diff --git a/cef1/include/capi/cef_origin_whitelist_capi.h b/cef1/include/capi/cef_origin_whitelist_capi.h index e6fb2d1ac..917ec861e 100644 --- a/cef1/include/capi/cef_origin_whitelist_capi.h +++ b/cef1/include/capi/cef_origin_whitelist_capi.h @@ -67,8 +67,11 @@ extern "C" { // the same-origin policy. Scripts hosted underneath the fully qualified // |source_origin| URL (like http://www.example.com) will be allowed access to // all resources hosted on the specified |target_protocol| and |target_domain|. -// If |allow_target_subdomains| is true (1) access will also be allowed to all -// subdomains of the target domain. +// If |target_domain| is non-NULL and |allow_target_subdomains| if false (0) +// only exact domain matches will be allowed. If |target_domain| is non-NULL and +// |allow_target_subdomains| is true (1) sub-domain matches will be allowed. If +// |target_domain| is NULL and |allow_target_subdomains| if true (1) all domains +// and IP addresses will be allowed. // // This function cannot be used to bypass the restrictions on local or display // isolated schemes. See the comments on CefRegisterCustomScheme for more diff --git a/cef1/include/cef_origin_whitelist.h b/cef1/include/cef_origin_whitelist.h index fce2e805e..fd434460e 100644 --- a/cef1/include/cef_origin_whitelist.h +++ b/cef1/include/cef_origin_whitelist.h @@ -63,8 +63,11 @@ // the same-origin policy. Scripts hosted underneath the fully qualified // |source_origin| URL (like http://www.example.com) will be allowed access to // all resources hosted on the specified |target_protocol| and |target_domain|. -// If |allow_target_subdomains| is true access will also be allowed to all -// subdomains of the target domain. +// If |target_domain| is non-empty and |allow_target_subdomains| if false only +// exact domain matches will be allowed. If |target_domain| is non-empty and +// |allow_target_subdomains| is true sub-domain matches will be allowed. If +// |target_domain| is empty and |allow_target_subdomains| if true all domains +// and IP addresses will be allowed. // // This method cannot be used to bypass the restrictions on local or display // isolated schemes. See the comments on CefRegisterCustomScheme for more @@ -73,7 +76,7 @@ // This function may be called on any thread. Returns false if |source_origin| // is invalid or the whitelist cannot be accessed. /// -/*--cef()--*/ +/*--cef(optional_param=target_domain)--*/ bool CefAddCrossOriginWhitelistEntry(const CefString& source_origin, const CefString& target_protocol, const CefString& target_domain, @@ -83,7 +86,7 @@ bool CefAddCrossOriginWhitelistEntry(const CefString& source_origin, // Remove an entry from the cross-origin access whitelist. Returns false if // |source_origin| is invalid or the whitelist cannot be accessed. /// -/*--cef()--*/ +/*--cef(optional_param=target_domain)--*/ bool CefRemoveCrossOriginWhitelistEntry(const CefString& source_origin, const CefString& target_protocol, const CefString& target_domain, diff --git a/cef1/libcef_dll/libcef_dll.cc b/cef1/libcef_dll/libcef_dll.cc index a0a883fc6..9df6cc97c 100644 --- a/cef1/libcef_dll/libcef_dll.cc +++ b/cef1/libcef_dll/libcef_dll.cc @@ -198,10 +198,7 @@ CEF_EXPORT int cef_add_cross_origin_whitelist_entry( DCHECK(target_protocol); if (!target_protocol) return 0; - // Verify param: target_domain; type: string_byref_const - DCHECK(target_domain); - if (!target_domain) - return 0; + // Unverified params: target_domain // Execute bool _retval = CefAddCrossOriginWhitelistEntry( @@ -227,10 +224,7 @@ CEF_EXPORT int cef_remove_cross_origin_whitelist_entry( DCHECK(target_protocol); if (!target_protocol) return 0; - // Verify param: target_domain; type: string_byref_const - DCHECK(target_domain); - if (!target_domain) - return 0; + // Unverified params: target_domain // Execute bool _retval = CefRemoveCrossOriginWhitelistEntry( diff --git a/cef1/libcef_dll/wrapper/libcef_dll_wrapper.cc b/cef1/libcef_dll/wrapper/libcef_dll_wrapper.cc index 81e11ba55..1909a902d 100644 --- a/cef1/libcef_dll/wrapper/libcef_dll_wrapper.cc +++ b/cef1/libcef_dll/wrapper/libcef_dll_wrapper.cc @@ -200,10 +200,7 @@ CEF_GLOBAL bool CefAddCrossOriginWhitelistEntry(const CefString& source_origin, DCHECK(!target_protocol.empty()); if (target_protocol.empty()) return false; - // Verify param: target_domain; type: string_byref_const - DCHECK(!target_domain.empty()); - if (target_domain.empty()) - return false; + // Unverified params: target_domain // Execute int _retval = cef_add_cross_origin_whitelist_entry( @@ -229,10 +226,7 @@ CEF_GLOBAL bool CefRemoveCrossOriginWhitelistEntry( DCHECK(!target_protocol.empty()); if (target_protocol.empty()) return false; - // Verify param: target_domain; type: string_byref_const - DCHECK(!target_domain.empty()); - if (target_domain.empty()) - return false; + // Unverified params: target_domain // Execute int _retval = cef_remove_cross_origin_whitelist_entry(