Cross-origin usage of document.domain is now restricted by default with the
Chrome runtime. Relax this policy for XSS tests by setting the
"Origin-Agent-Cluster: ?0" header.
Also remove usage of global variable in tests.
Use pointers to incomplete struct types. If an argument of a not suitable
type is passed to a function of any string collection,
C compiler will warn:
warning: passing argument 1 of <func> from incompatible pointer type
C++ compiler will raise an error, for example:
error: cannot convert 'cef_string_list_t' ... to 'cef_string_multimap_t'
With the previously used `void*` pointer types, such errors in a code were not
diagnosed.
In the error case, we previously output a pragma with a string immediately
followed by __FILE__ - but with no space between the string terminator and
__FILE__, a compliant C++ compiler can interpret this as a user-defined literal
suffix and end up failing to embed the intended information. We should add
spaces here to ensure our generated code is standards-compliant.
Initialize the Chrome color mixer so that ColorProvider returns the expected
semi-transparent color for overlay background in video_overlay_window_views.cc
instead of the default opaque red color (kPlaceholderColor).
This is intended for usage with frameless windows that show the standard window
buttons, where resizing the title bar height changes the button offset. Returning a
different value from CefWindowDelegate::GetTitlebarHeight and forcing a resize of
the NSWindow's theme frame (see ViewsWindow::NudgeWindow) will update the
title bar height.
To test:
1. Run `cefclient --use-views --hide-frame --show-window-buttons --url=http://tests/window`
2. Enter a new value for title bar height and click the "Set Titlebar Height" button
This change adds new CefCommandHandler callbacks for optionally hiding
specific Chrome toolbar icons, buttons and app menu items.
To test: Run `cefclient --enable-chrome-runtime --filter-chrome-commands`.
Most icons, buttons and app/context menu items will be hidden.
The CefFrame::CreateURLRequest method is no longer supported in the renderer
process. Usage of this method was already limited to same-origin requests due
to renderer process CORS restrictions, and the underlying Blink API has now
been removed in https://crbug.com/1413912 (M112+).
Existing alternatives include CefURLRequest usage in the browser process, or
JavaScript XMLHttpRequest/fetch API usage in the renderer process.
Frameless windows now display as expected. Default traffic light buttons can
optionally be shown at configurable vertical position. Layout respects text
direction.
Chrome is always loading the primary user profile by default, so with this
change the CEF behavior more accurately reflects reality. Incognito contexts
can still be created explicitly via CefRequestContext::CreateContext.
Prior to this change, the default for the global context was an Incognito
profile based on the primary user profile. That caused request interception
to be bypassed in WillCreateURLLoaderFactory for profiles associated with
the "New window" and "New incognito window" commands. Those profiles, while
also being (or based on) the primary user profile, did not match the specific
Incognito profile assigned to the default global context.
After this change, the "New window" and "New incognito window" commands will
match the default global context when executed on a browser that was created
using the primary user profile.