The current electron documentation suggests implementing communication between the main world and context isolated renderer worlds via MessageChannels / MessagePorts1.
However, this extension isn't really helpful if we apply the above advice as all relevant IPC traffic does not flow through the ipcMain / ipcRenderer interfaces.
Therefore I suggest additionally tracking all MessagePort instances which have been transferred through the relevant ipc interfaces. This would require either intercepting the postMessage calls or the message events.
The current electron documentation suggests implementing communication between the main world and context isolated renderer worlds via
MessageChannels /MessagePorts1.However, this extension isn't really helpful if we apply the above advice as all relevant IPC traffic does not flow through the
ipcMain/ipcRendererinterfaces.Therefore I suggest additionally tracking all
MessagePortinstances which have been transferred through the relevant ipc interfaces. This would require either intercepting thepostMessagecalls or themessageevents.Footnotes
https://www.electronjs.org/docs/latest/tutorial/message-ports#communicating-directly-between-the-main-process-and-the-main-world-of-a-context-isolated-page ↩