riot-desktop open SSO in browser so user doesn't have to auth twice

src/electron-main.js

@@ -35,6 +35,7 @@ const tray = require('./tray');
 const vectorMenu = require('./vectormenu');
 const webContentsHandler = require('./webcontents-handler');
 const updater = require('./updater');
+const protocolInit = require('./protocol');
 
 const windowStateKeeper = require('electron-window-state');
 const Store = require('electron-store');
@@ -511,6 +512,9 @@ if (!gotLock) {
     app.exit();
 }
 
+// do this after we know we are the primary instance of the app
+protocolInit();
+
 // Register the scheme the app is served from as 'standard'
 // which allows things like relative URLs and IndexedDB to
 // work.

src/webcontents-handler.js

@@ -198,19 +198,10 @@ function onEditableContextMenu(ev, params) {
 
 module.exports = (webContents) => {
     webContents.on('new-window', onWindowOrNavigate);
-    // XXX: The below now does absolutely nothing because of
-    // https://github.com/electron/electron/issues/8841
-    // Whilst this isn't a security issue since without
-    // node integration and with the sandbox, it should be
-    // no worse than opening the site in Chrome, it obviously
-    // means the user has to restart Riot to make it usable
-    // again (often unintuitive because it minimises to the
-    // system tray). We therefore need to be vigilant about
-    // putting target="_blank" on links in Riot (although
-    // we should generally be doing this anyway since links
-    // navigating you away from Riot in the browser is
-    // also annoying).
-    webContents.on('will-navigate', onWindowOrNavigate);
+    webContents.on('will-navigate', (ev, target) => {
+        if (target.startsWith("vector://")) return;
+        return onWindowOrNavigate(ev, target);
+    });
 
     webContents.on('context-menu', function(ev, params) {
         if (params.linkURL || params.srcURL) {