1 files changed, 7 insertions, 13 deletions

diff --git a/packages/main/src/infrastructure/electron/impl/hardenSession.ts b/packages/main/src/infrastructure/electron/impl/hardenSession.ts
index 71d8148..10b694a 100644
--- a/packages/main/src/infrastructure/electron/impl/hardenSession.ts
+++ b/packages/main/src/infrastructure/electron/impl/hardenSession.ts
@@ -51,8 +51,12 @@ export default function hardenSession(
   const rendererBaseURL = resources.getRendererURL('/');
   log.debug('Renderer base URL:', rendererBaseURL);
 
-  const webSocketBaseURL = rendererBaseURL.replace(/^http(s)?:/, 'ws$1:');
-  log.debug('WebSocket base URL:', webSocketBaseURL);
+  const allowedPrefixes = [rendererBaseURL];
+  if (devMode) {
+    const webSocketBaseURL = rendererBaseURL.replace(/^http(s)?:/, 'ws$1:');
+    log.debug('WebSocket base URL:', webSocketBaseURL);
+    allowedPrefixes.push(webSocketBaseURL, ...DEVMODE_ALLOWED_URL_PREFIXES);
+  }
 
   function shouldCancelRequest(url: string, method: string): boolean {
     if (method !== 'GET') {
@@ -64,17 +68,7 @@ export default function hardenSession(
     } catch {
       return true;
     }
-    if (
-      devMode &&
-      DEVMODE_ALLOWED_URL_PREFIXES.some((prefix) =>
-        normalizedURL.startsWith(prefix),
-      )
-    ) {
-      return false;
-    }
-    const isHttp = normalizedURL.startsWith(rendererBaseURL);
-    const isWs = normalizedURL.startsWith(webSocketBaseURL);
-    return !isHttp && !isWs;
+    return !allowedPrefixes.some((prefix) => normalizedURL.startsWith(prefix));
   }
 
   session.webRequest.onBeforeRequest(({ url, method }, callback) => {