MCPcopy
hub / github.com/21st-dev/1code / validateSender

Function validateSender

src/main/windows/main.ts:336–347  ·  view source on GitHub ↗
(event: Electron.IpcMainInvokeEvent)

Source from the content-addressed store, hash-verified

334
335 // Auth IPC handlers
336 const validateSender = (event: Electron.IpcMainInvokeEvent): boolean => {
337 const senderUrl = event.sender.getURL()
338 try {
339 const parsed = new URL(senderUrl)
340 if (parsed.protocol === "file:") return true
341 const hostname = parsed.hostname.toLowerCase()
342 const trusted = ["21st.dev", "localhost", "127.0.0.1"]
343 return trusted.some((h) => hostname === h || hostname.endsWith(`.${h}`))
344 } catch {
345 return false
346 }
347 }
348
349 ipcMain.handle("auth:get-user", (event) => {
350 if (!validateSender(event)) return null

Callers 1

registerIpcHandlersFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected