diff -pru -x build a/data/org.gnome.epiphany.gschema.xml b/data/org.gnome.epiphany.gschema.xml
--- a/data/org.gnome.epiphany.gschema.xml 2017-10-27 03:00:12.000000000 +0200
+++ b/data/org.gnome.epiphany.gschema.xml 2017-11-12 02:30:19.507439718 +0100
@@ -182,6 +182,18 @@
true
Enable Plugins
+
+ false
+ Disable CORS
+
+
+ true
+ Enable CORS within the same domain
+
+
+ false
+ Disable CORS Redirection
+
true
Enable WebGL
diff -pru -x build a/embed/ephy-embed-prefs.c b/embed/ephy-embed-prefs.c
--- a/embed/ephy-embed-prefs.c 2017-10-27 03:00:12.000000000 +0200
+++ b/embed/ephy-embed-prefs.c 2017-11-12 02:10:34.208444564 +0100
@@ -519,6 +519,18 @@ ephy_embed_prefs_init (gpointer user_dat
webkit_settings, "enable-caret-browsing",
G_SETTINGS_BIND_GET);
g_settings_bind (EPHY_SETTINGS_WEB,
+ EPHY_PREFS_WEB_DISABLE_CORS,
+ webkit_settings, "disable-cors",
+ G_SETTINGS_BIND_GET);
+ g_settings_bind (EPHY_SETTINGS_WEB,
+ EPHY_PREFS_WEB_ENABLE_CORS_SAME_DOMAIN,
+ webkit_settings, "enable-cors-same-domain",
+ G_SETTINGS_BIND_GET);
+ g_settings_bind (EPHY_SETTINGS_WEB,
+ EPHY_PREFS_WEB_DISABLE_CORS_REDIRECTION,
+ webkit_settings, "disable-cors-redirection",
+ G_SETTINGS_BIND_GET);
+ g_settings_bind (EPHY_SETTINGS_WEB,
EPHY_PREFS_WEB_ENABLE_PLUGINS,
webkit_settings, "enable-plugins",
G_SETTINGS_BIND_GET);
diff -pru -x build a/lib/ephy-prefs.h b/lib/ephy-prefs.h
--- a/lib/ephy-prefs.h 2017-10-27 03:00:12.000000000 +0200
+++ b/lib/ephy-prefs.h 2017-11-12 01:44:11.164451036 +0100
@@ -97,6 +97,9 @@ static const char * const ephy_prefs_sta
#define EPHY_PREFS_WEB_DEFAULT_ENCODING "default-encoding"
#define EPHY_PREFS_WEB_DO_NOT_TRACK "do-not-track"
#define EPHY_PREFS_WEB_ENABLE_ADBLOCK "enable-adblock"
+#define EPHY_PREFS_WEB_DISABLE_CORS "disable-cors"
+#define EPHY_PREFS_WEB_ENABLE_CORS_SAME_DOMAIN "enable-cors-same-domain"
+#define EPHY_PREFS_WEB_DISABLE_CORS_REDIRECTION "disable-cors-redirection"
#define EPHY_PREFS_WEB_REMEMBER_PASSWORDS "remember-passwords"
#define EPHY_PREFS_WEB_ENABLE_SITE_SPECIFIC_QUIRKS "enable-site-specific-quirks"
@@ -119,6 +122,9 @@ static const char * const ephy_prefs_web
EPHY_PREFS_WEB_DEFAULT_ENCODING,
EPHY_PREFS_WEB_DO_NOT_TRACK,
EPHY_PREFS_WEB_ENABLE_ADBLOCK,
+ EPHY_PREFS_WEB_DISABLE_CORS,
+ EPHY_PREFS_WEB_ENABLE_CORS_SAME_DOMAIN,
+ EPHY_PREFS_WEB_DISABLE_CORS_REDIRECTION,
EPHY_PREFS_WEB_REMEMBER_PASSWORDS,
EPHY_PREFS_WEB_ENABLE_SITE_SPECIFIC_QUIRKS
};
diff -pru -x build a/src/prefs-dialog.c b/src/prefs-dialog.c
--- a/src/prefs-dialog.c 2017-10-27 03:00:12.000000000 +0200
+++ b/src/prefs-dialog.c 2017-11-12 02:35:29.931438449 +0100
@@ -83,6 +83,9 @@ struct _PrefsDialog {
GtkWidget *popups_allow_checkbutton;
GtkWidget *adblock_allow_checkbutton;
GtkWidget *enable_plugins_checkbutton;
+ GtkWidget *cors_disable_checkbutton;
+ GtkWidget *cors_same_domain_enable_checkbutton;
