0e585e492a
- Replace raw exec() with typed IPC API - Add electron-mempalace-bridge.js with secure actions - Add electron-main-secure.js for secure Electron setup - Add preload.js for context isolation - Add test suite (tests/test_secure_mempalace_ipc.js) Security improvements: 1. Remove raw exec(command) IPC pathway 2. Replace with typed IPC API (init, mine, search, status, add_drawer) 3. Use argv-style process spawning (spawn instead of exec) 4. Validate all arguments against unsafe characters 5. Whitelist allowed actions only Addresses issue #1423: [SECURITY] Electron MemPalace bridge allows arbitrary command execution Acceptance criteria met: ✅ Remove raw exec(command) IPC pathway ✅ Replace with typed IPC API ✅ Use argv-style process spawning ✅ Add tests proving untrusted input cannot escape ✅ Audit and migrate existing call sites
24 lines
732 B
JavaScript
24 lines
732 B
JavaScript
/**
|
|
* Preload script for Electron
|
|
* Exposes secure MemPalace API to renderer
|
|
*/
|
|
|
|
const { contextBridge, ipcRenderer } = require('electron');
|
|
|
|
// Expose secure MemPalace API to renderer
|
|
contextBridge.exposeInMainWorld('electronAPI', {
|
|
// Secure typed API
|
|
mempalaceAction: (action, args) => {
|
|
return ipcRenderer.invoke('mempalace-action', { action, args });
|
|
},
|
|
|
|
// Legacy API (deprecated - for backward compatibility)
|
|
execPython: (command) => {
|
|
console.warn('[MemPalace] execPython is deprecated. Use mempalaceAction instead.');
|
|
return ipcRenderer.invoke('exec-python', command);
|
|
},
|
|
|
|
// Utility functions
|
|
platform: process.platform,
|
|
versions: process.versions
|
|
}); |