|
|
|
|
|
|
by chrisdevereux
3849 days ago
|
|
|
Most embeddable webviews allow binding additional methods that call into native though. This is how cordova works, in fact. If you're restricting access to local html/js, it shouldnt be any different to nw/electron from a security perspective. Edit: looks like the tint framework linked above actually isolates the webview from the node runtime. Nice. |
|
|