6

In JS security issue with Opera 11.01, after moving from server A to B I learned that opera has some "cross-network" protection.

I encountered the same js security problem and I found that Opera 11.10 (“Barracuda”) added a preference to disable cross-network protection. My Opera is 11.50 but I can't find the specific preference.

Do I misunderstand the meaning of the "cross-network"?

Thanks a lot.

Community
  • 1
  • 1
sAILING
  • 133
  • 1
  • 2
  • 4
  • Is this for some internal project? Because you can't expect user to turn that setting off, too. Just stating the obvious here. – DanMan Sep 25 '11 at 10:06
  • Thanks for your replay@DanMan. You are right, it's for my internal project. My online environment has not this secure problem. I guess that's because two servers are in one intranet. But in my local environment, one server is in my intranet and the other is in internet. So I want to turn that setting off to test in local environment. Thank you. – sAILING Sep 25 '11 at 10:45

3 Answers3

4

Nowadays Opera is based on chromium, so you shoud use chromium way to disable SOP and process requests without CORS headers:

cd c:\Program Files\Opera\
launcher.exe --disable-web-security --user-data-dir="c:\nocorsbrowserdata"

Of course like in chromium, to make this work you should kill all your instances of opera.exe before starting with --disable-web-security flag. If you want more details how to automate this, see tip on my website

Make Tips
  • 140
  • 1
  • 5
3

I believe opera:config#Network|AllowCrossNetworkNavigation is the right preference.

gsnedders
  • 5,084
  • 1
  • 26
  • 38
1

Disabling it entirely has security implications though - see this: Opera won't load some JavaScript files for a safer workaround :)

Community
  • 1
  • 1
hallvors
  • 5,603
  • 1
  • 20
  • 37