no-electron-unchecked-ipc-sender

Disallow privileged Electron IPC handlers that do not validate the sender.

Targeted pattern scope

ipcMain.on/ipcMain.handle callbacks without sender/frame trust validation.

What this rule reports

Privileged IPC handlers that process requests without checking sender origin/frame trust.

Why this rule exists

Unvalidated IPC senders can let compromised renderers invoke privileged main-process operations.

❌ Incorrect

ipcMain.handle("read-file", async (event) => readFile("secret.txt"));

✅ Correct

ipcMain.handle("read-file", async (event) => {
 if (!event.senderFrame?.url?.startsWith("https://example.com")) return null;
 return "ok";
});

ESLint flat config example

import sdl from "eslint-plugin-sdl-2";

export default [
 {
  plugins: { sdl },

  rules: {
   "sdl/no-electron-unchecked-ipc-sender": "error",
  },
 },
];

When not to use it

Disable only if IPC sender trust is enforced by a reviewed abstraction that this rule cannot currently observe.

Package documentation

Rule source

Targeted pattern scope​

What this rule reports​

Why this rule exists​

❌ Incorrect​

✅ Correct​

ESLint flat config example​

When not to use it​

Package documentation​

Further reading​