Skip to content

Commit ad3aedb

Browse files
steveseguinclaude
andcommitted
Improve permission handling and add secure origin for dev.versus.cam
- Add setPermissionCheckHandler for synchronous permission queries - Add setDevicePermissionHandler for media device access (Electron 17+) - Add speaker-selection and window-management to allowed permissions - Add http://dev.versus.cam to secure origins whitelist Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 parent e1c3014 commit ad3aedb

File tree

1 file changed

+32
-26
lines changed

1 file changed

+32
-26
lines changed

main.js

Lines changed: 32 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1879,7 +1879,7 @@ app.commandLine.appendSwitch('ignore-certificate-errors');
18791879
app.commandLine.appendSwitch('disable-renderer-backgrounding');
18801880
app.commandLine.appendSwitch('disable-http-cache');
18811881
app.commandLine.appendSwitch('ignore-certificate-errors-spki-list');
1882-
app.commandLine.appendSwitch('unsafely-treat-insecure-origin-as-secure', 'http://insecure.vdo.ninja,http://insecure.rtc.ninja,http://whip.vdo.ninja,https://whip.vdo.ninja,http://whep.vdo.ninja,https://whep.vdo.ninja,http://insecure.versus.cam,http://127.0.0.1,https://vdo.ninja,https://versus.cam,https://rtc.ninja');
1882+
app.commandLine.appendSwitch('unsafely-treat-insecure-origin-as-secure', 'http://insecure.vdo.ninja,http://insecure.rtc.ninja,http://whip.vdo.ninja,https://whip.vdo.ninja,http://whep.vdo.ninja,https://whep.vdo.ninja,http://insecure.versus.cam,http://dev.versus.cam,http://127.0.0.1,https://vdo.ninja,https://versus.cam,https://rtc.ninja');
18831883

18841884

18851885
var counter=0;
@@ -3063,7 +3063,6 @@ async function createWindow(args, reuse=false) {
30633063

30643064

30653065
try {
3066-
30673066
mainWindow.webContents.on('dom-ready', async (event)=> {
30683067
console.log('dom-ready');
30693068

@@ -4224,33 +4223,40 @@ app.whenReady().then(function(){
42244223
console.log("APP READY");
42254224

42264225
// Set up permission handling for the session partition used by windows
4227-
session.fromPartition("persist:abc").setPermissionRequestHandler((webContents, permission, callback) => {
4228-
try {
4229-
let allowedPermissions = [
4230-
"audioCapture",
4231-
"videoCapture",
4232-
"desktopCapture",
4233-
"pageCapture",
4234-
"tabCapture",
4235-
"mediaKeySystem",
4236-
"media",
4237-
"experimental"
4238-
];
4239-
4240-
if (allowedPermissions.includes(permission)) {
4241-
callback(true); // Approve permission request
4242-
} else {
4243-
console.error(
4244-
`The application tried to request permission for '${permission}'. This permission was not whitelisted and has been blocked.`
4245-
);
4246-
callback(false); // Deny
4247-
}
4248-
} catch(e) {
4249-
console.error(e);
4250-
callback(false); // Deny on error
4226+
const allowedPermissions = [
4227+
"audioCapture",
4228+
"videoCapture",
4229+
"desktopCapture",
4230+
"pageCapture",
4231+
"tabCapture",
4232+
"mediaKeySystem",
4233+
"media",
4234+
"speaker-selection",
4235+
"window-management",
4236+
"experimental"
4237+
];
4238+
4239+
session.fromPartition("persist:abc").setPermissionRequestHandler((webContents, permission, callback, details) => {
4240+
if (allowedPermissions.includes(permission)) {
4241+
callback(true);
4242+
} else {
4243+
console.warn(`Permission '${permission}' not whitelisted`);
4244+
callback(false);
42514245
}
42524246
});
42534247

4248+
session.fromPartition("persist:abc").setPermissionCheckHandler((webContents, permission, requestingOrigin) => {
4249+
return allowedPermissions.includes(permission);
4250+
});
4251+
4252+
session.fromPartition("persist:abc").setDevicePermissionHandler((details) => {
4253+
// Allow media devices, but not USB/HID
4254+
if (details.deviceType === 'hid' || details.deviceType === 'usb') {
4255+
return false;
4256+
}
4257+
return true;
4258+
});
4259+
42544260
// Register protocol handler first
42554261
registerProtocolHandling();
42564262

0 commit comments

Comments
 (0)