diff --git a/@types/electron/index.d.ts b/@types/electron/index.d.ts index ed0db996..c85a5c94 100644 --- a/@types/electron/index.d.ts +++ b/@types/electron/index.d.ts @@ -1,6 +1,7 @@ /// interface Window { + eval: never ipc: Electron.IpcRenderer process?: { type?: string diff --git a/packages/desktop/src/preload.ts b/packages/desktop/src/preload.ts index 297326fb..e2ff13fa 100644 --- a/packages/desktop/src/preload.ts +++ b/packages/desktop/src/preload.ts @@ -1,3 +1,5 @@ import electron from 'electron' +// Communication between webapp and electron main process +// Used on oauth flow window.ipc = electron.ipcRenderer diff --git a/packages/web/src/index.tsx b/packages/web/src/index.tsx index 6a4f29ca..3c7c26cd 100644 --- a/packages/web/src/index.tsx +++ b/packages/web/src/index.tsx @@ -1,3 +1,8 @@ +// Security precaution +;(window as any).eval = global.eval = () => { + throw new Error(`This app does not allow window.eval().`) +} + import '@babel/polyfill' import 'react-app-polyfill/ie9' import 'resize-observer-polyfill/dist/ResizeObserver.global'