+ GtkWidget *cors_redirection_disable_checkbutton;
/* fonts */
GtkWidget *use_gnome_fonts_checkbutton;
@@ -734,6 +737,9 @@ prefs_dialog_class_init (PrefsDialogClas
gtk_widget_class_bind_template_child (widget_class, PrefsDialog, popups_allow_checkbutton);
gtk_widget_class_bind_template_child (widget_class, PrefsDialog, adblock_allow_checkbutton);
gtk_widget_class_bind_template_child (widget_class, PrefsDialog, enable_plugins_checkbutton);
+ gtk_widget_class_bind_template_child (widget_class, PrefsDialog, cors_disable_checkbutton);
+ gtk_widget_class_bind_template_child (widget_class, PrefsDialog, cors_same_domain_enable_checkbutton);
+ gtk_widget_class_bind_template_child (widget_class, PrefsDialog, cors_redirection_disable_checkbutton);
gtk_widget_class_bind_template_child (widget_class, PrefsDialog, download_button_hbox);
gtk_widget_class_bind_template_child (widget_class, PrefsDialog, download_button_label);
@@ -1710,6 +1716,36 @@ setup_general_page (PrefsDialog *dialog)
G_CALLBACK (do_not_track_button_clicked_cb),
dialog);
+ g_settings_bind (web_settings,
+ EPHY_PREFS_WEB_DISABLE_CORS,
+ dialog->cors_disable_checkbutton,
+ "active",
+ G_SETTINGS_BIND_DEFAULT);
+ g_settings_bind (web_settings,
+ EPHY_PREFS_WEB_DISABLE_CORS,
+ dialog->cors_same_domain_enable_checkbutton,
+ "sensitive",
+ G_SETTINGS_BIND_DEFAULT);
+ g_settings_bind (web_settings,
+ EPHY_PREFS_WEB_DISABLE_CORS,
+ dialog->cors_redirection_disable_checkbutton,
+ "sensitive",
+ G_SETTINGS_BIND_DEFAULT);
+
+ g_settings_bind (web_settings,
+ EPHY_PREFS_WEB_ENABLE_CORS_SAME_DOMAIN,
+ dialog->cors_same_domain_enable_checkbutton,
+ "active",
+ /* Teensy hack: don't override the previous binding. */
+ G_SETTINGS_BIND_NO_SENSITIVITY);
+
+ g_settings_bind (web_settings,
+ EPHY_PREFS_WEB_DISABLE_CORS_REDIRECTION,
+ dialog->cors_redirection_disable_checkbutton,
+ "active",
+ /* Teensy hack: don't override the previous binding. */
+ G_SETTINGS_BIND_NO_SENSITIVITY);
+
if (ephy_is_running_inside_flatpak ())
gtk_widget_hide (dialog->download_button_label);
else
@@ -1962,6 +1998,10 @@ prefs_dialog_init (PrefsDialog *dialog)
mode != EPHY_EMBED_SHELL_MODE_APPLICATION);
gtk_widget_set_visible (dialog->do_not_track_checkbutton,
mode != EPHY_EMBED_SHELL_MODE_APPLICATION);
+ gtk_widget_set_visible (dialog->cors_same_domain_enable_checkbutton,
+ mode != EPHY_EMBED_SHELL_MODE_APPLICATION);
+ gtk_widget_set_visible (dialog->cors_redirection_disable_checkbutton,
+ mode != EPHY_EMBED_SHELL_MODE_APPLICATION);
setup_general_page (dialog);
setup_fonts_page (dialog);
diff -pru -x build a/src/resources/gtk/prefs-dialog.ui b/src/resources/gtk/prefs-dialog.ui
--- a/src/resources/gtk/prefs-dialog.ui 2017-10-27 03:00:12.000000000 +0200
+++ b/src/resources/gtk/prefs-dialog.ui 2017-11-12 01:41:40.694451651 +0100
@@ -281,6 +281,29 @@
True
+
+
+
+
+
+
+
+
+