fix: disabled drag-and-drop from outside the application

Security fix: Thanks to @Suhas-Gaikwad for reporting and helping with this issue
meetalva · Feb 1, 2018 · cf1fe2f · cf1fe2f
1 parent 67db7ca
commit cf1fe2f
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 0 deletions.
diff --git a/src/component/app.tsx b/src/component/app.tsx
@@ -212,3 +212,19 @@ MobX.autorun(() => {
 });
 
 ReactDom.render(<App store={store} />, document.getElementById('app'));
+
+// Disable drag and drop from outside the application
+document.addEventListener(
+	'dragover',
+	event => {
+		event.preventDefault();
+	},
+	false
+);
+document.addEventListener(
+	'drop',
+	event => {
+		event.preventDefault();
+	},
+	false
+);
diff --git a/src/component/preview.tsx b/src/component/preview.tsx
@@ -52,3 +52,19 @@ ipcRenderer.on('open-styleguide', (event: {}, message: JsonObject) => {
 window.onload = () => {
 	ReactDom.render(<PreviewApp store={store} />, document.getElementById('app'));
 };
+
+// Disable drag and drop from outside the application
+document.addEventListener(
+	'dragover',
+	event => {
+		event.preventDefault();
+	},
+	false
+);
+document.addEventListener(
+	'drop',
+	event => {
+		event.preventDefault();
+	},
+	false
+);