Upgrade to Pro — share decks privately, control downloads, hide ads and more …

calro

893f54413c2bd9ba41d11d753aacaf2c?s=47 Yosuke Kurami
November 19, 2018
4
350

 calro

roppongi.js #7向け

893f54413c2bd9ba41d11d753aacaf2c?s=128

Yosuke Kurami

November 19, 2018
Tweet

More Decks by Yosuke Kurami

See All by Yosuke Kurami
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
0
60
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
0
98
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
0
160
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
4
1.9k
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
5
4.5k
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
0
590
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
15
2.9k
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
0
160
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
15
5.7k

Featured

See All Featured
88bc30284c6a424b63a92aad27d0ba36?s=48 jnunemaker
PRO
42
4.8k
282d599b414022eba5096510f675b6e2?s=48 chrislema
231
16k
25c7c18223fb42a4c6ae1c8db6f50f9b?s=48 mojombo
360
63k
B3d6434763caa0ef5dc4b792662c49f7?s=48 smashingmag
283
47k
282d599b414022eba5096510f675b6e2?s=48 chrislema
174
14k
B3d6434763caa0ef5dc4b792662c49f7?s=48 smashingmag
233
18k
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
8
970
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
56
5.5k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
193
8.8k
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
13
950
9375a9529679f1b42b567a640d775e7d?s=48 schacon
147
6.7k
6804f1775cb4babfcc3851298566fbce?s=48 tanoku
87
8.7k

Transcript

  1. Carloͷ࿩ Roppongi.js #7

  2. About me

  3. Carloͱ͸ • https://github.com/GoogleChromeLabs/ carlo • Googleᐌ͘
 ʮheadful Node app frameworkʯ

  4. None

  5. Node.js + Chromium • Carlo͸ChromiumΛը໘ඳըΤϯδϯͱͯ͠ ಈ࡞͢ΔNode.js ΞϓϦέʔγϣϯϑϨʔϜ ϫʔΫ • Node.jsɺChromiumͱ΋ʹV8͕ಈ࡞͢Δͨ

    ΊɺJavaScriptͷΈͰσεΫτοϓΞϓϦ͕࡞ ΕΔ

  6. ࢖͍ํ

  7. Demo https://github.com/Quramy/carlo-git-graph

  8. Electron΍NW.jsͱͷҧ͍

  9. ϥϯλΠϜϑΝΠϧαΠζ໰୊ • Electron / NW.js͸ChromiumͷϨϯμϥϓϩ ηε͔ΒNode.js΁ΞΫηεͰ͖ΔΑ͏ʹ͠ ͨɺಠࣗͷϥϯλΠϜΛඞཁͱ͢Δ • ͍͕ͭ͜૬౰ॏ͍ͨ

  10. (ࢀߟ) ElectronͷϑΝΠϧαΠζ https://github.com/electron/electron/releases/tag/v3.0.8

  11. Electron΍Nw.jsͷ഑෍ • Electron / NW.jsͰ࡞੒ͨ͠ΞϓϦέʔγϣϯ Λ഑෍͢Δ৔߹ɺಠࣗϥϯλΠϜࣗମ΋ bundleͯ͠഑෍͢Δͷ͕Ұൠతɻ
 (Ϣʔβʔ͸ී௨ɺElectron ΍NW.jsΛࣄલʹ Πϯετʔϧͯ͠ͳ͍)

