bevy_cef 0.11.0

Bevy CEF integration for web rendering
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

//! Configuration for Chromium's OS-level process sandbox.

/// Controls Chromium's OS-level sandbox (`Settings.no_sandbox`).
///
/// The default, [`SandboxMode::PlatformDefault`], reproduces bevy_cef's existing
/// per-platform behavior: sandbox **on** for macOS release builds; **off** for
/// macOS debug builds, Windows, and Linux.
///
/// Enabling the sandbox is best-effort and platform-specific (Linux needs a SUID
/// `chrome-sandbox` helper; macOS needs a `cef_sandbox`-linked render process).
#[derive(Clone, Copy, Debug, Default, PartialEq, Eq)]
pub enum SandboxMode {
    /// Preserve bevy_cef's current per-platform default.
    #[default]
    PlatformDefault,
    /// Force the Chromium sandbox ON (`no_sandbox = false`).
    Enabled,
    /// Force the Chromium sandbox OFF (`no_sandbox = true`).
    Disabled,
}

/// Resolves a [`SandboxMode`] to the `no_sandbox` boolean passed to CEF `Settings`.
///
/// Lives in the root `bevy_cef` crate so `cfg!(feature = "debug")` observes the same
/// `debug` feature value as the historical `#[cfg(feature = "debug")]` gate in
/// `message_loop.rs`.
pub fn resolve_no_sandbox(mode: SandboxMode) -> bool {
    match mode {
        SandboxMode::Enabled => false,
        SandboxMode::Disabled => true,
        SandboxMode::PlatformDefault => {
            #[cfg(target_os = "macos")]
            {
                cfg!(feature = "debug")
            }
            #[cfg(not(target_os = "macos"))]
            {
                true
            }
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn enabled_means_sandbox_on() {
        assert!(!resolve_no_sandbox(SandboxMode::Enabled));
    }

    #[test]
    fn disabled_means_no_sandbox() {
        assert!(resolve_no_sandbox(SandboxMode::Disabled));
    }

    // PlatformDefault on macOS legitimately depends on the `debug` feature, so we do
    // not assert a specific value there (that would just mirror the implementation).
    // On every other platform the invariant is concrete: the sandbox is off by default.
    #[cfg(not(target_os = "macos"))]
    #[test]
    fn platform_default_is_no_sandbox_on_non_macos() {
        assert!(resolve_no_sandbox(SandboxMode::PlatformDefault));
    }
}