diff options
Diffstat (limited to 'webkit/glue/webview_impl.cc')
| -rw-r--r-- | webkit/glue/webview_impl.cc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/webkit/glue/webview_impl.cc b/webkit/glue/webview_impl.cc index 4b62711..0d05a2b 100644 --- a/webkit/glue/webview_impl.cc +++ b/webkit/glue/webview_impl.cc @@ -1312,6 +1312,10 @@ void WebViewImpl::SetPreferences(const WebPreferences& preferences) { // Turn this on to cause WebCore to paint the resize corner for us. settings->setShouldPaintCustomScrollbars(true); + // Mitigate attacks from local HTML files by not granting file:// URLs + // universal access. + settings->setAllowUniversalAccessFromFileURLs(false); + #if defined(OS_WIN) // RenderTheme is a singleton that needs to know the default font size to // draw some form controls. We let it know each time the size changes. |