paulmataruso/zulip-desktop
1
0
Fork 0
mirror of https://github.com/zulip/zulip-desktop.git synced 2025-11-04 05:53:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: Code clean up.

Browse Source
This commit is contained in:
Akash Nimare
2018-03-22 14:15:19 +05:30
parent 9dde6fb6e4
commit ea6665cd10
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/renderer/js/shared/preventdrag.js
View File

@@ -1,14 +1,17 @@
'use strict';
const preventDragandDrop = () => {
// This is a security fix. Following function prevents drag and drop event in the app
// so that attackers can't execute any remote code within the app
// It doesn't affect the compose box so that users can still
// use drag and drop event to share files etc
const preventDragAndDrop = () => {
document.addEventListener('dragover', event => {
console.log(event);
event.preventDefault();
});
document.addEventListener('drop', event => {
console.log(event);
event.preventDefault();
});
};
preventDragandDrop();
preventDragAndDrop();