Web security origin policy on Webkit2/ QtWebkit 3.0 On QML
-
I am using QtWebkit 3.0 [ WK2 ] on QtQuick 2.
I could not find any API to turn the web-security-origin policy anywhere!Any hint on this to proceed ,is very much appreciable.
-
Yes, I have a problem with webkit securityOrigin also.
In c++ widgets (eg. QWebView), securityOrigin allows to read from local file. In qml side (import QtWebKit 3.0, WebView) securityOrigin does not allow reading from local file.
For reference:
In Firefox I can read local files, in Chromium not, the error is: "Failed to load resource: Origin null is not allowed by Access-Control-Allow-Origin".By local file I mean a file that is in that same directory, where the startup html-file is read. By reading local file I mean using jQuery.ajax function to get the file, eg. in json format.
In c++ there is an easy way (QWebSettings) to change the securityOrigin setting. In qml there does not seem to be any.
In my project, I control the qt-platform, so I did a dirty thing; I changed webkit code. File qtwebkit/Source/WebCore/page/SecurityOrigin.cpp, there is a function bool SecurityOrigin::canRequest(const KURL& url) const. I changed the last line from "return false" to "return true". Now it works.
But, it would be much better, if I could change this behaviour in controlled/webkit approved way.
-
Yes, apparently i had to do the same way.
And reg Ref : Just like firefox, you can turn off WSO policy in Chrome as well. [ --disable-web-security argument]