-
Notifications
You must be signed in to change notification settings - Fork 5
/
main.js
119 lines (103 loc) · 4.01 KB
/
main.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import { app, BrowserWindow, ipcMain, session, screen } from 'electron';
import debug from 'electron-debug';
import path from 'path';
// Developer Dependencies.
const isDev = !app.isPackaged;
debug();
// Get rid of the deprecated default.
app.allowRendererProcessReuse = true;
// Keep a global reference of the window object, if you don't, the window will
// be closed automatically when the JavaScript object is garbage collected.
let mainWindow;
/**
* Create the main application window.
*/
function createWindow() {
const display = screen.getPrimaryDisplay();
// Create the browser window.
mainWindow = new BrowserWindow({
width: display.workArea.width,
height: display.workArea.height,
frame: true,
webPreferences: {
devTools: isDev,
nodeIntegration: false, // Disable nodeIntegration for security.
nodeIntegrationInWorker: false,
nodeIntegrationInSubFrames: false,
disableBlinkFeatures: 'Auxclick', // See: https://github.com/doyensec/electronegativity/wiki/AUXCLICK_JS_CHECK
contextIsolation: true, // Protect against prototype pollution.
worldSafeExecuteJavaScript: true, // https://github.com/electron/electron/pull/24114
enableRemoteModule: false, // Turn off remote to avoid temptation.
preload: path.join(app.getAppPath(), 'app/preload.js'),
},
});
// and load the index.html of the app.
mainWindow.loadURL(`file://${app.getAppPath()}/app/index.html`);
// Emitted when the window is closed.
mainWindow.on('closed', () => {
// Dereference the window object, usually you would store windows
// in an array if your app supports multi windows, this is the time
// when you should delete the corresponding element.
mainWindow = null;
});
}
// This method will be called when Electron has finished
// initialization and is ready to create browser windows.
// Some APIs can only be used after this event occurs.
app.on('ready', createWindow);
// Quit when all windows are closed.
app.on('window-all-closed', () => {
// On OS X it is common for applications and their menu bar
// to stay active until the user quits explicitly with Cmd + Q
if (process.platform !== 'darwin') {
app.quit();
}
});
// Extra security filters.
// See also: https://github.com/reZach/secure-electron-template
app.on('web-contents-created', (event, contents) => {
// Block navigation.
// https://electronjs.org/docs/tutorial/security#12-disable-or-limit-navigation
contents.on("will-navigate", (navEvent) => {
navEvent.preventDefault();
});
contents.on("will-redirect", (navEvent) => {
navEvent.preventDefault();
});
// https://electronjs.org/docs/tutorial/security#11-verify-webview-options-before-creation
contents.on("will-attach-webview", (webEvent, webPreferences) => {
// Strip away preload scripts.
delete webPreferences.preload;
delete webPreferences.preloadURL;
// Disable Node.js integration.
webPreferences.nodeIntegration = false;
});
// Block new windows from within the App
// https://electronjs.org/docs/tutorial/security#13-disable-or-limit-creation-of-new-windows
contents.setWindowOpenHandler(() => ({ action: "deny" }));
// Lock down session permissions.
// https://www.electronjs.org/docs/tutorial/security#4-handle-session-permission-requests-from-remote-content
// https://github.com/doyensec/electronegativity/wiki/PERMISSION_REQUEST_HANDLER_GLOBAL_CHECK
session
.fromPartition('persist: secured-partition')
.setPermissionRequestHandler((webContents, permission, callback) => {
callback(false);
});
});
app.on('activate', () => {
// On OS X it's common to re-create a window in the app when the
// dock icon is clicked and there are no other windows open.
if (mainWindow === null) {
createWindow();
}
});
/**
* Example IPC message handler.
*/
ipcMain.on('sample_message', (event, args) => {
// Sample useless response.
mainWindow.webContents.send('sample_response', {
message: 'Interface sent a message to main: ' + args.message_content,
});
return true;
});