
const cspArbiter = new ExtensionContentSecurityPolicyArbiter(context.globalState);
|
||||
const cspArbiter = new ExtensionContentSecurityPolicyArbiter(context.globalState, context.workspaceState);
|
||||
const engine = new MarkdownEngine();
|
||||
|
||||
const logger = new Logger();
|
||||
|
|
|
@ -246,7 +246,8 @@ export class MDDocumentContentProvider implements vscode.TextDocumentContentProv
|
|||
line: initialLine,
|
||||
scrollPreviewWithEditorSelection: config.scrollPreviewWithEditorSelection,
|
||||
scrollEditorWithPreview: config.scrollEditorWithPreview,
|
||||
doubleClickToSwitchToEditor: config.doubleClickToSwitchToEditor
|
||||
doubleClickToSwitchToEditor: config.doubleClickToSwitchToEditor,
|
||||
disableSecurityWarnings: this.cspArbiter.shouldDisableSecurityWarnings()
|
||||
};
|
||||
|
||||
this.logger.log('provideTextDocumentContent', initialData);
|
||||
|
|
|
@ -24,14 +24,20 @@ export interface ContentSecurityPolicyArbiter {
|
|||
setSecurityLevelForResource(resource: vscode.Uri, level: MarkdownPreviewSecurityLevel): Thenable<void>;
|
||||
|
||||
shouldAllowSvgsForResource(resource: vscode.Uri): void;
|
||||
|
||||
shouldDisableSecurityWarnings(): boolean;
|
||||
|
||||
setShouldDisableSecurityWarning(shouldShow: boolean): Thenable<void>;
|
||||
}
|
||||
|
||||
export class ExtensionContentSecurityPolicyArbiter implements ContentSecurityPolicyArbiter {
|
||||
private readonly old_trusted_workspace_key = 'trusted_preview_workspace:';
|
||||
private readonly security_level_key = 'preview_security_level:';
|
||||
private readonly should_disable_security_warning_key = 'preview_should_show_security_warning:';
|
||||
|
||||
constructor(
|
||||
private globalState: vscode.Memento
|
||||
private globalState: vscode.Memento,
|
||||
private workspaceState: vscode.Memento
|
||||
) { }
|
||||
|
||||
public getSecurityLevelForResource(resource: vscode.Uri): MarkdownPreviewSecurityLevel {
|
||||
|
@ -57,6 +63,14 @@ export class ExtensionContentSecurityPolicyArbiter implements ContentSecurityPol
|
|||
return securityLevel === MarkdownPreviewSecurityLevel.AllowInsecureContent || securityLevel === MarkdownPreviewSecurityLevel.AllowScriptsAndAllContent;
|
||||
}
|
||||
|
||||
public shouldDisableSecurityWarnings(): boolean {
|
||||
return this.workspaceState.get<boolean>(this.should_disable_security_warning_key, false);
|
||||
}
|
||||
|
||||
public setShouldDisableSecurityWarning(disabled: boolean): Thenable<void> {
|
||||
return this.workspaceState.update(this.should_disable_security_warning_key, disabled);
|
||||
}
|
||||
|
||||
private getRoot(resource: vscode.Uri): vscode.Uri {
|
||||
if (vscode.workspace.workspaceFolders) {
|
||||
const folderForResource = vscode.workspace.getWorkspaceFolder(resource);
|
||||
|
@ -82,7 +96,7 @@ export class PreviewSecuritySelector {
|
|||
|
||||
public async showSecutitySelectorForResource(resource: vscode.Uri): Promise<void> {
|
||||
interface PreviewSecurityPickItem extends vscode.QuickPickItem {
|
||||
type: 'moreinfo' | MarkdownPreviewSecurityLevel;
|
||||
type: 'moreinfo' | 'toggle' | MarkdownPreviewSecurityLevel;
|
||||
}
|
||||
|
||||
function markActiveWhen(when: boolean): string {
|
||||
|
@ -108,7 +122,13 @@ export class PreviewSecuritySelector {
|
|||
type: 'moreinfo',
|
||||
label: localize('moreInfo.title', 'More Information'),
|
||||
description: ''
|
||||
}
|
||||
}, {
|
||||
type: 'toggle',
|
||||
label: this.cspArbiter.shouldDisableSecurityWarnings()
|
||||
? localize('enableSecurityWarning.title', "Enable preview security warnings in this workspace")
|
||||
: localize('disableSecurityWarning.title', "Disable preview security warning in this workspace"),
|
||||
description: localize('toggleSecurityWarning.description', 'Does not effect the content security level')
|
||||
},
|
||||
], {
|
||||
placeHolder: localize(
|
||||
'preview.showPreviewSecuritySelector.title',
|
||||
|
@ -124,9 +144,14 @@ export class PreviewSecuritySelector {
|
|||
return;
|
||||
}
|
||||
|
||||
await this.cspArbiter.setSecurityLevelForResource(resource, selection.type);
|
||||
|
||||
const sourceUri = getMarkdownUri(resource);
|
||||
if (selection.type === 'toggle') {
|
||||
this.cspArbiter.setShouldDisableSecurityWarning(!this.cspArbiter.shouldDisableSecurityWarnings());
|
||||
this.contentProvider.update(sourceUri);
|
||||
return;
|
||||
}
|
||||
|
||||
await this.cspArbiter.setSecurityLevelForResource(resource, selection.type);
|
||||
|
||||
await vscode.commands.executeCommand('_workbench.htmlPreview.updateOptions',
|
||||
sourceUri,
|
||||
|
|
Loading…
Reference in a new issue