    • ඞવతʹ഑෍෺ͷαΠζ͕ڊେԽ͢Δ

  12. CarloͰ࡞ͬͨΞϓϦͷ഑෍ • Carlo͸Ϣʔβʔ͕Πϯετʔϧ͍ͯ͠Δ ChromeΛͦͷ··ར༻͢Δ • Node.jsΛطʹΠϯετʔϧ͍ͯ͠ΔϢʔβʔ ΁഑෍͢ΔͷͰ͋Ε͹ɺNPMͰे෼

  13. CarloͰ࡞ͬͨΞϓϦͷ഑෍ • Node.js͚ͩΛόϯυϧͯ͠഑෍͢Δ৔߹ɺ https://github.com/zeit/pkg Λར༻͢ΔͱΑ ͍Β͍͠

  14. nodeIntegration໰୊ • ElectronͰ͸σϑΥϧτͰ nodeIntegrationͱ ͍͏ػೳ͕onʹ͞Ε͍ͯΔ • ͜Ε͸ɺϨϯμϥϓϩηε(ཁ͢Δʹը໘)͔ ΒɺNode.jsͷAPIΛ৮ΕΔɺͱ͍͏ػೳ

  15. nodeIntegration໰୊ • ը໘͔ΒNode.jsʹ৮ΕΔͱ͍͏͜ͱ͸
 
 
 ͱ͔͕ී௨ʹಈ͍ͯ͠·͏ • ΞϓϦέʔγϣϯʹXSSͷ੬ऑੑΛຒΊࠐΜͩ ͱ͖ͷඃ֐͕௨ৗͷWebΞϓϦͷൺ͡Όͳ͍ require('child_process').execSync('ls')

  16. nodeIntegration໰୊ • CarloͰ͸ɺࣗ෼Ͱબ୒ͨ͠Node.jsͷؔ਺ͷ Έ͕ɺ໌ࣔతʹChromiumଆ΁ެ։͞ΕΔํࣜ • XSS͕͋ͬͨͱ͜ΖͰɺElectron΄Ͳͷඃ֐ʹ ͸ͳΒͳ͍͸ͣ

  17. CarloͱPuppeteer

  18. CarloͱPuppeteer • Carlo͸PuppeteerͰChromiumΛNode.js͔Βૢ࡞ͯ͠ ͍Δ • Puppeteerͱ͸ • ͜Ε΋Google੡ͷϥΠϒϥϦ • ChromiumΛࣗಈԽ͢Δ໨తͰ࡞ΒΕ͍ͯΔ

    • Chrome Devtool ProtocolͷΫϥΠΞϯτ

  19. CarloͱPuppeteer • NPMͷpuppeteerύοέʔδ͸ɺChromiumͷϥ ϯλΠϜΛpost installͰϩʔΧϧʹΠϯετʔϧ ͯ͘͠Δ • ૢ࡞෦෼ͷΈΛ੾Γग़ͨ͠puppeteer-coreͱ͍ ͏ύοέʔδ΋͋Δɻ͍ͭ͜͸ϩʔΧϧΠϯετʔ ϧΛߦΘͳ͍ɻ


    Carlo͕࢖͍ͬͯΔͷ͸ͬͪ͜

  20. CarloͱPuppeteer • ࣮ࡍͷͱ͜Ζɺݱঢ়ͷCalro͸Puppeteerͷബ ͍ϥούʔͰ͔͠ͳ͍ • CarloͷAPIʹఆٛ͞Ε͍ͯΔ exposeFunction ͳͲ΋Puppeteerͷಉ໊ؔ਺ʹҕৡ͍ͯ͠Δͩ ͚

  21. Node.js <=> Chromimum /PEFKTͷؔ਺Λ $ISPNJVNଆ͔Βݺͼग़͠Մೳʹ͢Δ

  22. ·ͱΊ • Carlo͸PuppeteerΛར༻ͨ͠σεΫτοϓΞϓϦΤ ϯδϯ • PuppeteerͷAPI஌ͬͯΕ͹Ͳ͏ͱͰ΋ͳΔ • Electron / NW.jsΑΓ΋ࣗ༝౓͸௿͍͕ϑΝΠϧαΠ

    ζͳͲͷ໘Ͱ༗ར • CLIʹͪΐͬͱͨ͠ը໘Λ΋͍ͨͤͨͱ͖ʹศར͔΋

  23. Thank you!