make isolation scheme secure

crates/tauri-runtime-cef/src/cef_impl.rs

@@ -77,6 +77,7 @@ impl<T: UserEvent> Context<T> {
 wrap_app! {
   pub struct TauriApp<T: UserEvent> {
     context: Context<T>,
+    custom_schemes: Vec<String>,
   }
 
   impl App {
@@ -91,9 +92,8 @@ wrap_app! {
           | (cef_dll_sys::cef_scheme_options_t::CEF_SCHEME_OPTION_CORS_ENABLED as i32)
           | (cef_dll_sys::cef_scheme_options_t::CEF_SCHEME_OPTION_STANDARD as i32);
 
-        for scheme in ["ipc", "tauri"] {
-          let scheme_name = CefString::from(scheme);
-          registrar.add_custom_scheme(Some(&scheme_name), scheme_options);
+        for scheme in &self.custom_schemes {
+          registrar.add_custom_scheme(Some(&(scheme.as_str()).into()), scheme_options);
         }
       }
     }

crates/tauri-runtime-cef/src/lib.rs

@@ -1815,7 +1815,7 @@ impl<T: UserEvent> CefRuntime<T> {
       next_window_id: Default::default(),
       next_window_event_id: Default::default(),
     };
-    let mut app = cef_impl::TauriApp::new(cef_context.clone());
+    let mut app = cef_impl::TauriApp::new(cef_context.clone(), runtime_args.custom_schemes);
 
     let cmd = args.as_cmd_line().unwrap();
 

crates/tauri-runtime/src/lib.rs

@@ -388,6 +388,7 @@ pub struct RuntimeInitArgs {
   #[cfg(windows)]
   pub msg_hook: Option<Box<dyn FnMut(*const std::ffi::c_void) -> bool + 'static>>,
   pub identifier: String,
+  pub custom_schemes: Vec<String>,
 }
 
 /// The webview runtime interface.

crates/tauri/src/app.rs

@@ -2143,8 +2143,14 @@ tauri::Builder::default()
       None
     };
 
+    let mut custom_schemes = vec!["ipc".to_string(), "tauri".to_string()];
+    if let crate::pattern::Pattern::Isolation { schema, .. } = &*manager.pattern {
+      custom_schemes.push(schema.clone());
+    }
+
     let runtime_args = RuntimeInitArgs {
       identifier: manager.config.identifier.clone(),
+      custom_schemes,
       #[cfg(any(
         target_os = "linux",
         target_os = "dragonfly",