Inicio Explorar Axuda
Iniciar sesión
gregory
/
ElectronMCLauncher
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Disable eval(), its use is not needed and improves security.

Daniel Scalzi %!s(int64=7) %!d(string=hai) anos
pai
1b38629084
achega
92d8a5e254
Modificáronse 2 ficheiros con 8 adicións e 2 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 2 2
      app/assets/js/scripts/actionbinder.js
  2. 6 0
      app/assets/js/scripts/uicore.js

+ 2 - 2
app/assets/js/scripts/actionbinder.js
Ver ficheiro 

@@ -13,9 +13,9 @@ document.addEventListener('readystatechange', function(){
 
         }
 
     }
 
 
-    if (document.readyState === 'interactive'){
 
+    /*if (document.readyState === 'interactive'){
 
         
-    }
 
+    }*/
 
 }, false)
 
 
 /* Overlay Wrapper Functions */

+ 6 - 0
app/assets/js/scripts/uicore.js
Ver ficheiro 

@@ -8,6 +8,12 @@
 
 const $                         = require('jquery');
 
 const {remote, shell, webFrame} = require('electron')
 
 
+// Disable eval function.
 
+// eslint-disable-next-line
 
+window.eval = global.eval = function () {
 
+    throw new Error('Sorry, this app does not support window.eval().')
 
+}
 
+
 
 // Disable zoom, needed for darwin.
 
 webFrame.setZoomLevel(0)
 
 webFrame.setVisualZoomLevelLimits(1, 1)