Harden the implementation of '--disable-web-security'

third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h

Index: third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
diff --git a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
index 7a286dad26da97a8378f2a754b92a80ef457d0e2..1a0e530c085b90af46184dc94a07d0aa8ed48f90 100644
--- a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
+++ b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h
@@ -150,9 +150,18 @@ public:
     // Explicitly grant the ability to access every other SecurityOrigin.
     //
     // WARNING: This is an extremely powerful ability. Use with caution!
+    //
+    // TODO(mkwst): Remove this API as soon as is fesiable. That will likely
+    // require creating a more limited replacement.
     void grantUniversalAccess();
     bool isGrantedUniversalAccess() const { return m_universalAccess; }
 
+    // Grant `file:` origins universal access.
+    //
+    // TODO(mkwst): As soon as we can reasonably get WebView to stop offering
+    // the API which requires this method, we should remove it.
+    void grantUniversalAccessForFileOrigins();
+
     bool canAccessDatabase() const { return !isUnique(); }
     bool canAccessLocalStorage() const { return !isUnique(); }
     bool canAccessSharedWorkers() const { return !isUnique(); }
@@ -229,6 +238,7 @@ public:
     //   - Use path-based file:// origins.
     struct PrivilegeData {
         bool m_universalAccess;
+        bool m_universalAccessForFileOrigins;
         bool m_canLoadLocalResources;
         bool m_blockLocalAccessFromLocalOrigin;
     };
@@ -259,6 +269,7 @@ private:
     unsigned short m_effectivePort;
     bool m_isUnique;
     bool m_universalAccess;
+    bool m_universalAccessForFileOrigins;
     bool m_domainWasSetInDOM;
     bool m_canLoadLocalResources;
     bool m_blockLocalAccessFromLocalOrigin;