ajinabraham.njsscan.security_electronjs.electron_blink_integration

1,129

Download Count*

License

Blink's expirimental features are enabled in this application. Some of the features may affect the security of the application.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: electron_blink_integration
    patterns:
      - pattern-either:
          - pattern: |
              new BrowserWindow({webPreferences: {enableBlinkFeatures: '...'}})
          - pattern: |
              var $X = {webPreferences: {enableBlinkFeatures: '...'}};
    message: Blink's expirimental features are enabled in this application. Some of
      the features may affect the security of the application.
    languages:
      - javascript
    severity: WARNING
    metadata:
      owasp: "A6: Security Misconfiguration"
      cwe: "CWE-272: Least Privilege Violation"

Short Link: https://sg.run/ndD1