From 418c0ea04aece3a341c90be1a87f823380aaf994 Mon Sep 17 00:00:00 2001 From: Brendan Allan <14191578+Brendonovich@users.noreply.github.com> Date: Mon, 18 May 2026 15:43:28 +0800 Subject: [PATCH] feat(desktop): add notification permission for renderer (#28119) --- packages/desktop/src/main/windows.ts | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/packages/desktop/src/main/windows.ts b/packages/desktop/src/main/windows.ts index 3150a5237b..e1b87cad69 100644 --- a/packages/desktop/src/main/windows.ts +++ b/packages/desktop/src/main/windows.ts @@ -9,6 +9,8 @@ const rendererRoot = join(root, "../renderer") const rendererProtocol = "oc" const rendererHost = "renderer" const clipboardWritePermission = "clipboard-sanitized-write" +const notificationPermission = "notifications" +const rendererPermissions = new Set([clipboardWritePermission, notificationPermission]) protocol.registerSchemesAsPrivileged([ { @@ -109,7 +111,7 @@ export function createMainWindow() { }, }) - allowClipboardWrite(win) + allowRendererPermissions(win) win.webContents.session.webRequest.onBeforeSendHeaders((details, callback) => { const { requestHeaders } = details @@ -162,7 +164,7 @@ export function createLoadingWindow() { }, }) - allowClipboardWrite(win) + allowRendererPermissions(win) loadWindow(win, "loading.html") @@ -199,16 +201,16 @@ function loadWindow(win: BrowserWindow, html: string) { void win.loadURL(`${rendererProtocol}://${rendererHost}/${html}`) } -function allowClipboardWrite(win: BrowserWindow) { +function allowRendererPermissions(win: BrowserWindow) { win.webContents.session.setPermissionRequestHandler((webContents, permission, callback, details) => { callback( - permission === clipboardWritePermission && + rendererPermissions.has(permission) && isTrustedRendererUrl(details.requestingUrl) && webContents.id === win.webContents.id, ) }) win.webContents.session.setPermissionCheckHandler((webContents, permission, requestingOrigin, details) => { - if (permission !== clipboardWritePermission) return false + if (!rendererPermissions.has(permission)) return false if (webContents && webContents.id !== win.webContents.id) return false return isTrustedRendererUrl(details.requestingUrl) || isTrustedRendererUrl(requestingOrigin) })