Add a flag to disable web security

[twolfson]

Could you explain your use case further? CORS should still work if there are headers for it

[hanFengSan]

In my project, the web requests are wrapped by other library, not fetch, so setting the headers isn't easy for me. I have to set webSecurity option to access other domains in my unit test, so I add a new flag to do this :)

[twolfson]

Okay, that seems reasonable. I don't have the full headspace/time to think through this at the moment but my gut feeling is to add a new parameter which allows passing a full JSON blob to new BrowserWindow

This is something I remember seeing in https://github.com/lele85/karma-electron-launcher/blob/0.2.0/runner.electron/main.js but deciding to leave it out for 1.0.0

I do see the custom new-window event listener so I'm unsure how that affects things (e.g. maybe there's a way to inherit options from parent to child). If not, maybe make it a browserWindowOptions parameter so its clear all of them receive it

I'll come back to this by the end of the weekend (unsure if I can implement by then too)

[twolfson]

Yea, after looking through new BrowserWindow it looks like plenty of other options could be potentially requested as well:

• nodeIntegration
• nodeIntegrationInWorker
• zoomFactor
• defaultFontSize

https://electronjs.org/docs/api/browser-window

Could we update this PR to add a new flag which accepts JSON content?

https://github.com/tj/commander.js/tree/v2.15.1#coercion

.option('--browser-window-options <json>', 'Flags to pass to all new browser window options', JSON.parse);

[hanFengSan]

Great, I can do it in this weekend😄

[twolfson]

I believe this PR got some accidental commits in it. It's also been inactive in the trajectory we discussed for 1 month so I'm going to close it