github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-04-10 03:01:51 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix: disable CORS when webSecurity is disabled (#25504)

Browse Source 
Co-authored-by: Cheng Zhao <zcbenz@gmail.com>
This commit is contained in:
trop[bot]
2020-09-17 10:22:25 +09:00
committed by GitHub
parent c1d04d8e49
commit a22dfc813f
2 changed files with 36 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
shell/browser/electron_browser_client.cc
View File

@@ -1507,10 +1507,11 @@ void ElectronBrowserClient::OverrideURLLoaderFactoryParams(
const url::Origin& origin,
bool is_for_isolated_world,
network::mojom::URLLoaderFactoryParams* factory_params) {
// Bypass CORB when web security is disabled.
// Bypass CORB and CORS when web security is disabled.
auto it = process_preferences_.find(factory_params->process_id);
if (it != process_preferences_.end() && !it->second.web_security) {
factory_params->is_corb_enabled = false;
factory_params->disable_web_security = true;
}
extensions::URLLoaderFactoryManager::OverrideURLLoaderFactoryParams(