Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.misconfiguration

Harden Electron webPreferences

Electron renderers should not run with unsafe webPreferences that weaken isolation or transport protection.

#Metadata

Rule ID
ts.security.electron-dangerous-webpreferences
Severity
high
Confidence
0.94
Languages
javascript, typescript
Presets
security, strict
Stability
stable
Applies to
block
Tags
desktop, electron, rules-catalog, security

#Why it matters

Options such as nodeIntegration, contextIsolation, and webSecurity directly control whether renderer compromise becomes host compromise.

#Remediation

Keep contextIsolation and webSecurity enabled, disable nodeIntegration and enableRemoteModule, and prefer sandbox true.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.electron-dangerous-webpreferences.rule.yaml.

Back to directoryOpen rule in repository