feat: Add --unsafely-treat-insecure-origin-as-secure flag to disable SSL verification (#11324)

This commit adds "--unsafely-treat-insecure-origin-as-secure" flag 
that allows to disable SSL verification for all domains, or specific
domains if they were passed as an argument to the flag.

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>

1 files changed, 10 insertions, 0 deletions

diff --git a/extensions/net/lib.rs b/extensions/net/lib.rs
index 6b0b728b1..f68034517 100644
--- a/extensions/net/lib.rs
+++ b/extensions/net/lib.rs
@@ -94,9 +94,16 @@ pub struct DefaultTlsOptions {
   pub root_cert_store: Option<RootCertStore>,
 }
 
+/// `UnsafelyTreatInsecureOriginAsSecure` is a wrapper struct so it can be placed inside `GothamState`;
+/// using type alias for a `Option<Vec<String>>` could work, but there's a high chance
+/// that there might be another type alias pointing to a `Option<Vec<String>>`, which
+/// would override previously used alias.
+pub struct UnsafelyTreatInsecureOriginAsSecure(Option<Vec<String>>);
+
 pub fn init<P: NetPermissions + 'static>(
   root_cert_store: Option<RootCertStore>,
   unstable: bool,
+  unsafely_treat_insecure_origin_as_secure: Option<Vec<String>>,
 ) -> Extension {
   let mut ops_to_register = vec![];
   ops_to_register.extend(io::init());
@@ -115,6 +122,9 @@ pub fn init<P: NetPermissions + 'static>(
         root_cert_store: root_cert_store.clone(),
       });
       state.put(UnstableChecker { unstable });
+      state.put(UnsafelyTreatInsecureOriginAsSecure(
+        unsafely_treat_insecure_origin_as_secure.clone(),
+      ));
       Ok(())
     })
     .build()