A current electron app template with the most popular frameworks, designed and built with security in mind. (If you are curious about what makes an electron app secure, please check out this page).

Taken from the best-practices official page, here is what this repository offers!

1. Only load secure content - ✅ (But the developer is responsible for loading secure assets only 🙂)
2. Do not enable node.js integration for remote content - ✅
3. Enable context isolation for remote content - ✅
4. Handle session permission requests from remote content - ✅
5. Do not disable websecurity - ✅
6. Define a content security policy - ✅
7. Do not set allowRunningInsecureContent to true - ✅
8. Do not enable experimental features - ✅
9. Do not use enableBlinkFeatures - ✅
10. Do not use allowpopups - ✅
11. <webview> verify options and params - ✅
12. Disable or limit navigation - ✅
13. Disable or limit creation of new windows - ✅
14. Do not use openExternal with untrusted content - ✅
15. Disable remote module - ✅
16. Filter the remote module - ✅
17. Use a current version of electron - ✅

Built-in to this template are a number of popular frameworks already wired up to get you on the road running.

• Electron
• React
• Redux (with Redux toolkit)
• Babel
• Webpack (with webpack-dev-server)
• Electron builder (for packaging up your app)
• Mocha

What would a template be without some helpful additions?

• i18next (with this plugin for localization).
• Store (for saving config/data)
• Context menu (supports custom context menus)
• Easy redux undo (for undo/redoing your redux actions)
• License key validation (for validating a user has the proper license to use your app) new!

For a more detailed view of the architecture of the template, please check out here. I would highly recommend reading this document to get yourself familiarized with this template.

To get started, clone the repository by clicking the button, or through the command line (git clone https://github.com/reZach/secure-electron-template.git).

Once cloned, install the dependencies for the repo by running the following commands (you do not have to run the first command if your command line is already inside the newly cloned respository):

cd secure-electron-template
npm i
npm run dev

Are you using yarn? You'll want to read this issue.

When you'd like to test your app in production, or package it for distribution, please navigate to this page for more details on how to do this.

Please see our faq for any common questions you might have. NEW TO ELECTRON? Please visit this page.

If you've built any applications with our template, we'd love to see them!.