Remove ignore_certificate_errors setting (fixes issue #2899)

This removes CefSettings.ignore_certificate_errors and CefBrowserSettings.ignore_certificate_errors. Due to NetworkService requirements these values must now be configured globally via the "ignore-certificate-errors" command-line flag.
2025-06-05 21:39:12 +02:00 · 2021-09-27 14:40:35 +03:00
parent f158c34a21
commit a7bbd8a62b
4 changed files with 4 additions and 30 deletions
--- a/include/internal/cef_types.h
+++ b/include/internal/cef_types.h
@ -390,17 +390,6 @@ typedef struct _cef_settings_t {
  ///
  int uncaught_exception_stack_size;

-  ///
-  // Set to true (1) to ignore errors related to invalid SSL certificates.
-  // Enabling this setting can lead to potential security vulnerabilities like
-  // "man in the middle" attacks. Applications that load content from the
-  // internet should not enable this setting. Also configurable using the
-  // "ignore-certificate-errors" command-line switch. Can be overridden for
-  // individual CefRequestContext instances via the
-  // CefRequestContextSettings.ignore_certificate_errors value.
-  ///
-  int ignore_certificate_errors;
-
  ///
  // Background color used for the browser before a document is loaded and when
  // no document color is specified. The alpha component must be either fully
@ -486,16 +475,6 @@ typedef struct _cef_request_context_settings_t {
  ///
  int persist_user_preferences;

-  ///
-  // Set to true (1) to ignore errors related to invalid SSL certificates.
-  // Enabling this setting can lead to potential security vulnerabilities like
-  // "man in the middle" attacks. Applications that load content from the
-  // internet should not enable this setting. Can be set globally using the
-  // CefSettings.ignore_certificate_errors value. This value will be ignored if
-  // |cache_path| matches the CefSettings.cache_path value.
-  ///
-  int ignore_certificate_errors;
-
  ///
  // Comma delimited ordered list of language codes without any whitespace that
  // will be used in the "Accept-Language" HTTP header. Can be set globally
--- a/include/internal/cef_types_wrappers.h
+++ b/include/internal/cef_types_wrappers.h
@ -594,7 +594,6 @@ struct CefSettingsTraits {
    target->pack_loading_disabled = src->pack_loading_disabled;
    target->remote_debugging_port = src->remote_debugging_port;
    target->uncaught_exception_stack_size = src->uncaught_exception_stack_size;
-    target->ignore_certificate_errors = src->ignore_certificate_errors;
    target->background_color = src->background_color;

    cef_string_set(src->accept_language_list.str,
@ -636,7 +635,6 @@ struct CefRequestContextSettingsTraits {
                   &target->cache_path, copy);
    target->persist_session_cookies = src->persist_session_cookies;
    target->persist_user_preferences = src->persist_user_preferences;
-    target->ignore_certificate_errors = src->ignore_certificate_errors;
    cef_string_set(src->accept_language_list.str,
                   src->accept_language_list.length,
                   &target->accept_language_list, copy);