From 481793b02fc004d6b30cf007c393c76cdbbe4350 Mon Sep 17 00:00:00 2001 From: Benjamin Wiederkehr Date: Mon, 22 Feb 2016 18:39:41 +0100 Subject: [PATCH 1/2] Promise to add insecure-content option. --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 72f9213..85de219 100644 --- a/README.md +++ b/README.md @@ -230,6 +230,13 @@ If this flag is passed, it will not override the user agent. ``` Forces the packaged app to ignore certificate errors. +#### [insecure-content] + +``` +--insecure-content +``` +Forces the packaged app to ignore content errors. + ## Programmatic API You can use the Nativefier programmatic API as well. From dc51407ccb696dd6f1081f384130742f6302ab08 Mon Sep 17 00:00:00 2001 From: Benjamin Wiederkehr Date: Mon, 22 Feb 2016 21:33:33 +0100 Subject: [PATCH 2/2] Added option to disable web security. --- README.md | 7 ++++--- app/src/components/mainWindow/mainWindow.js | 1 + src/build/buildApp.js | 5 +++-- src/cli.js | 1 + src/options.js | 3 ++- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 85de219..77ea078 100644 --- a/README.md +++ b/README.md @@ -230,12 +230,12 @@ If this flag is passed, it will not override the user agent. ``` Forces the packaged app to ignore certificate errors. -#### [insecure-content] +#### [disable-web-security] ``` ---insecure-content +--disable-web-security ``` -Forces the packaged app to ignore content errors. +Forces the packaged app to ignore web security errors. ## Programmatic API @@ -267,6 +267,7 @@ var options = { showMenuBar: false, userAgent: null, insecure: false, + disableWebSecurity: false, honest: false }; diff --git a/app/src/components/mainWindow/mainWindow.js b/app/src/components/mainWindow/mainWindow.js index 5119118..1f19214 100644 --- a/app/src/components/mainWindow/mainWindow.js +++ b/app/src/components/mainWindow/mainWindow.js @@ -36,6 +36,7 @@ function createMainWindow(options, onAppQuit, setDockBadge) { plugins: true, // node globals causes problems with sites like messenger.com nodeIntegration: false, + webSecurity: !options.disableWebSecurity, preload: path.join(__dirname, 'static', 'preload.js') }, // after webpack path here should reference `resources/app/` diff --git a/src/build/buildApp.js b/src/build/buildApp.js index f2fb022..37ea407 100644 --- a/src/build/buildApp.js +++ b/src/build/buildApp.js @@ -39,7 +39,7 @@ function changeAppPackageJsonName(appPath, name) { /** * Only picks certain app args to pass to nativefier.json * @param options - * @returns {{name: (*|string), targetUrl: (string|*), counter: *, width: *, height: *, showMenuBar: *, userAgent: *, nativefierVersion: *, insecure: *}} + * @returns {{name: (*|string), targetUrl: (string|*), counter: *, width: *, height: *, showMenuBar: *, userAgent: *, nativefierVersion: *, insecure: *, disableWebSecurity: *}} */ function selectAppArgs(options) { return { @@ -51,7 +51,8 @@ function selectAppArgs(options) { showMenuBar: options.showMenuBar, userAgent: options.userAgent, nativefierVersion: options.nativefierVersion, - insecure: options.insecure + insecure: options.insecure, + disableWebSecurity: options.disableWebSecurity }; } diff --git a/src/cli.js b/src/cli.js index d67f9c0..a1c543b 100755 --- a/src/cli.js +++ b/src/cli.js @@ -29,6 +29,7 @@ if (require.main === module) { .option('-u, --user-agent ', 'set the user agent string for the app') .option('--honest', 'prevent the nativefied app from changing the user agent string to masquerade as a regular chrome browser') .option('--insecure', 'ignore certificate related errors') + .option('--disable-web-security', 'enable loading of insecure content, defaults to false') .parse(process.argv); if (!process.argv.slice(2).length) { diff --git a/src/options.js b/src/options.js index 6391d83..bae24fc 100644 --- a/src/options.js +++ b/src/options.js @@ -47,7 +47,8 @@ function optionsFactory(inpOptions, callback) { height: inpOptions.height || 800, showMenuBar: inpOptions.showMenuBar || false, userAgent: inpOptions.userAgent || getFakeUserAgent(), - insecure: inpOptions.insecure || false + insecure: inpOptions.insecure || false, + disableWebSecurity: inpOptions.disableWebSecurity || false }; if (inpOptions.honest) {