From 40e2235bbea546d519de2c581b05eee3471b787f Mon Sep 17 00:00:00 2001 From: Alice Gaudon Date: Wed, 1 Apr 2020 09:24:10 +0200 Subject: [PATCH] Security: ask user on permission request --- resources/js/index.js | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/resources/js/index.js b/resources/js/index.js index 15feec0..7861e94 100644 --- a/resources/js/index.js +++ b/resources/js/index.js @@ -6,6 +6,7 @@ const { Menu, MenuItem, dialog, + session, } = remote; const appInfo = {}; @@ -370,10 +371,32 @@ function loadService(serviceId, service) { } }); + // Set custom user agent if (typeof service.customUserAgent === 'string') { let webContents = remote.webContents.fromId(service.view.getWebContentsId()); webContents.setUserAgent(service.customUserAgent); } + + // Set permission request handler + session.fromPartition(service.view.partition) + .setPermissionRequestHandler(((webContents, permission, callback, details) => { + dialog.showMessageBox(remote.getCurrentWindow(), { + type: 'question', + title: 'Grant ' + permission + ' permission', + message: 'Do you wish to grant the ' + permission + ' permission to ' + details.requestingUrl + '?', + buttons: ['Deny', 'Authorize'], + cancelId: 0, + }).then(result => { + if (result.response === 1) { + console.log('Granted', permission, 'for service', details.requestingUrl); + callback(true); + } else { + console.log('Denied', permission, 'for service', details.requestingUrl); + callback(false); + } + }).catch(console.error); + })); + service.view.setAttribute('src', service.url); });