* Add note that the will-navigate checks aren't fired

* Use default TLS certificate verification handler

The linked document warns against explicitly opting out from
TLS validation. This doesn't require setting a custom handler.

* Refactor trusted navigation urls

* Fix regex typo

* fix: Whitelist cli args

* Remove cli.wsPort

* Fix psn flag

* Fix mistaken merge

* fix: Disable Electron remote module

* Remove duplicate

* Remove ipcRenderer and window.bridge

* Make app work more or less

* Make app work really

* Make prod work

* Make translations work

* Small tweaks

* Rename IPC channels

* Tighten up CSP

* Optimize a little bit

* Fix lint

* feat: Security aspects for fether-electron. See #124

* feat: Add Source Maps support

* docs: Add Source Maps guide to Readme

* feat: Add webpack-build-notifier add-on with custom Webpack config

* fix: Remove duplicate dependency

* WIP

* WIP

* review-fix: Configure CSP depending on NODE_ENV

* fix: Fix worker-src for the camera in production

* review-fix: Remove unnecessary config of source maps dependency

* Use preload script as buffer between main and renderer processes (#463)

* fix: Remove is-electron since now using preload script

* fix: Remove old preload script

* fix: Do not expose electron, remote, or require to web app

* fix: Add newline

* feat: Single Fether instance lock

* fix: Move preload to static folder so works with binary

* review-fix: Remove fix for webview since not used. Add comment incase used in future. Fix other event handling code

* review-fix: Add optional opt-in to using Webpack notifier plugin by running with NOTIFIER=true yarn start

* review-fix: Use pino.debug instead of console.log

* review-fix: Add worker-src blob to CSP in development for webcam

* review-fix: Update handling of untrusted urls and sessions and certificates

* review-fix: Convert to WSS. Move CSP into array like in Parity-JS Shell. Update CSP

* review-fix: Update CSP to avoid duplication

* review-fix: Remove from new-window event listener that which applies to additional new BrowserWindows since not applicable

* review-fix: Combined pino logs

* review-fix: Change to parsedUrl.href instead of origin. Fix trusted urls for dev

* fix: Remote https 127.0.0.1 in prod

* review-fix: Move WebpackBuildNotifier images so not in binary. Fix ico file

* fix: Remove console.logs

* refactor: Cleanup so can merge. Extract for inclusion in separate PR

* review-fix: Remove debugging notes since better in wiki

* review-fix: Remove other lines due to move to wiki

* fix comment

* review-fix: Remove setPermissionRequestHandler since not know if need. Move to https://hackmd.io/O1FA34BuSNyJoPV1Cu3L0A

* review-fix: Move CSP debugging into onHeadersReceived

* review-fix: Fix isParityRunningStatus

* review-fix: Replace parse-url with Node.js url parser

* review-fix: Remove parse-url from dependencies

* fix: Fix logic in setCertificateVerifyProc

* WIP

* review-fix: Dynamically add WS port from CLI to trusted

* review-fix: Update comments with security warnings

* merge latest from master and fix conflicts

* chore: Remove useless console.log

* misc: See commit details

* Remove --ws-origins from CLI, hard-code instead
* Remove --ws-interface from CLI, hard-code instead
* Ignore --ws-interface and --ws-origins flags in CLI
* Add hard-coded default trusted WS interface to window.bridge
* Add default WS port to window.bridge

* WIP - start implementing isDev. See FIXME for future work required

* review-fix: Use appIsPackaged instead of NODE_ENV

* fix: Add IS_PROD to constants and assign appIsPackaged to it. Expose it to frontend so no longer use NODE_ENV

* feat: Add wiki Fether FAQ to trusted urls since required by PR #482

* fix: Fix untrusted blockscout.com error in setCertificateVerifyProc

* review-fix: fix blocked image hosting and external blockscout urls

* review-fix: trust github token icons

* review-fix: Rename network to fetherNetwork so custom config avoids naming conflict

* review-fix: Remove duplicate pino.debug for CSP

* review-fix: Remove WsSecure until wss and certificates implemented

* review-fix: Update config to show Electron security warnings in all environments

* review-fix: Remove use of wsInterface

* refactor: Refactor tests inside describe blocks

* tests: Add chrome dev tools to tests for trusted urls

* review-fix: Use NODE_ENV and Electron app.isPackaged

* fix: Rebuild yarn.lock

* fix: Fix linting to arg passed to correct script

* review-fix: Remove ws-origins flag and trusted ws origins

* test: Fix failing test

* review-fix: Remove package-lock.json

* fix: Use NODE_ENV consistently instead of process.defaultApp

* fix: Change to hash instead of transactionHash for blockscout

* Parity Ethereum bundling

* Grumbles; update light.js

* Grumbles

* Merge in PR#394 ac-upd-post: refactor sendStore post/postRaw

* Download highest version matching requirement rather than latest beta

* Rename RequireVersion to RequireParityVersion

* Grumbles

* Change Parity version requirement to ~2.4.1

* Fix --no-run-parity with Parity already running

* Grumble

Co-Authored-By: axelchalon <[email protected]>

fix: Fixes Cannot read getGlobal of undefined since remote must be enabled in fether-electron config to use fether-react

* Update Readme with Usage of taskbar mode on macOS and Linux

* Remvoe custom context menu since was not working and we will use ALT version instead

* Rename processMoved to saveWindowPosition

* Fix by savingWindowPosition when user minimises Fether window so it restores to same position

* Change tooltip message to 'Click to toggle Fether window' since it is important on Linux as use must click the tooltip to open/close the Fether window

* Only disable taskbar mode on Windows

* Save Fether window position on Linux using debounce with 'move' event, and 'close' event

* Save Fether window position on macOS and Windows also using 'close' event instead of just 'moved' event

* Refactor `create` method to prevent duplication

* Refactor to organise event listeners into `setupWindowListeners` and `setupRequestListeners`

* Developer experience - Add progress bar that appears on the Docker icon (particularly useful for those with slow connection or local machine)

* Add tabbing identifier set to 'parity' so it groups projects with same identifier

* Security - Electron window setContentProtection to true to prevent other apps being able to access it

* Security - webPreferences.enableRemoteModule to false to prevent unsolicited access

* Add shadow to taskbar app