From 35a360fe66d1e85584866f23daf452fcd36c090b Mon Sep 17 00:00:00 2001 From: Marshall Greenblatt Date: Thu, 25 Mar 2021 13:07:17 -0400 Subject: [PATCH] Remove CefBrowserSettings.web_security (fixes issue #3058) --- include/cef_api_hash.h | 8 ++++---- include/internal/cef_types.h | 8 -------- include/internal/cef_types_wrappers.h | 1 - libcef/browser/prefs/renderer_prefs.cc | 1 - 4 files changed, 4 insertions(+), 14 deletions(-) diff --git a/include/cef_api_hash.h b/include/cef_api_hash.h index b92929cec..dd6592521 100644 --- a/include/cef_api_hash.h +++ b/include/cef_api_hash.h @@ -42,13 +42,13 @@ // way that may cause binary incompatibility with other builds. The universal // hash value will change if any platform is affected whereas the platform hash // values will change only if that particular platform is affected. -#define CEF_API_HASH_UNIVERSAL "694bc8d68956bd174529f72fea5710929ac8bbf0" +#define CEF_API_HASH_UNIVERSAL "730ab5758854ad187e677f5fbdce57df8e8f4f5e" #if defined(OS_WIN) -#define CEF_API_HASH_PLATFORM "597ae4ad020de2665469e7de990d784bfda8d514" +#define CEF_API_HASH_PLATFORM "747d77b684a4b579cd2c0420a7323d236f632741" #elif defined(OS_MAC) -#define CEF_API_HASH_PLATFORM "fa3b4a918791bf53a4a8715ac9f0c843a3c08061" +#define CEF_API_HASH_PLATFORM "fe46b846c15428ca6b30c817778f710b810fba7b" #elif defined(OS_LINUX) -#define CEF_API_HASH_PLATFORM "83ff6d6fb2e0ac8447f68fa6141091cc9f666ca0" +#define CEF_API_HASH_PLATFORM "57af9a254cb00b2a3cec85238942ee87fa53ef9d" #endif #ifdef __cplusplus diff --git a/include/internal/cef_types.h b/include/internal/cef_types.h index c525f50ab..37b2e99eb 100644 --- a/include/internal/cef_types.h +++ b/include/internal/cef_types.h @@ -585,14 +585,6 @@ typedef struct _cef_browser_settings_t { /// cef_state_t file_access_from_file_urls; - /// - // Controls whether web security restrictions (same-origin policy) will be - // enforced. Disabling this setting is not recommend as it will allow risky - // security behavior such as cross-site scripting (XSS). Also configurable - // using the "disable-web-security" command-line switch. - /// - cef_state_t web_security; - /// // Controls whether image URLs will be loaded from the network. A cached image // will still be rendered if requested. Also configurable using the diff --git a/include/internal/cef_types_wrappers.h b/include/internal/cef_types_wrappers.h index 08310cffb..71b95b7fc 100644 --- a/include/internal/cef_types_wrappers.h +++ b/include/internal/cef_types_wrappers.h @@ -705,7 +705,6 @@ struct CefBrowserSettingsTraits { target->universal_access_from_file_urls = src->universal_access_from_file_urls; target->file_access_from_file_urls = src->file_access_from_file_urls; - target->web_security = src->web_security; target->image_loading = src->image_loading; target->image_shrink_standalone_to_fit = src->image_shrink_standalone_to_fit; diff --git a/libcef/browser/prefs/renderer_prefs.cc b/libcef/browser/prefs/renderer_prefs.cc index 7e74f640f..01bac713f 100644 --- a/libcef/browser/prefs/renderer_prefs.cc +++ b/libcef/browser/prefs/renderer_prefs.cc @@ -253,7 +253,6 @@ void SetCefPrefs(const CefBrowserSettings& cef, web.allow_universal_access_from_file_urls); SET_STATE(cef.file_access_from_file_urls, web.allow_file_access_from_file_urls); - SET_STATE(cef.web_security, web.web_security_enabled); SET_STATE(cef.image_loading, web.loads_images_automatically); SET_STATE(cef.image_shrink_standalone_to_fit, web.shrinks_standalone_images_to_fit);