Bulk Messaging System

Documentation

Back to Home
GitHub
Project Overview
Getting Started

API Reference

Configuration Parameters
Environment Variables Gmail Oauth 2 Configuration SMTP Configuration Whats App Client Configuration
Electron IPC API
File Operations IPC Gmail & SMTP IPC Handlers Whats App Event System Whats App IPC Handlers
Python Backend API
File Upload Endpoint Health Check Endpoint Manual Number Parsing Endpoint Phone Number Validation Endpoint

Contact Management System

File Import And Processing Manual Contact Entry Interface Phone Number Validation And Normalization Pyodide Runtime Integration

Desktop Application Architecture

Main Process Architecture
Cleanup And Lifecycle Management File System Operations IPC Handlers Whats App Client Integration Window Management
Renderer Process Architecture
Component Hierarchy And Structure State Management And Data Flow UI Service Integration And IPC Communication
Build System And Distribution Security Model And Isolation

Gmail API Integration

Authentication And Delivery Troubleshooting Email Composition And Sending Oauth 2 Authentication Flow Token Storage And Management

Python Backend Services

Contact Extraction Utilities
CSV File Extraction Excel File Extraction TXT File Extraction
Flask API Endpoints Local Development Server Phone Number Validation

SMTP Email Integration

SMTP Authentication SMTP Email Sending Implementation SMTP Server Configuration SMTP Troubleshooting And Error Handling

Security Implementation

Authentication Security
Credential Storage And Encryption Gmail Oauth 2 Security SMTP Authentication Security Whats App Local Auth Security
Credential Storage And Encryption Electron Security Model Input Validation And Sanitization

Whats App Integration

Authentication And Session Management Bulk Sending Engine Contact Import And Management Message Composition And Templates Status Monitoring And Progress Tracking
Build And Deployment
Development Guidelines
Frontend User Interface
Troubleshooting Guide
Home Projects Bulk Messaging System Security Implementation Electron Security Model

Electron Security Model

Referenced Files
main.jspreload.jsgmail-handler.jssmtp-handler.jsutils.jsBulkMailer.jsxWhatsAppForm.jsxGmailForm.jsxSMTPForm.jsxpackage.jsonvite.config.jselectron-builder.jsonREADME.md
#

Table of Contents#

  1. Introduction

  2. Project Structure

  3. Core Components

  4. Architecture Overview

  5. Detailed Component Analysis

  6. Dependency Analysis

  7. Performance Considerations

  8. Troubleshooting Guide

  9. Conclusion

  10. Appendices

#

Introduction#

This document provides comprehensive security documentation for the Electron application’s security model. It focuses on context isolation configuration, nodeIntegration and webPreferences hardening, preload script security architecture, IPC communication patterns, webSecurity implications, remote module restrictions, sandboxing techniques, privilege separation between main and renderer processes, and best practices for secure Electron development. It also covers vulnerability mitigation strategies, compliance considerations, and common pitfalls with prevention methods.

#

Project Structure#

The Electron application follows a clear separation of concerns:

  • Main process: Initializes BrowserWindow, configures webPreferences, registers IPC handlers, and manages external integrations (WhatsApp, Gmail, SMTP).

  • Renderer process: React UI that communicates with the main process via a controlled preload bridge.

  • Preload script: Exposes a minimal, auditable API surface to the renderer using contextBridge.

  • Handlers: Implement secure operations in the main process for Gmail, SMTP, and WhatsApp.

graph TB subgraph "Main Process" MW["BrowserWindow
webPreferences"] IPC["ipcMain handlers"] WH["WhatsApp Client"] GH["Gmail Handler"] SH["SMTP Handler"] end subgraph "Preload" CB["contextBridge"] API["electronAPI"] end subgraph "Renderer (React)" UI["BulkMailer.jsx
WhatsAppForm.jsx
GmailForm.jsx
SMTPForm.jsx"] end MW --> IPC IPC --> WH IPC --> GH IPC --> SH MW --> CB CB --> API API --> UI

Diagram sources

Section sources

#

Core Components#

  • Context Isolation: Enabled in BrowserWindow webPreferences to prevent renderer access to Node.js APIs.

  • Node Integration: Disabled to eliminate direct Node.js access in the renderer.

  • Remote Module: Disabled to prevent unsafe remote object exposure.

