| Index: third_party/WebKit/Source/core/dom/Document.cpp
|
| diff --git a/third_party/WebKit/Source/core/dom/Document.cpp b/third_party/WebKit/Source/core/dom/Document.cpp
|
| index 5163577596583956aac44fb63d5c25e8caec1774..977a96494509155f82e701dd86b07426d62a99c9 100644
|
| --- a/third_party/WebKit/Source/core/dom/Document.cpp
|
| +++ b/third_party/WebKit/Source/core/dom/Document.cpp
|
| @@ -4793,7 +4793,7 @@ void Document::initSecurityContext(const DocumentInit& initializer)
|
| } else if (securityOrigin()->isLocal()) {
|
| if (settings->allowUniversalAccessFromFileURLs()) {
|
| // Some clients want local URLs to have universal access, but that setting is dangerous for other clients.
|
| - securityOrigin()->grantUniversalAccess();
|
| + securityOrigin()->grantUniversalAccessForFileOrigins();
|
| } else if (!settings->allowFileAccessFromFileURLs()) {
|
| // Some clients do not want local URLs to have access to other local URLs.
|
| securityOrigin()->blockLocalAccessFromLocalOrigin();
|
|
|
Chromium Code Reviews
Issue 1507023004:
Harden the implementation of '--disable-web-security' (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master