Deny all permissions we don't actually need
This commit is contained in:
Scott Nonnenberg
parent
a58e94e17e
commit
beb65b14c0
|
|
@ -0,0 +1,33 @@
|
|||
// The list of permissions is here:
|
||||
// https://electronjs.org/docs/api/session#sessetpermissionrequesthandlerhandler
|
||||
|
||||
const PERMISSIONS = {
|
||||
// Allowed
|
||||
fullscreen: true, // required to show videos in full-screen
|
||||
media: true, // required for access to microphone, used for voice notes
|
||||
notifications: true, // required to show OS notifications for new messages
|
||||
|
||||
// Not allowed
|
||||
geolocation: false,
|
||||
midiSysex: false,
|
||||
openExternal: false, // we don't need this; we open links via 'will-navigate' event
|
||||
pointerLock: false,
|
||||
};
|
||||
|
||||
function _permissionHandler(webContents, permission, callback) {
|
||||
if (PERMISSIONS[permission]) {
|
||||
console.log(`Approving request for permission '${permission}'`);
|
||||
return callback(true);
|
||||
}
|
||||
|
||||
console.log(`Denying request for permission '${permission}'`);
|
||||
return callback(false);
|
||||
}
|
||||
|
||||
function installPermissionsHandler({ session }) {
|
||||
session.defaultSession.setPermissionRequestHandler(_permissionHandler);
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
installPermissionsHandler,
|
||||
};
|
||||
15
main.js
15
main.js
|
|
@ -6,12 +6,13 @@ const _ = require('lodash');
|
|||
const electron = require('electron');
|
||||
|
||||
const {
|
||||
BrowserWindow,
|
||||
app,
|
||||
Menu,
|
||||
shell,
|
||||
BrowserWindow,
|
||||
ipcMain: ipc,
|
||||
Menu,
|
||||
protocol: electronProtocol,
|
||||
session,
|
||||
shell,
|
||||
} = electron;
|
||||
|
||||
const packageJson = require('./package.json');
|
||||
|
|
@ -27,6 +28,7 @@ const {
|
|||
installFileHandler,
|
||||
installWebHandler,
|
||||
} = require('./app/protocol_filter');
|
||||
const { installPermissionsHandler } = require('./app/permissions');
|
||||
|
||||
GlobalErrors.addHandler();
|
||||
|
||||
|
|
@ -306,11 +308,6 @@ function createWindow() {
|
|||
|
||||
captureClicks(mainWindow);
|
||||
|
||||
mainWindow.webContents.on('will-navigate', event => {
|
||||
logger.info('will-navigate');
|
||||
event.preventDefault();
|
||||
});
|
||||
|
||||
// Emitted when the window is about to be closed.
|
||||
mainWindow.on('close', e => {
|
||||
// If the application is terminating, just do the default
|
||||
|
|
@ -460,6 +457,8 @@ app.on('ready', () => {
|
|||
protocol: electronProtocol,
|
||||
});
|
||||
|
||||
installPermissionsHandler({ session });
|
||||
|
||||
// NOTE: Temporarily allow `then` until we convert the entire file to `async` / `await`:
|
||||
/* eslint-disable more/no-then */
|
||||
let loggingSetupError;
|
||||
|
|
|
|||
Loading…
Reference in New Issue