[security] Do not expose Electron APIs to untrusted web content

### Describe the bug

As per the electron docs: https://www.electronjs.org/docs/latest/tutorial/security#20-do-not-expose-electron-apis-to-untrusted-web-content

## What's the problem?

The `ipcRenderer.on` method allows the renderer process to access `IpcRendererEvent` which is the first argument of the listener/callback

```
on(channel, listener) {
      ipcRenderer.on(channel, listener)
      return () => {
        ipcRenderer.removeListener(channel, listener)
      }
  },
```


### Electron-Toolkit Version

v1.0.0 - preload 3.0.2

### Electron Version

v37

### Validations

- [x] Follow the [Code of Conduct](https://github.com/alex8088/electron-toolkit/blob/master/CODE_OF_CONDUCT.md).
- [x] Read the [Contributing Guidelines](https://github.com/alex8088/electron-toolkit/blob/master/CONTRIBUTING.md).
- [x] Read the [docs](https://github.com/alex8088/electron-toolkit#readme).
- [x] Check that there isn't [already an issue](https://github.com/alex8088/electron-toolkit/issues) that reports the same bug to avoid creating a duplicate.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[security] Do not expose Electron APIs to untrusted web content #24

Describe the bug

What's the problem?

Electron-Toolkit Version

Electron Version

Validations

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[security] Do not expose Electron APIs to untrusted web content #24

Description

Describe the bug

What's the problem?

Electron-Toolkit Version

Electron Version

Validations

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions