Skip to content

PERMISSION_REQUEST_HANDLER_GLOBAL_CHECK

Luca Carettoni edited this page Apr 9, 2019 · 3 revisions

PERMISSION_REQUEST_HANDLER_GLOBAL_CHECK - Detect missing setPermissionRequestHandler for untrusted origins

This GlobalCheck detects if the atomic PERMISSION_REQUEST_HANDLER_JS_CHECK is missing, meaning that the setPermissionRequestHandler is not set in the target application.


Risk

This setting can be used to limit the exploitability of certain issues. Not enforcing custom checks for permission requests (e.g. media) leaves the Electron application under full control of the remote origin. For instance, a Cross-Site Scripting vulnerability can be used to access the browser media system and silently record audio/video. While browsers have implemented notification to inform the user that a remote site is capturing the webcam stream, Electron does not display any notification.

Auditing

Review all occurrences of setPermissionRequestHandler. If used, manually evaluate the implementation and security of the custom callbacks. If not used, the application does not limit session permissions at all thus the configuration is open to abuses.

References

You can’t perform that action at this time.