I added a Content-Security-Policy but still the security warning appears
I added a Content-Security-Policy as suggested here: https://www.electronjs.org/docs/tutorial/security#6-define-a-content-security-policy and here: https://content-security-policy.com/examples/electron/
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self'">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>New Electron App</title>
</head>
<body>
<span>Our new Electron app</span>
<div id="root"></div>
</body>
</html>
But still I get this message: “Electron Security Warning (Insecure Content-Security-Policy). This renderer process has either no Content Security Policy set or a policy with “unsafe-eval” enabled. This exposes users of this app to unnecessary security risks. This warning will not show up once the app is packaged.”
How to solve this security warning?
Least two ways to disable CSP : no package.json
Disable through CLI
Consider running Electron's app source file main.js within CLI as so: ELECTRON_DISABLE_SECURITY_WARNINGS=true npx electron main.js
Hereby using npx I did consider you was clever and installed Electron locally beforehand .
Disable through the process
Define anywhere (top-level would be at best) the following process.env['ELECTRON_DISABLE_SECURITY_WARNINGS']=true
- Building node-usb for Electron
- `electron-builder` failed with code signing error in mac
- How to limit Chromium GPU process system memory usage?
- css border: 1px appear as 0.667px or 1px depending on the computer / display resolution (?)
- packaging an electron App results in an empty UI
- Electron Take Up 100% Of Screen (Not Full Screen)
- I added a Content-Security-Policy but still the security warning appears
- How to force UI draw in ElectronJS prior to intense computation task?
- Electron opens additional window on startup
- Electron preload functions not recognized after browser refresh
- How to access some electron modules from renderer process with nodeIntegration enabled?
- How can I access the sqlite3 database file in production with electron?
- How to extract programmatically an image buffer from already loaded page?
- Trying to read resources of an external executable file C++
- How to get the absolute path of a file dragged onto an input file in Electron?
- Electron: get full path of uploaded file
- How to drop a file from explorer and get it's full path to electronjs app
- How to use React Router with Electron?
- Electron with React- trying to import ipcRenderer - preload.js is not being called
- electron-builder makensis process failed ERR_ELECTRON_BUILDER_CANNOT_EXECUTE - no useful error?
- Determine if current connection is wired or wireless with NodeJS on Windows
- How to natively show the Save Changes Dialog when closing an Electron app?
- Content Security Policy wildcard seems to be ignored
- Making a Confirmation in Electron.js
- Unable to load assets in custom .scss file in Angular Electron application
- Using NPM, Electron or a CLI program get information about the media that is currently playing on the computer
- capture screen with electron when rendering a web site
- How to remove "generated from" tag?
- Electron Forge: Error: ENOENT: no such file or directory
- Electron window.open() opens all windows on macos only