mirrors/signal-desktop
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Deny all permissions we don't actually need

Browse source
This commit is contained in:
Scott Nonnenberg 2018-05-24 12:13:16 -07:00
parent a58e94e17e
commit beb65b14c0
2 changed files with 40 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
app/permissions.js Normal file
View file

@ -0,0 +1,33 @@
// The list of permissions is here:
// https://electronjs.org/docs/api/session#sessetpermissionrequesthandlerhandler
const PERMISSIONS = {
// Allowed
fullscreen: true, // required to show videos in full-screen
media: true, // required for access to microphone, used for voice notes
notifications: true, // required to show OS notifications for new messages
// Not allowed
geolocation: false,
midiSysex: false,
openExternal: false, // we don't need this; we open links via 'will-navigate' event
pointerLock: false,
};
function _permissionHandler(webContents, permission, callback) {
if (PERMISSIONS[permission]) {
console.log(`Approving request for permission '${permission}'`);
return callback(true);
}
console.log(`Denying request for permission '${permission}'`);
return callback(false);
}
function installPermissionsHandler({ session }) {
session.defaultSession.setPermissionRequestHandler(_permissionHandler);
}
module.exports = {
installPermissionsHandler,
};

15
main.js
View file

@ -6,12 +6,13 @@ const _ = require('lodash');
const electron = require('electron'); const electron = require('electron');
const { const {
BrowserWindow,
app, app,
Menu, BrowserWindow,
shell,
ipcMain: ipc, ipcMain: ipc,
Menu,
protocol: electronProtocol, protocol: electronProtocol,
session,
shell,
} = electron; } = electron;
const packageJson = require('./package.json'); const packageJson = require('./package.json');
@ -27,6 +28,7 @@ const {
installFileHandler, installFileHandler,
installWebHandler, installWebHandler,
} = require('./app/protocol_filter'); } = require('./app/protocol_filter');
const { installPermissionsHandler } = require('./app/permissions');
GlobalErrors.addHandler(); GlobalErrors.addHandler();
@ -306,11 +308,6 @@ function createWindow() {
captureClicks(mainWindow); captureClicks(mainWindow);
mainWindow.webContents.on('will-navigate', event => {
logger.info('will-navigate');
event.preventDefault();
});
// Emitted when the window is about to be closed. // Emitted when the window is about to be closed.
mainWindow.on('close', e => { mainWindow.on('close', e => {
// If the application is terminating, just do the default // If the application is terminating, just do the default
@ -460,6 +457,8 @@ app.on('ready', () => {
protocol: electronProtocol, protocol: electronProtocol,
}); });
installPermissionsHandler({ session });
// NOTE: Temporarily allow `then` until we convert the entire file to `async` / `await`: // NOTE: Temporarily allow `then` until we convert the entire file to `async` / `await`:
/* eslint-disable more/no-then */ /* eslint-disable more/no-then */
let loggingSetupError; let loggingSetupError;