Open francisbeaudoin opened 4 months ago
Context Is there any specific reasons behind launching the Chrome process with disable-web-security?https://github.com/rubycdp/ferrum/blob/19767d0885afbebc95574eda685e04dc9da2b47d/lib/ferrum/browser/options/chrome.rb#L12
This flag is at least disabling the same-origin policy hence having security implications if the browser is navigating to arbitrary websites.
Suggestion Do not use the disable-web-security flag by default
disable-web-security
Context Is there any specific reasons behind launching the Chrome process with disable-web-security?https://github.com/rubycdp/ferrum/blob/19767d0885afbebc95574eda685e04dc9da2b47d/lib/ferrum/browser/options/chrome.rb#L12
This flag is at least disabling the same-origin policy hence having security implications if the browser is navigating to arbitrary websites.
Suggestion Do not use the
disable-web-securityflag by default