William O'Beirne df52521c17 MEW-01-009 & MEW-01-010: Electron security fixes (#910)
* Handle opening of external links in electron. Minor refactor of window code.

* Convert updates from in-app modal to electron dialogs. Remove in-app code and preload bridge.

* Refine new window blocking. Re-enable tsconfig to look at electron-app.

* Clean up shared

* Whoops, wrong protocol format
2018-01-26 13:53:51 -06:00

79 lines
1.9 KiB
TypeScript

import { BrowserWindow, Menu, shell } from 'electron';
import { URL } from 'url';
import MENU from './menu';
import updater from './updater';
const isDevelopment = process.env.NODE_ENV !== 'production';
// Cached reference, preventing recreations
let window;
// Construct new BrowserWindow
export default function getWindow() {
if (window) {
return window;
}
window = new BrowserWindow({
title: 'MyEtherWallet',
backgroundColor: '#fbfbfb',
width: 1220,
height: 800,
minWidth: 320,
minHeight: 400,
// TODO - Implement styles for custom title bar in components/ui/TitleBar.scss
// frame: false,
// titleBarStyle: 'hidden',
webPreferences: {
devTools: true,
nodeIntegration: false,
contextIsolation: true
}
});
const port = process.env.HTTPS ? '3443' : '3000';
const appUrl = isDevelopment ? `http://localhost:${port}` : `file://${__dirname}/index.html`;
window.loadURL(appUrl);
window.on('closed', () => {
window = null;
});
window.webContents.on('new-window', (ev, urlStr) => {
// Kill all new window requests by default
ev.preventDefault();
// Only allow HTTPS urls to actually be opened
const url = new URL(urlStr);
if (url.protocol === 'https:') {
shell.openExternal(urlStr);
} else {
console.warn(`Blocked request to open new window '${urlStr}', only HTTPS links are allowed`);
}
});
window.webContents.on('did-finish-load', () => {
updater(window);
});
window.webContents.on('devtools-opened', () => {
window.focus();
setImmediate(() => {
window.focus();
});
});
if (isDevelopment) {
window.webContents.on('did-fail-load', () => {
setTimeout(() => {
if (window && window.webContents) {
window.webContents.reload();
}
}, 500);
});
}
Menu.setApplicationMenu(Menu.buildFromTemplate(MENU));
return window;
}