@electron/remote

![Test](https://github.com/electron/remote/actions/workflows/test.yml)
![npm version](https://npmjs.org/package/@electron/remote)

@electron/remote is an Electron module that bridges
JavaScript objects from the main process to the renderer process. This lets you
access main-process-only objects as if they were available in the renderer
process.

> ⚠️ Warning! This module has [many subtle
> pitfalls][remote-considered-harmful]. There is almost always a better way to
> accomplish your task than using this module. For example, ipcRenderer.invoke can serve many common use cases.

@electron/remote is a replacement for the built-in remote module in
Electron, which is deprecated and will eventually be removed.

Migrating from `remote`

> NOTE: @electron/remote requires Electron 13 or higher.

There are three things you need to do to migrate from the built-in remote
module to @electron/remote.

First, you need to install it from NPM:

``shell $ npm install --save @electron/remote`

Second, @electron/remote/mainmust be initialized in the main process before it can be used from the renderer:

`javascript // in the main process: require('@electron/remote/main').initialize()`

Third, require('electron').remotein the renderer process must be replaced withrequire('@electron/remote').

`javascript // in the renderer process:

// Before const { BrowserWindow } = require('electron').remote

// After const { BrowserWindow } = require('@electron/remote')`

Note: Since this is requiring a module through npm rather than a built-in module, if you're usingremotefrom a sandboxed process, you'll need to configure your bundler appropriately to package the code of@electron/remotein the preload script. Of course, [using@electron/remotemakes the sandbox much less effective][remote-considered-harmful].

Note: In electron >= 14.0.0, you must use the new enable API to enable the remote module for each desired WebContents separately: require("@electron/remote/main").enable(webContents).

In electron < 14.0.0, @electron/remote respects the enableRemoteModuleWebPreferences value. You must pass{ webPreferences: { enableRemoteModule: true } }to the constructor ofBrowserWindows that should be granted permission to use@electron/remote.

`API Reference`

The remotemodule provides a simple way to do inter-process communication (IPC) between the renderer process (web page) and the main process.

In Electron, GUI-related modules (such as dialog, menuetc.) are only available in the main process, not in the renderer process. In order to use them from the renderer process, theipcmodule is necessary to send inter-process messages to the main process. With theremotemodule, you can invoke methods of the main process object without explicitly sending inter-process messages, similar to Java's [RMI][rmi]. An example of creating a browser window from a renderer process:

`javascript const { BrowserWindow } = require('@electron/remote') let win = new BrowserWindow({ width: 800, height: 600 }) win.loadURL('https://github.com')`

In order for this to work, you first need to initialize the main-process side of the remote module:

`javascript // in the main process: require('@electron/remote/main').initialize()`

Note: In electron >= 14.0.0 the remote module is disabled by default for any WebContents instance and is only enabled for specified WebContents after explicitly calling require("@electron/remote/main").enable(webContents).

In electron < 14.0.0the remote module can be disabled for security reasons in the following contexts: -BrowserWindow - by setting the enableRemoteModule option to false. - - by setting the enableremotemodule attribute to false.

`Remote Objects`

Each object (including functions) returned by the remotemodule represents an object in the main process (we call it a remote object or remote function). When you invoke methods of a remote object, call a remote function, or create a new object with the remote constructor (function), you are actually sending synchronous inter-process messages.

In the example above, both BrowserWindow and winwere remote objects andnew BrowserWindow didn't create a BrowserWindowobject in the renderer process. Instead, it created aBrowserWindowobject in the main process and returned the corresponding remote object in the renderer process, namely thewin object.

Note: Only [enumerable properties][enumerable-properties] which are present when the remote object is first referenced are accessible via remote.

Note: Arrays and Buffers are copied over IPC when accessed via the remotemodule. Modifying them in the renderer process does not modify them in the main process and vice versa.

`Lifetime of Remote Objects`

Electron makes sure that as long as the remote object in the renderer process lives (in other words, has not been garbage collected), the corresponding object in the main process will not be released. When the remote object has been garbage collected, the corresponding object in the main process will be dereferenced.

If the remote object is leaked in the renderer process (e.g. stored in a map but never freed), the corresponding object in the main process will also be leaked, so you should be very careful not to leak remote objects.

Primary value types like strings and numbers, however, are sent by copy.

`Passing callbacks to the main process`

Code in the main process can accept callbacks from the renderer - for instance theremotemodule - but you should be extremely careful when using this feature.

First, in order to avoid deadlocks, the callbacks passed to the main process are called asynchronously. You should not expect the main process to get the return value of the passed callbacks.

