You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that the "angular-electron" project does not enable context isolation, which could potentially lead to security vulnerabilities. According to the Electron documentation, enabling context isolation provides an additional layer of security by preventing renderer processes from accessing the main process directly.
I would like to request that the "angular-electron" project enable context isolation in order to improve the security of the application. This can be done by setting the "contextIsolation" property to "true" in the Electron configuration.
Thank you for your attention to this matter.
The text was updated successfully, but these errors were encountered:
thamizh-qwerty
changed the title
"Enable context isolation for better security in Electron"
Enable context isolation for better security in Electron
Feb 26, 2023
I agree but in this scenario, it's obvious the developer needs to spend more effort on the electron side of the project because he/she needs to write there all the middle-layer logic to interact with node_modules libraries or Node APIs.
The purpose of this project is to stay as simple as possible and migrate to contextIsolation is not that hard if you follow the official documentation. That's why it's not enabled currently.
But I can change my mind and your PR is welcomed :)
Hello,
I noticed that the "angular-electron" project does not enable context isolation, which could potentially lead to security vulnerabilities. According to the Electron documentation, enabling context isolation provides an additional layer of security by preventing renderer processes from accessing the main process directly.
I would like to request that the "angular-electron" project enable context isolation in order to improve the security of the application. This can be done by setting the "contextIsolation" property to "true" in the Electron configuration.
Thank you for your attention to this matter.
The text was updated successfully, but these errors were encountered: