🐛 Fix vulnerability

Author: i1u5

package.json

@@ -6,7 +6,7 @@
     "Jack 'DooMLorD' W. <doomlordcs@gmail.com> (https://github.com/doomlerd)"
   ],
   "description": "Discord Rich Presence for web services",
-  "version": "2.2.17",
+  "version": "2.2.16",
   "repository": {
     "type": "git",
     "url": "git://github.com/PreMiD/Linux.git"
@@ -21,7 +21,7 @@
     "start": "electron dist/app/.",
     "dev": "devScript",
     "dist": "tsc && devScript --copyOnly && cd dist/app/ && yarn install",
-    "build": "electron-builder --project ./dist/app/",
+    "build": "electron-builder --project ./dist/app/ -p never",
     "build:appimage": "electron-builder --project ./dist/app/ build -l AppImage --x64 -p onTagOrDraft",
     "build:n-appimage": "electron-builder --project ./dist/app/ build -l AppImage --x64 -p never"
   },

src/managers/socketManager.ts

@@ -4,10 +4,10 @@ import { app, dialog } from "electron";
 import { update as updateSettings } from "./settingsManager";
 import { openFileDialog } from "./presenceDevManager";
 import {
-  rpcClients,
-  setActivity,
-  clearActivity,
-  getDiscordUser
+	rpcClients,
+	setActivity,
+	clearActivity,
+	getDiscordUser
 } from "./discordManager";
 import { trayManager } from "..";
 
@@ -17,70 +17,74 @@ export let server: Server;
 export let connected: boolean = false;
 
 export function init() {
-  return new Promise(resolve => {
-    //* Create server
-    //* create SocketIo server, don't server client
-    //* Try to listen to port 3020
-    //* If that fails/some other error happens run socketError
-    //* If someone connects to socket socketConnection
-    server = createServer();
-    io = socketIo(server, { serveClient: false });
-    server.listen(3020, () => {
-      //* Resolve promise
-      resolve();
-      console.log("Opened socket");
-    });
-    server.on("error", socketError);
-    io.on("connection", socketConnection);
-  });
+	return new Promise((resolve) => {
+		//* Create server
+		//* create SocketIo server, don't server client
+		//* Try to listen to port 3020
+		//* If that fails/some other error happens run socketError
+		//* If someone connects to socket socketConnection
+		server = createServer();
+		io = socketIo(server, { serveClient: false });
+		io.origins((o, c) => {
+			if (o !== "*") c("Not a chrome extension, socket denied.", false);
+			c(null, true);
+		});
+		server.listen(3020, () => {
+			//* Resolve promise
+			resolve();
+			console.log("Opened socket");
+		});
+		server.on("error", socketError);
+		io.on("connection", socketConnection);
+	});
 }
 
 function socketConnection(cSocket: socketIo.Socket) {
-  //* Set exported socket letiable to current socket
-  //* Handle setActivity event
-  //* Handle clearActivity event
-  //* Handle settingsUpdate
-  //* Handle presenceDev
-  //* Handle version request
-  //* Once socket user disconnects run cleanup
-  console.log("Socket connection");
-  socket = cSocket;
-  getDiscordUser().then(user => socket.emit("discordUser", user));
-  socket.on("setActivity", setActivity);
-  socket.on("clearActivity", clearActivity);
-  socket.on("settingUpdate", updateSettings);
-  socket.on("selectLocalPresence", openFileDialog);
-  socket.on("getVersion", () =>
-    socket.emit("receiveVersion", app.getVersion().replace(/[\D]/g, ""))
-  );
-  socket.once("disconnect", () => {
-    connected = false;
-    trayManager.update();
-    //* Destroy all open RPC connections
-    console.log("Socket disconnected.");
-    rpcClients.forEach(c => c.destroy());
-  });
-  connected = true;
-  trayManager.update();
+	//* Set exported socket letiable to current socket
+	//* Handle setActivity event
+	//* Handle clearActivity event
+	//* Handle settingsUpdate
+	//* Handle presenceDev
+	//* Handle version request
+	//* Once socket user disconnects run cleanup
+	console.log("Socket connection");
+	socket = cSocket;
+	getDiscordUser().then((user) => socket.emit("discordUser", user));
+	socket.on("setActivity", setActivity);
+	socket.on("clearActivity", clearActivity);
+	socket.on("settingUpdate", updateSettings);
+	socket.on("selectLocalPresence", openFileDialog);
+	socket.on("getVersion", () =>
+		socket.emit("receiveVersion", app.getVersion().replace(/[\D]/g, ""))
+	);
+	socket.once("disconnect", () => {
+		connected = false;
+		trayManager.update();
+		//* Destroy all open RPC connections
+		console.log("Socket disconnected.");
+		rpcClients.forEach((c) => c.destroy());
+	});
+	connected = true;
+	trayManager.update();
 }
 