For instance you can't use a function from the renderer process in anArray.map called in the main process:

`javascript // main process mapNumbers.js exports.withRendererCallback = (mapper) => { return [1, 2, 3].map(mapper) }

exports.withLocalCallback = () => { return [1, 2, 3].map(x => x + 1) }`

`javascript // renderer process const mapNumbers = require('@electron/remote').require('./mapNumbers') const withRendererCb = mapNumbers.withRendererCallback(x => x + 1) const withLocalCb = mapNumbers.withLocalCallback()

console.log(withRendererCb, withLocalCb) // [undefined, undefined, undefined], [2, 3, 4]`

As you can see, the renderer callback's synchronous return value was not as expected, and didn't match the return value of an identical callback that lives in the main process.

Second, the callbacks passed to the main process will persist until the main process garbage-collects them.

For example, the following code seems innocent at first glance. It installs a callback for theclose event on a remote object:

`javascript require('@electron/remote').getCurrentWindow().on('close', () => { // window was closed... })`

But remember the callback is referenced by the main process until you explicitly uninstall it. If you do not, each time you reload your window the callback will be installed again, leaking one callback for each restart.

To make things worse, since the context of previously installed callbacks has been released, exceptions will be raised in the main process when thecloseevent is emitted.

To avoid this problem, ensure you clean up any references to renderer callbacks passed to the main process. This involves cleaning up event handlers, or ensuring the main process is explicitly told to dereference callbacks that came from a renderer process that is exiting.

`Accessing built-in modules in the main process`

The built-in modules in the main process are added as getters in the remotemodule, so you can use them directly like theelectron module.

`javascript const app = require('@electron/remote').app console.log(app)`

`Methods`

The remote module has the following methods:

`$3`

* module String

Returns any - The object returned by require(module)in the main process. Modules specified by their relative path will resolve relative to the entrypoint of the main process.

e.g.

`sh project/ ├── main │ ├── foo.js │ └── index.js ├── package.json └── renderer └── index.js`

`js // main process: main/index.js const { app } = require('@electron/remote') app.whenReady().then(() => { / ... / })`

`js // some relative module: main/foo.js module.exports = 'bar'`

`js // renderer process: renderer/index.js const foo = require('@electron/remote').require('./foo') // bar`

`$3`

Returns BrowserWindow - The window to which this web page belongs.

Note: Do not use removeAllListeners on BrowserWindow. Use of this can remove allblurlisteners, disable click events on touch bar buttons, and other unintended consequences.

`$3`

Returns WebContents - The web contents of this web page.

`$3`

* name String

Returns any - The global variable of name (e.g. global[name]) in the main process.

`Properties`

`$3`

A NodeJS.Process object. The processobject in the main process. This is the same asremote.getGlobal('process') but is cached.

`Overriding exposed objects`

Without filtering, @electron/remotewill provide access to any JavaScript object that any renderer requests. In order to control what can be accessed,@electron/remoteprovides an opportunity to the app to return a custom result for any ofgetGlobal, require, getCurrentWindow, getCurrentWebContents, or any of the builtin module properties.

The following events will be emitted first on the appElectron module, and then on the specificWebContentswhich requested the object. When emitted on theapp module, the first parameter after the Eventobject will be theWebContentswhich originated the request. If any handler callspreventDefault, the request will be denied. If a returnValueparameter is set on the result, then that value will be returned to the renderer instead of the default.

`Events`

`$3`

Returns:

* eventEvent *moduleName String

Emitted when remote.require() is called in the renderer process of webContents. Callingevent.preventDefault()will prevent the module from being returned. Custom value can be returned by settingevent.returnValue.

`$3`

Returns:

* eventEvent *globalName String

Emitted when remote.getGlobal() is called in the renderer process of webContents. Callingevent.preventDefault()will prevent the global from being returned. Custom value can be returned by settingevent.returnValue.

`$3`

Returns:

* eventEvent *moduleName String

Emitted when remote.getBuiltin()is called in the renderer process ofwebContents, including when a builtin module is accessed as a property (e.g.require("@electron/remote").BrowserWindow). Callingevent.preventDefault()will prevent the module from being returned. Custom value can be returned by settingevent.returnValue.

`$3`

Returns:

* event Event

Emitted when remote.getCurrentWindow() is called in the renderer process of webContents. Callingevent.preventDefault()will prevent the object from being returned. Custom value can be returned by settingevent.returnValue.

`$3`

Returns:

* event Event

Emitted when remote.getCurrentWebContents() is called in the renderer process of webContents. Callingevent.preventDefault()will prevent the object from being returned. Custom value can be returned by settingevent.returnValue`.

[rmi]: https://en.wikipedia.org/wiki/Java_remote_method_invocation
[enumerable-properties]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Enumerability_and_ownership_of_properties
[remote-considered-harmful]: https://medium.com/@nornagon/electrons-remote-module-considered-harmful-70d69500f31