CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js — Codean Labs
This post details CVE-2024-4367, a vulnerability in PDF.js found by Codean Labs. PDF.js is a JavaScript-based PDF viewer maintained by Mozilla. This bug allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened. This affects all Firefox users (<126) because PDF.js is used by Firefox to show PDF files, but also seriously impacts many web- and Electron-based a
Ecosystem 2023 Recap | Electron
Reflecting on the improvements and changes in Electron's developer ecosystem in 2023. In the past few months, we've been cooking up some changes across the Electron ecosystem to supercharge the developer experience for Electron apps! Here’s a swift rundown of the latest additions straight from Electron HQ. Electron Forge 7 and beyondElectron Forge 7 — the newest major version of our all-in-one to
Electron(v.15.0.0 現在)の IPC 通信入門 - よりセキュアな方法への変遷 - Qiita
2021/09/22にリリースされた v.15.0.0 中でIPC通信周りに大きな変更はありませんでした。 ただ、その前のバージョン(14.0.0)で、contextBridge.exposeInMainWorld(apiKey, api)からExperimental(実験的)が取れ、正式運用となっていたようです(#30011)。 Electron における IPC 通信 Electron で Desktop アプリケーションを作るにあたって理解しなければならないのは、根幹を成す「IPC通信」かと思います。IPC は Inter-Process Communication、プロセス間通信の略です。 IPC 通信の方法については、Electron において、いくつかの段階を経て、進化を遂げています。今回の記事では、その歴史を追いながら、仕組みとセキュアな方法を書いていきたいと思います。 なぜ
WebView2 and Electron | Electron
Over the past weeks, we’ve received several questions about the differences between the new WebView2 and Electron. Both teams have the expressed goal of making web-tech the best it can be on the Desktop, and a shared comprehensive comparison is being discussed. Electron and WebView2 are fast-moving and constantly evolving projects. We have assembled a brief snapshot of similarities and differences
The Secret of Good Electron Apps
tl;dr Check out https://github.com/jlongster/electron-with-server-example Some people really hate Electron apps. The idea that an app includes an entire copy of the Chrome web browser sounds ridiculous. This feeling is validated when looking at the apps on your machine — they eat up memory, boot slowly, and aren't very responsive. It's hard enough to build good apps on web, why the heck are we bri
Introducing Electron Fiddle
Over the past four years, I have introduced thousands of developers to Electron. I’ve also worked with and on apps with millions of end users. All too often, I’ve dreamed about a tool that would make running small experiments, quickly compiling tiny apps, and the discovery of the Electron platform more accessible. I’ve seen how empowering “code playgrounds” like JSFiddle, Glitch, or CodePen can be
My journey to bring Web Push support to Node and Electron
Push notifications are now used on all platforms (mobile, Web and desktop). When developing a cross-platform application, the main goal is to bring a shared set of features to all users whatever the platform they are using. The easiest way to send and receive notifications is to use Firebase Cloud Messaging (FCM), which provides integrations for Android, iOS and Web. Unfortunately, if you’re like
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Introducing Portal Windows for Electron