-
Notifications
You must be signed in to change notification settings - Fork 15k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The handler of "setWindowOpenHandler" not fires on Electron 12.0.0 #27967
Comments
Hi, Looks like the setWindowOpenHandler doesnt handle I feel like I've missed something in the documentation about it https://www.electronjs.org/docs/api/window-open If an example is required: Example output - first click on the anchor, then on the button |
Hi. Yes, I knew about it and used it before Electron 12.0.0. I read the documentation and noticed that a new handler is recommended, but since it doesn't work, I decided to create an issue. |
I would expect that the given code in the reproduction step: also would prevent a new window from being opened if having It feels like the same underlying issue so I wont create a new issue for it at this point. |
12.0.2 still has this problem |
Just stumbled upon this issue on my end. We previously relied on Seeing Given the deprecated standard and the new standard have different coverage over a potentially security-critical surface area,
|
As a temporary fix before #28498, for anyone looking to prevent navigations to untrusted origins it should still possible to use the web-contents-created event emitted when a new app.on('web-contents-created', (createEvent, contents) => {
contents.on('new-window', newEvent => {
console.log("Blocked by 'new-window'")
newEvent.preventDefault();
});
contents.on('will-navigate', newEvent => {
console.log("Blocked by 'will-navigate'")
newEvent.preventDefault()
});
contents.setWindowOpenHandler(({ url }) => {
if (url.startsWith("https://doyensec.com/")) {
setImmediate(() => {
shell.openExternal(url);
});
return { action: 'allow' }
} else {
console.log("Blocked by 'setWindowOpenHandler'")
return { action: 'deny' }
}
})
}); Link to the Fiddle gist used for testing. This works from 12.0.0 to the latest 12.0.2 as for now. == 2022 Edit |
@codebytere Why this issue closed? I don't see this commit neither in release branch of 12.0.4 nor in changelog. |
@Delagen This is now being backported to 12 - it should be in the next 12 release, thanks for the catch! 👍 |
Just tested on Electron V13 and |
Preflight Checklist
Issue Details
Expected Behavior
Handler fires and no new window opens
Actual Behavior
Handler fails and a new window opens
To Reproduce
The text was updated successfully, but these errors were encountered: