Skip to content

Commit ac016ae

Browse files
authored
Merge pull request #185 from switchifyapp/fix/restore-highestavailable-uiaccess-184
Restore highestAvailable uiAccess manifest
2 parents 92ee0c1 + 07d837e commit ac016ae

3 files changed

Lines changed: 5 additions & 5 deletions

File tree

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ Switchify PC uses `uiAccess="true"` so the installed app can interact with eleva
8585

8686
Windows only honors `uiAccess` when all of these are true:
8787

88-
- The app executable manifest has `level="asInvoker"` and `uiAccess="true"`.
88+
- The app executable manifest has `level="highestAvailable"` and `uiAccess="true"`.
8989
- The executable is Authenticode signed.
9090
- The executable is installed in a secure location such as `C:\Program Files\Switchify PC\`.
9191
- Signing happens after icon and manifest resource embedding.

build/win-uiaccess.manifest

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
1010
<security>
1111
<requestedPrivileges>
12-
<requestedExecutionLevel level="asInvoker" uiAccess="true" />
12+
<requestedExecutionLevel level="highestAvailable" uiAccess="true" />
1313
</requestedPrivileges>
1414
</security>
1515
</trustInfo>

scripts/verify-win-uiaccess-package.cjs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ try {
3939
runTool(mtExe, ['-nologo', `-inputresource:${executablePath};#1`, `-out:${manifestOutPath}`]);
4040
const manifest = fs.readFileSync(manifestOutPath, 'utf8');
4141
const hasUiAccess = /uiAccess\s*=\s*"true"/.test(manifest);
42-
const hasAsInvoker = /level\s*=\s*"asInvoker"/.test(manifest);
42+
const hasHighestAvailable = /level\s*=\s*"highestAvailable"/.test(manifest);
4343

4444
const signatureResult = runTool(signtoolExe, ['verify', '/pa', '/v', executablePath], { stdio: 'pipe' });
4545
const signatureOutput = `${signatureResult.stdout || ''}${signatureResult.stderr || ''}`;
@@ -52,15 +52,15 @@ try {
5252

5353
console.log(`manifest embedded: yes`);
5454
console.log(`uiAccess=true: ${hasUiAccess ? 'yes' : 'no'}`);
55-
console.log(`asInvoker: ${hasAsInvoker ? 'yes' : 'no'}`);
55+
console.log(`highestAvailable: ${hasHighestAvailable ? 'yes' : 'no'}`);
5656
console.log(`signature status: ${signatureOutput.includes('Successfully verified') ? 'valid' : 'check output above'}`);
5757
console.log('cursor overlay helper: present');
5858
console.log(`cursor overlay helper signature: ${helperSignatureOutput.includes('Successfully verified') ? 'valid' : 'check output above'}`);
5959
console.log('Bluetooth transport helper: present');
6060
console.log(`Bluetooth transport helper signature: ${bluetoothHelperSignatureOutput.includes('Successfully verified') ? 'valid' : 'check output above'}`);
6161
console.log('secure install location required: install per-machine under Program Files for uiAccess to take effect.');
6262

63-
if (!hasUiAccess || !hasAsInvoker) {
63+
if (!hasUiAccess || !hasHighestAvailable) {
6464
throw new Error('Packaged executable manifest does not contain the required uiAccess settings.');
6565
}
6666

0 commit comments

Comments
 (0)