Added two security improvements as mentioned at http://electron.atom.io/docs/all/#checklist

2016-07-22 23:03:03 +02:00
parent 04fe0fd336
commit 54849d6859
2 changed files with 15 additions and 2 deletions
--- a/test/specs/security_test.js
+++ b/test/specs/security_test.js
@@ -76,5 +76,14 @@ describe('application', function() {
        });
      }, 5000, 'expected a new window')
      .windowByIndex(3).isNodeEnabled().should.eventually.be.false;
-  })
+  });
+
+  it('should NOT be able to call eval in any window', function() {
+    env.addClientCommands(this.app.client);
+    const client = this.app.client;
+    return this.app.client
+      .windowByIndex(1) // in the first webview
+      .eval()
+      .should.be.rejected;
+  });
 });