aaron/mattermost-desktop
1
0
Fork 0
Code Issues Pull requests Actions 2 Packages Projects Releases Wiki Activity

[MM-50948] Prevent popup windows from navigating outside of the plugin/managed resource URLs (#2580)

Browse source
This commit is contained in:
Devin Binnie 2023-03-06 09:11:39 -05:00 committed by GitHub
parent b62b25fdda
commit 417e53cb13
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/main/views/webContentEvents.ts
View file

@ -187,6 +187,17 @@ export class WebContentsEventManager {
spellcheck: (typeof spellcheck === 'undefined' ? true : spellcheck), spellcheck: (typeof spellcheck === 'undefined' ? true : spellcheck),
}, },
}); });
this.popupWindow.webContents.on('will-redirect', (event, url) => {
const parsedURL = urlUtils.parseURL(url);
if (!parsedURL) {
event.preventDefault();
return;
}
if (urlUtils.isInternalURL(serverURL, parsedURL) && !urlUtils.isPluginUrl(serverURL, parsedURL) && !urlUtils.isManagedResource(serverURL, parsedURL)) {
event.preventDefault();
}
});
this.popupWindow.webContents.setWindowOpenHandler(this.denyNewWindow); this.popupWindow.webContents.setWindowOpenHandler(this.denyNewWindow);
this.popupWindow.once('ready-to-show', () => { this.popupWindow.once('ready-to-show', () => {
this.popupWindow!.show(); this.popupWindow!.show();