From 3e03c1164b47316eea1b49210a970b003e57b4d4 Mon Sep 17 00:00:00 2001
From: Mehmet Bektas <mbektasgh@outlook.com>
Date: Sat, 22 Jan 2022 23:21:46 -0800
Subject: [PATCH 1/4] allow navigation between same host URLs, allow whitespace
 in base64 PDF data

---
 src/browser/utils.ts | 8 ++++++++
 src/main/main.ts     | 7 +++++--
 webpack.browser.js   | 3 +++
 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/browser/utils.ts b/src/browser/utils.ts
index 1932d157..48a58fba 100644
--- a/src/browser/utils.ts
+++ b/src/browser/utils.ts
@@ -35,3 +35,11 @@ namespace Browser {
         return 28 / webFrame.getZoomFactor();
     }
 }
+
+// atob with support for whitespace in data
+export
+function atobWhiteSpace(data: string): string {
+    // remove whitespace
+    data = data.replace(/\s/g, "");
+    return window.atob(data);
+}
diff --git a/src/main/main.ts b/src/main/main.ts
index d80883c7..03c1e937 100644
--- a/src/main/main.ts
+++ b/src/main/main.ts
@@ -192,8 +192,11 @@ app.on('ready', () => {
 app.on("web-contents-created", (_event: any, webContents: WebContents) => {
     // Prevent navigation
     webContents.on('will-navigate', (event: Event, navigationUrl) => {
-        console.warn(`Navigation is not allowed; attempted navigation to: ${navigationUrl}`);
-        event.preventDefault();
+        const jlabBaseUrl = `http://localhost:${appConfig.jlabPort}/`;
+        if (!navigationUrl.startsWith(jlabBaseUrl)) {
+            console.warn(`Navigation is not allowed; attempted navigation to: ${navigationUrl}`);
+            event.preventDefault();
+        }
     });
 
     // handle page's beforeunload prompt natively
diff --git a/webpack.browser.js b/webpack.browser.js
index 39693283..a854b461 100644
--- a/webpack.browser.js
+++ b/webpack.browser.js
@@ -164,6 +164,9 @@ module.exports = {
       },
       name: 'CORE_FEDERATION',
       shared: createShared(data)
+    }),
+    new webpack.ProvidePlugin({
+      'atob': [path.resolve(path.join(__dirname, 'build/out/browser/utils.js')), 'atobWhiteSpace']
     })
   ],
   devtool: 'source-map'

From 3c81f55ebe31b4e8b01c6f046ab0d7ebfb7f9eaf Mon Sep 17 00:00:00 2001
From: Mehmet Bektas <mbektasgh@outlook.com>
Date: Sun, 30 Jan 2022 22:07:53 -0800
Subject: [PATCH 2/4] improved fix for electron 15

---
 src/main/main.ts     |  4 ++--
 src/main/preload.ts  | 37 +++++++++++++++++++++++++++++++++++++
 src/main/sessions.ts |  3 ++-
 webpack.browser.js   |  3 ---
 4 files changed, 41 insertions(+), 6 deletions(-)
 create mode 100644 src/main/preload.ts

diff --git a/src/main/main.ts b/src/main/main.ts
index 03c1e937..fe73ec66 100644
--- a/src/main/main.ts
+++ b/src/main/main.ts
@@ -190,10 +190,10 @@ app.on('ready', () => {
 });
 
 app.on("web-contents-created", (_event: any, webContents: WebContents) => {
-    // Prevent navigation
+    // Prevent navigation to local links
     webContents.on('will-navigate', (event: Event, navigationUrl) => {
         const jlabBaseUrl = `http://localhost:${appConfig.jlabPort}/`;
-        if (!navigationUrl.startsWith(jlabBaseUrl)) {
+        if (navigationUrl.startsWith(jlabBaseUrl) && navigationUrl.indexOf('#') !== -1) {
             console.warn(`Navigation is not allowed; attempted navigation to: ${navigationUrl}`);
             event.preventDefault();
         }
diff --git a/src/main/preload.ts b/src/main/preload.ts
new file mode 100644
index 00000000..65e9abc1
--- /dev/null
+++ b/src/main/preload.ts
@@ -0,0 +1,37 @@
+// atob implementation below is modified from node.js source and copyright below is for that
+
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+window.atob = (input): string => {
+    const kBase64Digits =
+        'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+
+    // remove whitespace
+    input = `${input}`.replace(/\s/g, "");
+    for (let n = 0; n < input.length; n++) {
+        if (!kBase64Digits.includes(input[n])) {
+            throw new DOMException('Invalid character', 'InvalidCharacterError');
+        }
+    }
+
+    return Buffer.from(input, 'base64').toString('latin1');
+}
diff --git a/src/main/sessions.ts b/src/main/sessions.ts
index ffb7f91c..34dda6ab 100644
--- a/src/main/sessions.ts
+++ b/src/main/sessions.ts
@@ -403,7 +403,8 @@ class JupyterLabSession {
             title: 'JupyterLab',
             webPreferences: {
                 nodeIntegration: true,
-                contextIsolation: false
+                contextIsolation: false,
+                preload: path.join(__dirname, './preload.js'),
             }
         });
 
diff --git a/webpack.browser.js b/webpack.browser.js
index a854b461..39693283 100644
--- a/webpack.browser.js
+++ b/webpack.browser.js
@@ -164,9 +164,6 @@ module.exports = {
       },
       name: 'CORE_FEDERATION',
       shared: createShared(data)
-    }),
-    new webpack.ProvidePlugin({
-      'atob': [path.resolve(path.join(__dirname, 'build/out/browser/utils.js')), 'atobWhiteSpace']
     })
   ],
   devtool: 'source-map'

From c5755d01b3e95e2f6c5ff503f10de4a3489b661d Mon Sep 17 00:00:00 2001
From: Mehmet Bektas <mbektasgh@outlook.com>
Date: Sun, 30 Jan 2022 22:09:24 -0800
Subject: [PATCH 3/4] remove unused method

---
 src/browser/utils.ts | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/src/browser/utils.ts b/src/browser/utils.ts
index 48a58fba..1932d157 100644
--- a/src/browser/utils.ts
+++ b/src/browser/utils.ts
@@ -35,11 +35,3 @@ namespace Browser {
         return 28 / webFrame.getZoomFactor();
     }
 }
-
-// atob with support for whitespace in data
-export
-function atobWhiteSpace(data: string): string {
-    // remove whitespace
-    data = data.replace(/\s/g, "");
-    return window.atob(data);
-}

From a8346995005bc196a16251776d9c96ef29e7adbb Mon Sep 17 00:00:00 2001
From: Mehmet Bektas <40003442+mbektas@users.noreply.github.com>
Date: Mon, 31 Jan 2022 06:49:29 -0800
Subject: [PATCH 4/4] add link to atob source

---
 src/main/preload.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/preload.ts b/src/main/preload.ts
index 65e9abc1..0a93d7f5 100644
--- a/src/main/preload.ts
+++ b/src/main/preload.ts
@@ -1,4 +1,6 @@
-// atob implementation below is modified from node.js source and copyright below is for that
+// atob implementation below is modified from node.js source 
+// (https://github.com/nodejs/node/blob/master/lib/buffer.js)
+// and copyright below is for it
 
 // Copyright Joyent, Inc. and other Node contributors.
 //