From d362aecec340d190b11e36dbf01e7f9111784729 Mon Sep 17 00:00:00 2001 From: "abarth@chromium.org" Date: Thu, 20 Aug 2009 05:28:31 +0000 Subject: Enable the XSSAuditor by default. Please watch out for compatibility issues. Review URL: http://codereview.chromium.org/174013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23805 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/tab_contents/render_view_host_delegate_helper.cc | 2 +- chrome/common/chrome_switches.cc | 5 ++--- chrome/common/chrome_switches.h | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) (limited to 'chrome') diff --git a/chrome/browser/tab_contents/render_view_host_delegate_helper.cc b/chrome/browser/tab_contents/render_view_host_delegate_helper.cc index 5146caf..458b1b2 100644 --- a/chrome/browser/tab_contents/render_view_host_delegate_helper.cc +++ b/chrome/browser/tab_contents/render_view_host_delegate_helper.cc @@ -175,7 +175,7 @@ WebPreferences RenderViewHostDelegateHelper::GetWebkitPrefs( web_prefs.remote_fonts_enabled = command_line.HasSwitch(switches::kEnableRemoteFonts); web_prefs.xss_auditor_enabled = - command_line.HasSwitch(switches::kEnableXSSAuditor); + !command_line.HasSwitch(switches::kDisableXSSAuditor); web_prefs.application_cache_enabled = command_line.HasSwitch(switches::kEnableApplicationCache); diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index 4204e27..70a4ad5 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -525,9 +525,8 @@ const wchar_t kFileDescriptorLimit[] = L"file-descriptor-limit"; // to be sRGB. const wchar_t kEnableMonitorProfile[] = L"enable-monitor-profile"; -// Enable WebKit's XSSAuditor to mitigate reflective XSS. The XSSAuditor is -// still experimental. -const wchar_t kEnableXSSAuditor[] = L"enable-xss-auditor"; +// Disable WebKit's XSSAuditor. The XSSAuditor mitigates reflective XSS. +const wchar_t kDisableXSSAuditor[] = L"disable-xss-auditor"; #if defined(OS_POSIX) // A flag, generated internally by Chrome for renderer and other helper process diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index e3ff1a9..d38a0d9 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -199,7 +199,7 @@ extern const wchar_t kFileDescriptorLimit[]; extern const wchar_t kEnableMonitorProfile[]; -extern const wchar_t kEnableXSSAuditor[]; +extern const wchar_t kDisableXSSAuditor[]; #if defined(OS_POSIX) extern const wchar_t kEnableCrashReporter[]; -- cgit v1.1