Merge pull request #5638 from deepak1556/iwa_patch

browser: flags to control iwa enabled server whitelist
This commit is contained in:
Cheng Zhao 2016-05-23 10:48:30 +00:00
commit c489d6d4b3
10 changed files with 74 additions and 37 deletions

View file

@ -443,16 +443,6 @@ Adds `tasks` to the [Tasks][tasks] category of the JumpList on Windows.
consists of two or more icons, set this value to identify the icon. If an
icon file consists of one icon, this value is 0.
### `app.allowNTLMCredentialsForAllDomains(allow)`
* `allow` Boolean
Dynamically sets whether to always send credentials for HTTP NTLM or Negotiate
authentication - normally, Electron will only send NTLM/Kerberos credentials for
URLs that fall under "Local Intranet" sites (i.e. are in the same domain as you).
However, this detection often fails when corporate networks are badly configured,
so this lets you co-opt this behavior and enable it for all URLs.
### `app.makeSingleInstance(callback)`
* `callback` Function

View file

@ -95,6 +95,24 @@ connection, and the endpoint host in a `SOCKS` proxy connection).
Like `--host-rules` but these `rules` only apply to the host resolver.
## --auth-server-whitelist=`url`
A comma-separated list of servers for which integrated authentication is enabled.
For example:
```
--auth-server-whitelist='*example.com, *foobar.com, *baz'
```
then any `url` ending with `example.com`, `foobar.com`, `baz` will be considered
for integrated authentication. Without `*` prefix the url has to match exactly.
## --auth-negotiate-delegate-whitelist=`url`
A comma-separated list of servers for which delegation of user credentials is required.
Without `*` prefix the url has to match exactly.
## --ignore-certificate-errors
Ignores certificate related errors.

View file

@ -323,6 +323,23 @@ session.fromPartition(partition).setPermissionRequestHandler((webContents, permi
Clears the host resolver cache.
#### `ses.allowNTLMCredentialsForDomains(domains)`
* `domains` String - A comma-seperated list of servers for which
integrated authentication is enabled.
Dynamically sets whether to always send credentials for HTTP NTLM or Negotiate
authentication.
```javascript
// consider any url ending with `example.com`, `foobar.com`, `baz`
// for integrated authentication.
session.defaultSession.allowNTLMCredentialsForDomains('*example.com, *foobar.com, *baz')
// consider all urls for integrated authentication.
session.defaultSession.allowNTLMCredentialsForDomains('*')
```
#### `ses.webRequest`
The `webRequest` API set allows to intercept and modify contents of a request at