  • webSecurity: Enabled to enforce same-origin policy and mitigate XSS risks.

  • Preload Bridge: Uses contextBridge to expose a minimal, typed API surface to the renderer.

  • IPC Handlers: Centralized in main process for all privileged operations.

Security implications:

  • Disabling nodeIntegration and enabling context isolation prevents prototype pollution and DOM-based exploits.

  • Enabling webSecurity enforces CORS and same-origin policies.

  • Disabling remote module eliminates potential RCE vectors via remote.require.

  • Preload bridge ensures only explicitly exposed methods reach the renderer.

Section sources

#

Architecture Overview#

The security architecture relies on strict privilege separation:

  • Main process: Executes privileged operations, manages external services, and validates inputs.

  • Renderer process: UI-only, with no direct access to Node.js or Electron internals.

  • Preload: Acts as a gatekeeper, exposing only safe IPC invocations.

sequenceDiagram participant UI as "Renderer UI" participant PB as "Preload Bridge" participant MP as "Main Process" participant GH as "Gmail Handler" participant SH as "SMTP Handler" UI->>PB : invoke("gmail-auth") PB->>MP : ipcRenderer.invoke("gmail-auth") MP->>GH : handleGmailAuth() GH-->>MP : {success, error?} MP-->>PB : result PB-->>UI : result UI->>PB : invoke("send-email", payload) PB->>MP : ipcRenderer.invoke("send-email", payload) MP->>GH : handleSendEmail(event, payload) GH-->>MP : {success, results?} MP-->>PB : result PB-->>UI : result

Diagram sources

#

Detailed Component Analysis#

Context Isolation and webPreferences Hardening#

  • Context Isolation: Enabled to prevent renderer scripts from accessing Node.js globals.

  • Node Integration: Disabled to eliminate direct Node.js usage in the renderer.

  • Remote Module: Disabled to avoid exposing Electron’s remote APIs.

  • webSecurity: Enabled to enforce same-origin policy and reduce XSS attack surface.

  • Preload Path: Explicitly configured to load the secure preload script.

Security benefits:

  • Prototype injection attacks are mitigated.

  • Renderer cannot tamper with main process objects.

  • Cross-origin resource access is restricted.

Section sources

Preload Script Security Architecture#

The preload script exposes a controlled API surface:

  • Uses contextBridge to attach electronAPI to the window object.

  • Exposes only explicit IPC invocations and event listeners.

  • Returns cleanup functions for event listeners to prevent memory leaks.

Security benefits:

  • Renderer cannot access Node.js APIs directly.

  • IPC calls are auditable and typed.

  • Event listener registration is explicit and removable.

flowchart TD Start(["Preload Initialization"]) --> Expose["Expose electronAPI via contextBridge"] Expose --> DefineMethods["Define IPC methods and listeners"] DefineMethods --> ReturnAPI["Return API to Renderer"] ReturnAPI --> Cleanup["Provide cleanup functions for listeners"] Cleanup --> End(["Secure Bridge Ready"])

Diagram sources

Section sources

IPC Communication Security Patterns#

  • ipcMain.handle registrations in main process centralize privileged operations.

  • Renderer invokes IPC using ipcRenderer.invoke for request-response semantics.

  • Event-driven updates (e.g., WhatsApp status) use ipcRenderer.on with cleanup.

Security benefits:

  • No direct renderer-to-main process code execution.

  • Request-response pattern reduces ambiguity and improves auditability.

  • Event listeners are removed on unmount to prevent leaks.

sequenceDiagram participant UI as "Renderer UI" participant PB as "Preload Bridge" participant MP as "Main Process" participant WH as "WhatsApp Client" UI->>PB : invoke("whatsapp-start-client") PB->>MP : ipcRenderer.invoke("whatsapp-start-client") MP->>WH : new Client(...) and initialize() WH-->>MP : events (qr, ready, authenticated, error) MP-->>PB : status updates PB-->>UI : status updates

Diagram sources

Section sources

Gmail Handler Security#

  • OAuth2 flow runs in a dedicated BrowserWindow with context isolation.

  • Redirect handling validates the OAuth callback and exchanges code for tokens.

  • Tokens are stored securely using electron-store.

  • Email sending uses the authenticated client with progress reporting.

Security benefits:

  • OAuth2 is handled in a separate isolated window.

  • Token exchange occurs in main process with environment variable validation.

