From ef87c9d2857791c45e4a4185df0e3a1d1487f6ce Mon Sep 17 00:00:00 2001
From: Paul Delhanty <paul.delhanty_git@cadcambridge.net>
Date: Fri, 14 Aug 2020 22:05:04 +0900
Subject: [PATCH] Turn on new `worldSafeExecuteJavaScript` webPreference.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

<https://github.com/electron/electron/pull/24114>
"Previously the return values of webFrame.executeJavaScript crossed the world boundary when context isolation was enabled. This allows apps to makes themselves insecure by accidentally sending objects from the isolated world back to the main world. To help devs avoid this we're adding this new flag, and this flag will be turned on by default in Electron 12 (and removed) ensuring that this kind of issue can't become a thing again.

This PR is also requesting new minors of 8 and 9 😄

Notes: Added new worldSafeExecuteJavaScript webPreference to ensure that the return values from webFrame.executeJavaScript are world safe when context isolation is enabled"
---
 src/main.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/main.ts b/src/main.ts
index 960f7c5..f68e8f7 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -26,7 +26,13 @@ function launch() {
 		height: 600,
 		minWidth: 600,
 		backgroundColor: 'white',
-		titleBarStyle: 'hidden'
+		titleBarStyle: 'hidden',
+        webPreferences: {
+          // Need `contextIslation` and `worldSafeExecuteJavaScript` both set
+          // to silence recent `webFrame.executeJavaScript` warnings.
+          contextIsolation:           true,
+          worldSafeExecuteJavaScript: true
+        },
 	});
 
 	win.loadURL(