secure-electron-template
The best way to build Electron apps with security in mind.
If you are curious about what makes an electron app secure, please check out this page.
Features
Taken from the best-practices official page, here is what this repository offers!
- Only load secure content - (Need help!)
- Do not enable node.js integration for remote content - ✅
- Enable context isolation for remote content - ✅
- Handle session permission requests from remote content - ✅
- Do not disable websecurity - ✅
- Define a content security policy - ✅
- Do not set allowRunningInsecureContent to true - ✅
- Do not enable experimental features - ✅
- Do not use enableBlinkFeatures - ✅
- Do not use allowpopups - ✅
- <webview> verify options and params - ✅
- Disable or limit navigation - ✅
- Disable or limit creation of new windows - ✅
- Do not use openExternal with untrusted content - ✅
- Disable remote module - ✅
- Filter the remote module - ✅
- Use a current version of electron - ✅
Included frameworks
Built-in to this template are a number of popular frameworks already wired up to get you on the road running.
- Electron
- React
- Redux (with Redux toolkit)
- Babel
- Webpack (with webpack-dev-server)
- i18next (with this plugin for localization).
- Store (for saving config/data)
- Electron builder (for packaging up your app)
- Easy redux undo (for undo/redoing your redux actions)
Roadmap
There are a number of additions that I'd like to implement in this repository, namely auto-updating and more release-focused enhancements and test suites, but those are lower priority (but I welcome PRs!).
Architecture
For a more detailed view of the architecture of the template, please check out here. I would highly recommend reading this document to get yourself familiarized with this template.
How to get started
Click the 
button to get started.
Alternatively, if you want to fork and contribute to the template, you can follow these commands:
git clone https://github.com/reZach/secure-electron-template.git
cd secure-electron-template
npm i
npm run dev
FAQ
Please see our faq for any common questions you might have.