diff options
Diffstat (limited to 'packages/main/src/infrastructure/electron/impl/hardenSession.ts')
-rw-r--r-- | packages/main/src/infrastructure/electron/impl/hardenSession.ts | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/packages/main/src/infrastructure/electron/impl/hardenSession.ts b/packages/main/src/infrastructure/electron/impl/hardenSession.ts index 71d8148..10b694a 100644 --- a/packages/main/src/infrastructure/electron/impl/hardenSession.ts +++ b/packages/main/src/infrastructure/electron/impl/hardenSession.ts | |||
@@ -51,8 +51,12 @@ export default function hardenSession( | |||
51 | const rendererBaseURL = resources.getRendererURL('/'); | 51 | const rendererBaseURL = resources.getRendererURL('/'); |
52 | log.debug('Renderer base URL:', rendererBaseURL); | 52 | log.debug('Renderer base URL:', rendererBaseURL); |
53 | 53 | ||
54 | const webSocketBaseURL = rendererBaseURL.replace(/^http(s)?:/, 'ws$1:'); | 54 | const allowedPrefixes = [rendererBaseURL]; |
55 | log.debug('WebSocket base URL:', webSocketBaseURL); | 55 | if (devMode) { |
56 | const webSocketBaseURL = rendererBaseURL.replace(/^http(s)?:/, 'ws$1:'); | ||
57 | log.debug('WebSocket base URL:', webSocketBaseURL); | ||
58 | allowedPrefixes.push(webSocketBaseURL, ...DEVMODE_ALLOWED_URL_PREFIXES); | ||
59 | } | ||
56 | 60 | ||
57 | function shouldCancelRequest(url: string, method: string): boolean { | 61 | function shouldCancelRequest(url: string, method: string): boolean { |
58 | if (method !== 'GET') { | 62 | if (method !== 'GET') { |
@@ -64,17 +68,7 @@ export default function hardenSession( | |||
64 | } catch { | 68 | } catch { |
65 | return true; | 69 | return true; |
66 | } | 70 | } |
67 | if ( | 71 | return !allowedPrefixes.some((prefix) => normalizedURL.startsWith(prefix)); |
68 | devMode && | ||
69 | DEVMODE_ALLOWED_URL_PREFIXES.some((prefix) => | ||
70 | normalizedURL.startsWith(prefix), | ||
71 | ) | ||
72 | ) { | ||
73 | return false; | ||
74 | } | ||
75 | const isHttp = normalizedURL.startsWith(rendererBaseURL); | ||
76 | const isWs = normalizedURL.startsWith(webSocketBaseURL); | ||
77 | return !isHttp && !isWs; | ||
78 | } | 72 | } |
79 | 73 | ||
80 | session.webRequest.onBeforeRequest(({ url, method }, callback) => { | 74 | session.webRequest.onBeforeRequest(({ url, method }, callback) => { |