Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1957)

Unified Diff: chrome/browser/chrome_content_browser_client.cc

Issue 1512843002: Lock '--disable-web-security' to '--user-data-dir' (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Error. Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chrome_content_browser_client.cc
diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
index d501e18ff6677ec5ff54423e87ce1a95f7bf017c..557b200339fd127ed9ee8852e4669142103a8a98 100644
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -2269,8 +2269,21 @@ void ChromeContentBrowserClient::OverrideWebkitPrefs(
if (!prefs->GetBoolean(prefs::kWebKitJavascriptEnabled))
web_prefs->javascript_enabled = false;
- if (!prefs->GetBoolean(prefs::kWebKitWebSecurityEnabled))
+
+ // Only allow disabling web security via the command-line flag if the user
+ // has specified a distinct profile directory. This still enables tests to
+ // disable web security by setting the pref directly.
+ base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
+ if (!prefs->GetBoolean(prefs::kWebKitWebSecurityEnabled)) {
web_prefs->web_security_enabled = false;
+ } else if (!web_prefs->web_security_enabled &&
+ command_line->HasSwitch(switches::kDisableWebSecurity) &&
+ !command_line->HasSwitch(switches::kUserDataDir)) {
+ LOG(ERROR) << "Web security may only be disabled if '--user-data-dir' is "
+ "also specified.";
+ web_prefs->web_security_enabled = true;
+ }
+
if (!prefs->GetBoolean(prefs::kWebKitPluginsEnabled))
web_prefs->plugins_enabled = false;
web_prefs->loads_images_automatically =
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698