ajinabraham.njsscan.security_electronjs.electron_experimental_features
1,129
Download Count*
License
Experimental features are not expected to be in production ready applications.
Run Locally
Run in CI
Defintion
rules:
- id: electron_experimental_features
patterns:
- pattern-either:
- pattern: |
new BrowserWindow({webPreferences: {experimentalFeatures: true}})
- pattern: |
var $X = {webPreferences: {experimentalFeatures: true}};
message: Experimental features are not expected to be in production ready
applications.
languages:
- javascript
severity: WARNING
metadata:
owasp: "A6: Security Misconfiguration"
cwe: "CWE-272: Least Privilege Violation"
Short Link: https://sg.run/Lwpn