quine-global/hyper
1
0
Fork 0
mirror of https://github.com/quine-global/hyper.git synced 2026-01-17 05:58:41 -09:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix electron window.open vulnerability (#3457)

Browse source 
* Fix electron window.open vulnerability

* Comment to remove fix when merged into Hyper3
This commit is contained in:
CHaBou 2019-02-05 05:39:36 +01:00 committed by Juan Campa
parent 1a82866fec
commit 17fcae570b
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/ui/window.js
View file

@ -226,6 +226,10 @@ module.exports = class Window {
} }
}); });
// mitigate a security issue: https://electronjs.org/blog/window-open-fix
// TODO: remove when merged into Hyper 3 (already has the fix via electron)
window.webContents.on('-add-new-contents', e => e.preventDefault());
// expose internals to extension authors // expose internals to extension authors
window.rpc = rpc; window.rpc = rpc;
window.sessions = sessions; window.sessions = sessions;