How to disable web security (cross origin reequest) in webkit gtk

Question

I'm trying to write a site specific browser for a few sites and am facing an issue with webkitgtk. WebKitGtk blocks some cross domain request as a security measure and there is no way to disable it in the WebKitGtk API

Python simple example

from gi.repository import Gtk, WebKit
window = Gtk.Window()
webview = WebKit.WebView()
webview.load_uri('http://drive.google.com')
window.add(webview)
window.show_all()
Gtk.main()

Output:

  ** Message: console message:  @0: Unable to post message to https://0.drive.google.com. Recipient has origin https://drive.google.com.

score 1 · Accepted Answer · answered Jul 15 '12 at 17:52

1

Not possible as of now. Bug: https://bugs.webkit.org/show_bug.cgi?id=58378

answered Jul 15 '12 at 17:52

score 0 · Answer 2 · answered Jun 28 '12 at 20:34

0

The only setting that appears relevant to me is enable-xss-auditor:

settings = WebKit.WebSettings()
settings.set_property('enable-xss-auditor', False)
webview.set_settings(settings)

answered Jun 28 '12 at 20:34

Sean Bright

118,630
17
138
146

1

I've been trying to figure this out for my own implementation, and while WebKit itself has an option to disable web security (`Settings::setWebSecurityEnabled`) it's not exposed to the GTK+ API. – Sean Bright Jul 15 '12 at 13:56

How to disable web security (cross origin reequest) in webkit gtk

2 Answers2

Linked