According to the official doc, "websecurity:true" is the default setting and enabling this setting means enable SOP.
However, in my app, the SOP seems like not working.
"electron": "^11.2.1"
macos:10.15.5
I downloaded the example "electron-quick-start".
I create the browserWindow :
mainWindow = new BrowserWindow({
width: 800,
height: 600,
webPreferences: {
preload: path.join(__dirname, 'preload.js'),
}
})
In my electron app, cross-domain request works and shows that doesn't violate SOP
However, in chrome, cross-domain request doesn't works.
So, what did "websecurity:true" do? how can I use SOP to protect my app?
question from:
https://stackoverflow.com/questions/65929946/electron-how-to-enable-sop 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
