> ## Documentation Index
> Fetch the complete documentation index at: https://docs.overlayed.gg/llms.txt
> Use this file to discover all available pages before exploring further.

# @overlayed/app/security

> Security utilities for protecting your Electron application

The `@overlayed/app/security` module provides security utilities for Electron applications.

## assertNoProhibitedArgs

Checks for prohibited command line arguments and aborts the app if any are found.

* **Type**

  ```typescript theme={null}
  function assertNoProhibitedArgs(options?: Partial<ProhibitedArgumentsOptions>): void;
  ```

* **Details**

  This function checks command line arguments for potentially dangerous command line arguments. If any prohibited
  arguments are found, the application will exit.

  **Important Notes:**

  * It's strongly recommended to call this function before any other code is executed
  * You may want to only call this function in production via `import.meta.env.PROD` or similar
  * Individual argument checks can be disabled by passing them in the options object

* **Example**

  ```typescript theme={null}
  import { assertNoProhibitedArgs } from "@overlayed/app/security";

  // Block all prohibited arguments
  assertNoProhibitedArgs();

  // Allow specific arguments
  assertNoProhibitedArgs({
  	args: {
  		"--inspect": false, // Don't block --inspect
  	},
  });
  ```

## ProhibitedArgumentsOptions

Configuration options for `assertNoProhibitedArgs`.

* **Type**

  ```typescript theme={null}
  interface ProhibitedArgumentsOptions {
  	args: Partial<Record<ProhibitedArguments, boolean>>;
  }

  type ProhibitedArguments =
  	| "--inspect"
  	| "--inspect-brk"
  	| "--inspect-port"
  	| "--remote-debugging-port"
  	| "--remote-debugging-address"
  	| "--remote-debugging-pipe"
  	| "--remote-allow-origins"
  	| "--auto-open-devtools-for-tabs"
  	| "--devtools"
  	| "--disable-web-security"
  	| "--allow-file-access-from-files"
  	| "--allow-running-insecure-content"
  	| "--unsafely-treat-insecure-origin-as-secure"
  	| "--load-extension"
  	| "--proxy-server"
  	| "--proxy-bypass-list"
  	| "--no-sandbox"
  	| "--disable-gpu-sandbox";
  ```

* **Details**

  The `args` property is a record where:

  * Keys are prohibited argument names
  * Values are booleans indicating whether to check for that argument
  * `true` (default) means the argument is prohibited
  * `false` means the argument is allowed

* **Example**

  ```typescript theme={null}
  import { assertNoProhibitedArgs } from "@overlayed/app/security";

  // Allow --inspect and --inspect-brk, block everything else
  assertNoProhibitedArgs({
  	args: {
  		"--inspect": false,
  		"--inspect-brk": false,
  	},
  });
  ```
