diff --git a/desktop/main.js b/desktop/main.js index 472653ab5..f9698ff70 100644 --- a/desktop/main.js +++ b/desktop/main.js @@ -40,6 +40,17 @@ function createWindow() { return { action: 'deny' }; }); + // Prevent same-window navigation to external origins. + // Only allow navigation to the local express server. + mainWindow.webContents.on('will-navigate', (event, navigationUrl) => { + const parsedUrl = new URL(navigationUrl); + // Allow navigations to the local express server + if (parsedUrl.hostname === '127.0.0.1' || parsedUrl.hostname === 'localhost') { + return; + } + event.preventDefault(); + }); + // Hide the toolbar mainWindow.setMenuBarVisibility(false)