[Security] Port remains open after webpage is closed

[wparad]

After the configuration page is closed, the port in which the configuration page is being hosted on is still open. This is a huge security vulnerability, how can we circumvent this?

[bassmanitram]

It shouldn't be happening... The 'beforeExit' event is supposed to trigger the killing of the server... Which testing in my context confirms. Can you tell me your setup so I can try and emulate it here.

…

On Mon, Jun 3, 2024, 18:53 Warren Parad ***@***.***> wrote: After the configuration page is closed, the port in which the configuration page is being hosted on is still open. This is a huge security vulnerability, how can we circumvent this? — Reply to this email directly, view it on GitHub <#66>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADAKLWTU3E527LN42KSUJMDZFSNQTAVCNFSM6AAAAABIW4LZ42VHI2DSMVQWIX3LMV43ASLTON2WKOZSGMZTCNRSGY3TGMA> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[wparad]

What is supposed to kill the server. When I close the tab the server is of course still running, right?

The server starts and tab opens when I click the Actions For Nautilus Configurator from the XFCE applications menu. It runs this /usr/share/actions-for-nautilus-configurator/start-configurator.sh

This is on:

• Xubuntu 24.04
• Brave Browser

Is that enough information, or is there something else I should share?

[bassmanitram]

When you close the tab it should NOT be running

…

On Tue, Jun 4, 2024, 00:18 Warren Parad ***@***.***> wrote: What is supposed to kill the server. When I close the tab the server is of course still running, right? The server starts and tab opens when I click the Actions For Nautilus Configurator from the XFCE applications menu. It runs this /usr/share/actions-for-nautilus-configurator/start-configurator.sh This is on: - Xubuntu 24.04 - Brave Browser Is that enough information, or is there something else I should share? — Reply to this email directly, view it on GitHub <#66 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADAKLWUTX7XAFN3RSWCL5Z3ZFTTTNAVCNFSM6AAAAABIW4LZ42VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBWGIZDCOBVGQ> . You are receiving this because you commented.Message ID: ***@***.***>

[wparad]

beforeExit is a nodejs event, not a javascript browser tab event isn't it? If it is, I can't find the documentation on that.

[bassmanitram]

I'm not at the code at the moment so I am probably quoting the wrong event,but in the editor JavaScript you will see the 'beforeWhatever' event handler that sends a message to the swrver to close. When I get time I'll get back in front of the code.

…

On Tue, Jun 4, 2024, 15:47 Warren Parad ***@***.***> wrote: beforeExit is a nodejs event, not a javascript browser tab event isn't it? If it is, I can't find the documentation on that. — Reply to this email directly, view it on GitHub <#66 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADAKLWQMCWCYRYLPLAFXB3DZFXAQVAVCNFSM6AAAAABIW4LZ42VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBXGU4DGNZQHE> . You are receiving this because you commented.Message ID: ***@***.***>