 app.on("quit", () => {
-  if (socket && socket.connected) socket.disconnect(true);
+	if (socket && socket.connected) socket.disconnect(true);
 });
 
 //* Runs on socket errors
 function socketError(e: any) {
-  //* If port in use
-  console.log(`Socket error :\n${e.message}`);
-  if (e.code === "EADDRINUSE") {
-    //* Focus app
-    //* Show error dialog
-    //* Exit app afterwards
-    app.focus();
-    dialog.showErrorBox(
-      "Oh noes! Port error...",
-      `${app.name} could not bind to port ${e.port}.\nIs ${app.name} running already?`
-    );
-    app.quit();
-  }
+	//* If port in use
+	console.log(`Socket error :\n${e.message}`);
+	if (e.code === "EADDRINUSE") {
+		//* Focus app
+		//* Show error dialog
+		//* Exit app afterwards
+		app.focus();
+		dialog.showErrorBox(
+			"Oh noes! Port error...",
+			`${app.name} could not bind to port ${e.port}.\nIs ${app.name} running already?`
+		);
+		app.quit();
+	}
 }

src/util/updateChecker.ts

@@ -5,60 +5,65 @@ export let updateProcess: string = "standby";
 autoUpdater.autoDownload = false;
 
 export async function checkForUpdate(auto = false) {
-  autoUpdater.autoDownload = auto;
-  try {
-    autoUpdater.checkForUpdates();
-  } catch (error) {
-    errHandler(error);
-  }
+	autoUpdater.setFeedURL({
+		provider: "github",
+		owner: "doomlerd",
+		repo: "LinuxUpdater"
+	});
+	autoUpdater.autoDownload = auto;
+	try {
+		autoUpdater.checkForUpdates();
+	} catch (error) {
+		errHandler(error);
+	}
 }
 
 autoUpdater.on("checking-for-update", () => {
-  updateTray("checking");
+	updateTray("checking");
 });
 
 autoUpdater.on("update-available", () => {
-  if (!autoUpdater.autoDownload) {
-    update();
-  }
+	if (!autoUpdater.autoDownload) {
+		update();
+	}
 });
 
 autoUpdater.on("update-not-available", () => {
-  updateTray("standby");
+	updateTray("standby");
 });
 
 autoUpdater.on("update-downloaded", () => {
-  autoUpdater.quitAndInstall();
+	autoUpdater.quitAndInstall();
 });
 
 export async function update() {
-  updateTray("installing");
-  try {
-    autoUpdater.downloadUpdate();
-  } catch (error) {
-    errHandler(error);
-  }
+	updateTray("installing");
+	try {
+		autoUpdater.downloadUpdate();
+	} catch (error) {
+		errHandler(error);
+	}
 }
 
 autoUpdater.on("error", (error: any) => {
-  errHandler(error);
+	errHandler(error);
 });
 
 function updateTray(reason: string) {
-  updateProcess = reason;
-  trayManager.update();
+	updateProcess = reason;
+	trayManager.update();
 }
 
 // Temporarily
 function errHandler(error: any) {
-  if (error.toString().includes("ERR_INTERNET_DISCONNECTED")) {
-    console.log("No internet detected, skipping update check.");
-  } else {
-    console.log(
-      "An error occured while updating " +
-      (autoUpdater.autoDownload ? "[AUTO] :" : "[MANUAL] :"),
-      error ? (error.stack || error).toString() : "unknown"
-    );
-  }
-  updateTray("standby");
+	if (error.toString().includes("ERR_INTERNET_DISCONNECTED")) {
+		console.log("No internet detected, skipping update check.");
+	} else {
+		console.log(
+			"An error occured while updating " +
+			(autoUpdater.autoDownload ? "[AUTO] :" : "[MANUAL] :"),
+			error ? (error.stack || error).toString() : "unknown"
+		);
+	}
+	updateTray("standby");
 }