electron-sandbox-boilerplate icon indicating copy to clipboard operation
electron-sandbox-boilerplate copied to clipboard

Published 20 hours ago verified publisher icon kewde

Prefix channels instead of hardcoding them?

Open Natrium729 opened this issue 6 years ago • 1 comments

First of all, thanks for this repo, it helped me wrap my head around preload.js scripts and such.

Now, my question. In preload-simple.js, it is written that you should always use hardcoded channels. I was wondering, are there any security issues to prefix channels instead of hardcoding (or filtering) them? For example:

function sendIPCMessage (channel, arg) {
  return ipcRenderer.sendSync(`secured-${channel}`, args);
}

With that, a malicious message cannot be sent (I suppose), since window.sendMessage('ELECTRON_BROWSER_GET_BUILTIN', 'app') will send the message on the "secured-ELECTRON_BROWSER_GET_BUILTIN channel instead.

Am I missing something? Because if that's not the case, then it would be way more flexible not to use hardcoded channels.

Thanks!

Natrium729 avatar Sep 17 '18 20:09 Natrium729

That would be equally secure as far as I know.

Isolated worlds was recently introduced so preload scripts have lost some of their interesting capabilities. I suggest looking at protocol handlers for a more interesting alternative.

I encountered a bug with them though, https://github.com/kewde/electron-sandbox-boilerplate/tree/bug-stream-protocol/sandbox-stream-protocol

kewde avatar Sep 18 '18 13:09 kewde