Prinzhorn
commented
3 years ago You cannot use contextBridge.exposeInMainWorld that way and you might as well disable contextIsolation (pls don't) completely if you are exposing all these modules. You are losing all security benefits if the renderer process can use child_process or fs. exposeInMainWorld is meant to expose a thin API and not to expose entire modules.
https://www.electronjs.org/docs/latest/api/context-bridge/#contextbridgeexposeinmainworldapikey-api
Function values are proxied to the other context and all other values are copied and frozen. Any data / primitives sent in the API become immutable and updates on either side of the bridge do not result in an update on the other side.
Function values that you bind through the contextBridge are proxied through Electron to ensure that contexts remain isolated. This results in some key limitations that we've outlined below.
Prototype modifications are dropped. Sending classes or constructors will not work.
This issue is not related to better-sqlite3 at all.
JoshuaWise
When i'm going to use this package on my app(browser) it throws that exec is not defined, however package sent to app and creating new database file is available.
Here is my preload.js // https://electronjs.org/docs/tutorial/security // Preload File that should be loaded into browser window instead of // setting nodeIntegration: true for browser window import { contextBridge, ipcRenderer } from 'electron'
contextBridge.exposeInMainWorld('nodejs', { usbDetect: require('usb-detection'), sqlite3: require('better-sqlite3'), process: require('child_process'), path: require('path'), sudoPrompt: require('sudo-prompt'), cryptoJs: require('crypto-js'), linewrap: require('linewrap'), canvasFlatten: require('canvas-flatten'), canvasDither: require('canvas-dither'), buffer8Array: require('buffer-to-uint8array'), iconvLite: require('iconv-lite'), https: require('https'), fs: require('fs'), os: require('os'), ini: require('ini') })
Sample of my usage: var db = nodejs.sqlite3('./database');