  • Progress events are sent via event.sender to avoid exposing internal state.

Section sources

SMTP Handler Security#

  • Validates SMTP configuration before creating transport.

  • Supports TLS verification and optional certificate bypass for self-signed certs.

  • Stores partial SMTP config (without password) when requested.

  • Sends emails with rate limiting and progress updates.

Security benefits:

  • Transport creation is validated and verified.

  • Partial credential storage avoids plaintext passwords.

  • Controlled rate limiting reduces risk of throttling or blocking.

Section sources

Renderer UI Integration and Security#

  • BulkMailer listens for WhatsApp status and QR updates via electronAPI.

  • UI components validate inputs and display sanitized progress.

  • Event listeners are cleaned up on component unmount.

Security benefits:

  • Renderer remains UI-only with no direct access to Electron APIs.

  • Input validation reduces risk of malformed data reaching main process.

  • Cleanup prevents memory leaks and unintended event subscriptions.

Section sources

Sandbox and Privilege Separation#

  • The application does not enable BrowserWindow sandbox option in the provided code.

  • Security relies on context isolation, disabled nodeIntegration, disabled remote module, and webSecurity.

  • External service integrations (WhatsApp Web, Gmail API, SMTP) are executed in the main process.

Security implications:

  • Without sandbox, renderer-level exploits could potentially escape to OS-level primitives.

  • The current configuration mitigates most common renderer-side vulnerabilities.

  • Consider enabling sandbox for additional defense-in-depth.

Section sources

#

Dependency Analysis#

External dependencies relevant to security:

  • electron-store: Provides encrypted local storage for tokens and configs.

  • googleapis: Used for Gmail API authentication and sending.

  • nodemailer: Used for SMTP email sending.

  • whatsapp-web.js: Used for WhatsApp Web integration.

graph LR Main["main.js"] --> ES["electron-store"] Main --> WWeb["whatsapp-web.js"] Main --> GH["gmail-handler.js"] Main --> SH["smtp-handler.js"] GH --> GA["googleapis"] SH --> NM["nodemailer"]

Diagram sources

Section sources

#

Performance Considerations#

  • Rate limiting delays between sends reduce provider throttling and improve reliability.

  • QR code generation and rendering occur in main process to avoid heavy work in renderer.

  • Event-driven progress updates keep UI responsive without blocking.

[No sources needed since this section provides general guidance]

#

Troubleshooting Guide#

Common security-related issues and resolutions:

  • Renderer cannot access Node.js APIs: Ensure context isolation is enabled and nodeIntegration is disabled.

  • IPC methods missing: Verify preload bridge exposes the method and renderer checks availability before invoking.

  • OAuth redirect failures: Confirm redirect URI matches configuration and window is created with context isolation.

  • SMTP TLS errors: Validate host/port/security settings and certificate configuration.

Section sources

#

Conclusion#

The application implements a robust Electron security model by leveraging context isolation, disabling nodeIntegration and remote module, enforcing webSecurity, and using a minimal preload bridge. IPC handlers in the main process encapsulate all privileged operations, while the renderer remains UI-only. Additional hardening measures such as enabling sandbox and stricter CSP could further strengthen the model. Adhering to the best practices outlined below will help maintain a secure and compliant application.

[No sources needed since this section summarizes without analyzing specific files]

#

Appendices#

Security Best Practices for Electron Applications#

  • Keep Electron and dependencies updated to benefit from security patches.

  • Use context isolation, disable nodeIntegration, disable remote module, and enable webSecurity.

  • Implement a minimal preload bridge and validate all IPC payloads.

  • Store sensitive data using encrypted storage and avoid exposing secrets in renderer.

  • Enforce strict Content Security Policy (CSP) and consider enabling sandbox.

  • Sanitize and validate all user inputs and file uploads.

  • Use HTTPS and TLS for all network communications.

  • Implement rate limiting and respect provider quotas.

  • Regularly audit third-party libraries for vulnerabilities.

[No sources needed since this section provides general guidance]

Compliance Considerations#

  • Follow platform-specific guidelines for desktop app distribution.

  • Ensure adherence to provider terms (Gmail, WhatsApp, SMTP).

  • Implement data retention and deletion policies.

  • Provide privacy notices and user controls for data handling.

Section sources

Previous Credential Storage And Encryption
Next Input Validation And Sanitization