Secure Electron Template
The best way to build Electron apps with security in mind.
Overview:
The secure-electron-template is an Electron app template designed and built with security in mind. It includes popular frameworks such as Electron, React, Typescript, and Redux. The template focuses on following best practices for security and includes features like loading secure content, enabling context isolation for remote content, and handling session permission requests. It also provides additional modules for localization, storing config/data, custom context menus, and more. The template's architecture is documented for better understanding, and there is an FAQ section for common questions. Users are encouraged to share their applications built using this template.
Features:
- Only load secure content
- Do not enable node.js integration for remote content
- Enable context isolation for remote content
- Handle session permission requests from remote content
- Do not disable web security
- Define a content security policy
- Do not set allowRunningInsecureContent to true
- Do not enable experimental features
- Do not use enableBlinkFeatures
- Do not use allowpopups
<webview>verify options and params- Disable or limit navigation
- Disable or limit creation of new windows
- Do not use openExternal with untrusted content
- Disable remote module
- Filter the remote module
- Use a current version of Electron
Summary:
The secure-electron-template is an Electron app template that prioritizes security. It includes key features for secure content loading, isolation for remote content, session permission handling, and more. The template also provides popular frameworks and additional modules for localization, data storage, custom context menus, and license key validation. It is well-documented and encourages users to contribute their applications built using this template.
- React
React is a widely used JavaScript library for building user interfaces and single-page applications. It follows a component-based architecture and uses a virtual DOM to efficiently update and render UI components
- Bulma
Bulma is a free, open source CSS framework based on Flexbox and built with Sass. It's 100% responsive, fully modular, and available for free.
- Templates & Themes
A template or theme refers to a pre-designed layout or structure that provides a basic framework for building a specific type of application or website. It typically includes good design, placeholder content and functional features, allowing developers to customize and fill in the details according to their specific needs.
- Redux
Redux is a state management library for JavaScript apps that provides a predictable and centralized way to manage application state. It enables developers to write actions and reducers that update the state in response to user interactions, server responses, and other events, and can be used with a variety of front-end frameworks and back-end technologies.
- Typescript
TypeScript is a superset of JavaScript, providing optional static typing, classes, interfaces, and other features that help developers write more maintainable and scalable code. TypeScript's static typing system can catch errors at compile-time, making it easier to build and maintain large applications.
- Webpack
Webpack is a popular open-source module bundler for JavaScript applications that bundles and optimizes the code and its dependencies for production-ready deployment. It can also be used to transform other types of assets such as CSS, images, and fonts.