Function secureHandle

secureHandle<T extends unknown[]>(
    channel: string,
    handler: (event: IpcMainInvokeEvent, ...args: T) => unknown,
    mainWindow: BrowserWindow,
): void

Internal

Creates and registers a secure IPC handler with sender validation. Wraps the handler to verify the request originates from the main window.

Type Parameters

T extends unknown[]

Parameters

channel: string
The IPC channel name.
handler: (event: IpcMainInvokeEvent, ...args: T) => unknown
The handler function to register.
mainWindow: BrowserWindow
The main application window for sender validation.

Returns void

Source

function secureHandle<T extends unknown[]>(
  channel: string,
  handler: (event: IpcMainInvokeEvent, ...args: T) => unknown,
  mainWindow: BrowserWindow,
): void {
  ipcMain.handle(channel, async (event: IpcMainInvokeEvent, ...args: T) => {
    // Validate sender
    if (!isValidSender(event, mainWindow)) {
      const error = new Error(`Unauthorized IPC call to channel: ${channel}`);
      console.error(`[IPC Security] ❌ ${error.message}`);
      throw error;
    }

    // Call original handler if validation passes
    return handler(event, ...args);
  });
}