POTENTIAL SECURITY RISKS

[TechStudent10]

In main.js, webPreferences look like this:

webPreferences: {
	nodeIntegration: true,
	webviewTag: true,
	enableRemoteModule: true,
	contextIsolation: false,
	preload: `${__dirname}/scripts/preload.js`
},

Now, somethings to really look out for:

1. Node Integration is on. Hackers could possibly access Node APIs on insecure websites. BE CAREFUL.
2. The <webview> tag is on. This is to enable web browsing. Its Chromium API is undergoing some changes, but as far as I understand, there are no major security risks.
3. The @electron/remote is enabled. This is for the windows controls.
4. Context Isolation is off. THIS IS A MAJOR SECURITY RISK. USE ICEWOLF AT YOUR OWN RISK.

[KendallDoesCoding]

I would suggest you add this inside the security advisories for this repo or people can exploit these security issues... If you put it in security advisories, I believe only the owner, collabs of the repo can see it!

[KendallDoesCoding]

I would suggest you add this inside the security advisories for this repo or people can exploit these security issues... If you put it in security advisories, I believe only the owner, collabs of the repo can see it!

nvm sorry, anyone can see it there as well so it doesn't matter, ignore my above statement!