diff --git a/electron/createWindow.js b/electron/createWindow.js
index bddb0e24d..2d24199e1 100644
--- a/electron/createWindow.js
+++ b/electron/createWindow.js
@@ -191,8 +191,11 @@ export default appState => {
   });
 
   window.webContents.setWindowOpenHandler((details) => {
-    // Open the link in a browser tab.
-    shell.openExternal(details.url);
+    // Only open http and https links to prevent
+    // security issues.
+    if (['https:', 'http:'].includes(new URL(details.url).protocol)) {
+      shell.openExternal(details.url);
+    }
     return { action: 'deny' };
   });