From e99328a45ea6db9cd8c5b18ee1affb973e88e4ac Mon Sep 17 00:00:00 2001
From: "trop[bot]" <37223003+trop[bot]@users.noreply.github.com>
Date: Wed, 29 Jan 2025 15:44:07 -0500
Subject: [PATCH] docs: reference security guide in `ipcRenderer.on` docs
 (#45371)

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: Niklas Wenzel <dev@nikwen.de>
---
 docs/api/ipc-renderer.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/docs/api/ipc-renderer.md b/docs/api/ipc-renderer.md
index 12273e9e1f9c..7f2afc41e7c1 100644
--- a/docs/api/ipc-renderer.md
+++ b/docs/api/ipc-renderer.md
@@ -41,6 +41,16 @@ The `ipcRenderer` module has the following method to listen for events and send
 Listens to `channel`, when a new message arrives `listener` would be called with
 `listener(event, args...)`.
 
+:::warning
+Do not expose the `event` argument to the renderer for security reasons! Wrap any
+callback that you receive from the renderer in another function like this:
+`ipcRenderer.on('my-channel', (event, ...args) => callback(...args))`.
+Not wrapping the callback in such a function would expose dangerous Electron APIs
+to the renderer process. See the
+[security guide](../tutorial/security.md#20-do-not-expose-electron-apis-to-untrusted-web-content)
+for more info.
+:::
+
 ### `ipcRenderer.off(channel, listener)`
 
 * `channel` string