BriskBard, CEF4Delphi, WebView4Delphi, WebUI4Delphi and WebUI4CSharp

The forum for BriskBard users and CEF4Delphi / WebView4Delphi / WebUI4Delphi / WebUI4CSharp developers
http://www.briskbard.com/forum/

change in cors policy

http://www.briskbard.com/forum/viewtopic.php?t=1890

Page 1 of 1

change in cors policy

Posted: Thu Jan 27, 2022 3:57 am
by czar
The implementation of CORS-RFC1918, has broken the way our app is working.

For reasons we cannot change we launch our legacy software by sending a message to a locahost server. This is software that we use in our business and is not software that runs on peoples private computers.

If I set the following back to disable in Chrome then our system works.

chrome://flags/#block-insecure-private-network-requests


However, I don't know how to make that work in CEF -

Code: Select all

  GlobalCEFApp                  := TCefApplication.Create;
  GlobalCEFApp.DisableWebSecurity := true;
I tried that but it didn't work - I am hoping someone can help otherwise I am not sure what other options we have other can going back to much older CEF build.

Re: change in cors policy

Posted: Thu Jan 27, 2022 9:05 am
by salvadordf
Hi,

I don't know how to test this but perhaps these properties will work in your case.

Try adding this line before the GlobalCEFApp.StartMainProcess in the DPR file :

Code: Select all

GlobalCEFApp.DisableFeatures := 'BlockInsecurePrivateNetworkRequests';
Perhaps adding this can help too :

Code: Select all

GlobalCEFApp.AllowInsecureLocalhost := True;
There are several browser preferences that seem to be related to insecure content but let me know if these properties fix this issue.

Re: change in cors policy

Posted: Thu Jan 27, 2022 5:44 pm
by czar
Thank you for your help, that works perfectly.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited