Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there any way to restrict nodejs electron app to access to only certain web addresses

Tags:

node.js

google-chrome

v8

electron

I'm creating an internal application in electron. For security reasons I want to make sure that accidentally information is not getting uploaded to some other web urls.

Is there any way to do this in electron apps ?

like image 894
Sagar Avatar asked Sep 14 '25 00:09

Sagar

1 Answers

From the Electron documentation:

https://electronjs.org/docs/tutorial/security#12-disable-or-limit-navigation

    const URL = require('url').URL

    app.on('web-contents-created', (event, contents) => {

    contents.on('will-navigate', (event, navigationUrl) => {
      const parsedUrl = new URL(navigationUrl)

      if (parsedUrl.origin !== 'https://my-own-server.com') {
         event.preventDefault()
      }
    })
   })

There are multiple recommendations on the same page besides just limiting navigation:

https://electronjs.org/docs/tutorial/security

You can also work through this great resource: https://www.blackhat.com/docs/us-17/thursday/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf

Some interesting techniques include using setPermissionRequestHandler on the session to set a callback preventing opening external links.

like image 75
GrahamMc Avatar answered Sep 15 '25 13:09

GrahamMc
Sign in to Comment

Related questions

How to configure Port Forwarding with Google Cloud Compute Engine for a Node.JS application

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!