|
|
Rank: Member
Groups: Member
Joined: 11/13/2015
Posts: 29
|
Hello, Is there a way to disable WebSecurity (http --> https and same-origin policy) per URL? I found the following property:
Code: C#
BrowserOptions.EnableWebSecurity = false
but it looks like a complete on/off setting. Ideally, there would be an event that my project can subscribe to so we can decide in runtime to allow or block.
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,071
|
Hi,
No. This is not possible. This is a setting per WebView, not per Url.
Thanks!
|
|
Rank: Member
Groups: Member
Joined: 11/13/2015
Posts: 29
|
Thanks for the super fast response.
Is this something you can add?
Also, I just turned the setting above to false.
Looks like it still does not allow me to do mixed content calls. Is there a workaround for that?
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,071
|
Hi, These are settings in the browser engine that we simply exposes it. It is not practical for us to add settings to the browser engine ourselves. EnableWebSecurity is for same origin policy but it is not for http -> https. We do not have a direct setting for http -> https. You can try to use "--allow-running-insecure-content" command line argument and see if it works for you. You would pass extra command line argument to the browser engine through this property: https://www.essentialobjects.com/doc/eo.webengine.engineoptions.extracommandlineargs.aspxIf you are not familiar with EngineOptions, you can take a look of this topic: https://www.essentialobjects.com/doc/webbrowser/advanced/engine.aspxThanks!
|
|
Rank: Member
Groups: Member
Joined: 11/13/2015
Posts: 29
|
thanks! that solved the issue, though it would be awesome if there would be some kind of a callback to allow my code to decide what should go through and what shouldn't.
thanks again!
|
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,071
|
You are welcome. Glad to hear that it's working for you.
|
|