mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

docs: security.md mark 'Enable process sandboxing' as active by defau… (#48648)

Browse source 
* docs: security.md mark 'Enable process sandboxing' as active by default since electron 20

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

* Adjusted according to feedback

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

* Updated according to feedback - adjusted sandbox.md

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

* formatting

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

* Fixed broken markup

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

* Implemented docs linting suggestions

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

* docs: docs/tutorial/sandbox.md - fixed typo

Co-authored-by: Erick Zhao <erick@hotmail.ca>

Co-authored-by: Teaveloper <49181620+LeUser111@users.noreply.github.com>

* docs: web-preferences.md - sandbox: mention default value and relation to nodeIntegration

Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>

---------

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: LeUser111 <florian.wiedenmann@grob.de>
Co-authored-by: Teaveloper <49181620+LeUser111@users.noreply.github.com>
This commit is contained in:
trop[bot] 2025-10-24 11:16:26 +02:00 committed by GitHub
commit a8372e0e70
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 30 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

15
docs/tutorial/sandbox.md
View file

@ -13,7 +13,13 @@ the GPU service and the network service.
See Chromium's [Sandbox design document][sandbox] for more information.
Starting from Electron 20, the sandbox is enabled for renderer processes without any
further configuration. If you want to disable the sandbox for a process, see the
further configuration.
Sandboxing is tied to Node.js integration. _Enabling Node.js integration_ for a
renderer process by setting `nodeIntegration: true` _disables the sandbox_ for the
process.
If you want to disable the sandbox for a process, see the
[Disabling the sandbox for a single process](#disabling-the-sandbox-for-a-single-process)
section.
@ -98,7 +104,8 @@ app.whenReady().then(() => {
```
Sandboxing is also disabled whenever Node.js integration is enabled in the renderer.
This can be done through the BrowserWindow constructor with the `nodeIntegration: true` flag.
This can be done through the BrowserWindow constructor with the `nodeIntegration: true` flag
or by providing the respective HTML boolean attribute for a `webview`.
```js title='main.js'
app.whenReady().then(() => {
@ -111,6 +118,10 @@ app.whenReady().then(() => {
})
```
```html title='index.html (Renderer Process)'
<webview nodeIntegration src="page.html"></webview>
```
### Enabling the sandbox globally
If you want to force sandboxing for all renderers, you can also use the