From dca6708fe6a83f20b17c96ad7302c636fe2dcbe3 Mon Sep 17 00:00:00 2001
From: Mykola Mokhnach <nick+1@wire.com>
Date: Wed, 13 Dec 2017 20:49:45 +0100
Subject: [PATCH 1/4] Add relaxed security command line flag

---
 lib/appium.js |  9 ++++++++-
 lib/parser.js | 12 ++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/lib/appium.js b/lib/appium.js
index b887b3a19..fbf8d12fa 100644
--- a/lib/appium.js
+++ b/lib/appium.js
@@ -28,7 +28,11 @@ class AppiumDriver extends BaseDriver {
     // the main Appium Driver has no new command timeout
     this.newCommandTimeoutMs = 0;
 
-    this.args = args;
+    this.args = Object.assign({}, args);
+    if (this.args.relaxedSecurityEnabled) {
+      this.relaxedSecurityEnabled = true;
+      delete this.args.relaxedSecurityEnabled;
+    }
 
     // Access to sessions list must be guarded with a Semaphore, because
     // it might be changed by other async calls at any time
@@ -189,6 +193,9 @@ class AppiumDriver extends BaseDriver {
 
     let runningDriversData, otherPendingDriversData;
     let d = new InnerDriver(this.args);
+    if (this.relaxedSecurityEnabled) {
+      d.relaxedSecurityEnabled = true;
+    }
     try {
       runningDriversData = await this.curSessionDataForDriver(InnerDriver);
     } catch (e) {
diff --git a/lib/parser.js b/lib/parser.js
index ba0a1b409..19f473059 100644
--- a/lib/parser.js
+++ b/lib/parser.js
@@ -738,6 +738,18 @@ const deprecatedArgs = [
     required: false,
     help: 'Enable collection of NodeJS memory heap dumps. This is useful for memory leaks lookup',
     nargs: 0
+  }],
+
+  [['--relaxed-security'], {
+    defaultValue: false,
+    dest: 'relaxedSecurityEnabled',
+    action: 'storeTrue',
+    required: false,
+    help: 'Disable additional security checks, so it is possible to use some advanced features, provided ' +
+          'by drivers supporting this option. Only enable it if all the ' +
+          'clients are in the trusted network and it\'s not the case if a client could potentially ' +
+          'break out of the session sandbox.',
+    nargs: 0
   }]
 ];
 

From 1e47e1b0a97465563cfb08f8026a302e36cc7c47 Mon Sep 17 00:00:00 2001
From: Mykola Mokhnach <nick+1@wire.com>
Date: Thu, 14 Dec 2017 14:22:19 +0100
Subject: [PATCH 2/4] Address review comments

---
 docs/en/writing-running-appium/server-args.md | 2 ++
 lib/appium.js                                 | 7 +++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/docs/en/writing-running-appium/server-args.md b/docs/en/writing-running-appium/server-args.md
index 2fdf40496..58a12be16 100644
--- a/docs/en/writing-running-appium/server-args.md
+++ b/docs/en/writing-running-appium/server-args.md
@@ -92,3 +92,5 @@ All flags are optional, but some are required in conjunction with certain others
 |`--localizable-strings-dir`|en.lproj|[DEPRECATED] - (IOS-only) the relative path of the dir where Localizable.strings file resides |`--localizable-strings-dir en.lproj`|
 |`--show-ios-log`|false|[DEPRECATED] - (IOS-only) if set, the iOS system log will be written to the console||
 |`--enable-heapdump`|false|Enables NodeJS memory dumps collection feature. This feature is extremely useful for finding memory leaks. Use the 'kill -SIGUSR2 &lt;PID&gt;' command to create a dump of memory heap for _node_ process with the particular PID (this works for *nix systems only). The dump file will be created in the same folder, where main Appium script was executed and will have *.heapsnapshot extension. These snapshot can be then loaded to Chrome Inspector for further investigation. Read the [Rising Stack article](https://blog.risingstack.com/finding-a-memory-leak-in-node-js/) for more details.||
+|`--relaxed-security`|false|Disable additional security checks, so it is possible to use some advanced features, provided
+by drivers supporting this option. Only enable it if all the clients are in the trusted network and it is not the case if a client could potentially break out of the session sandbox.||
diff --git a/lib/appium.js b/lib/appium.js
index fbf8d12fa..be35d91b8 100644
--- a/lib/appium.js
+++ b/lib/appium.js
@@ -29,10 +29,8 @@ class AppiumDriver extends BaseDriver {
     this.newCommandTimeoutMs = 0;
 
     this.args = Object.assign({}, args);
-    if (this.args.relaxedSecurityEnabled) {
-      this.relaxedSecurityEnabled = true;
-      delete this.args.relaxedSecurityEnabled;
-    }
+
+    this.relaxedSecurityEnabled = this.args.relaxedSecurityEnabled;
 
     // Access to sessions list must be guarded with a Semaphore, because
     // it might be changed by other async calls at any time
@@ -194,6 +192,7 @@ class AppiumDriver extends BaseDriver {
     let runningDriversData, otherPendingDriversData;
     let d = new InnerDriver(this.args);
     if (this.relaxedSecurityEnabled) {
+      log.info(`Applying relaxed security to ${InnerDriver.name} as it has been enabled via the command line`);
       d.relaxedSecurityEnabled = true;
     }
     try {

From af8fed61863d437191e42a1386c7805b9ff48e75 Mon Sep 17 00:00:00 2001
From: Mykola Mokhnach <nick+1@wire.com>
Date: Thu, 14 Dec 2017 14:24:36 +0100
Subject: [PATCH 3/4] tune logging

---
 lib/appium.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/appium.js b/lib/appium.js
index be35d91b8..40caaef09 100644
--- a/lib/appium.js
+++ b/lib/appium.js
@@ -192,7 +192,7 @@ class AppiumDriver extends BaseDriver {
     let runningDriversData, otherPendingDriversData;
     let d = new InnerDriver(this.args);
     if (this.relaxedSecurityEnabled) {
-      log.info(`Applying relaxed security to ${InnerDriver.name} as it has been enabled via the command line`);
+      log.info(`Applying relaxed security to ${InnerDriver.name} as per server command line argument`);
       d.relaxedSecurityEnabled = true;
     }
     try {

From b8199b8472f3cbbf99c25843c471c5e0a640d91a Mon Sep 17 00:00:00 2001
From: Mykola Mokhnach <nick+1@wire.com>
Date: Thu, 14 Dec 2017 14:26:02 +0100
Subject: [PATCH 4/4] Remove redundant variable

---
 lib/appium.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/appium.js b/lib/appium.js
index 40caaef09..98b72c0c5 100644
--- a/lib/appium.js
+++ b/lib/appium.js
@@ -30,8 +30,6 @@ class AppiumDriver extends BaseDriver {
 
     this.args = Object.assign({}, args);
 
-    this.relaxedSecurityEnabled = this.args.relaxedSecurityEnabled;
-
     // Access to sessions list must be guarded with a Semaphore, because
     // it might be changed by other async calls at any time
     // It is not recommended to access this property directly from the outside
@@ -191,7 +189,7 @@ class AppiumDriver extends BaseDriver {
 
     let runningDriversData, otherPendingDriversData;
     let d = new InnerDriver(this.args);
-    if (this.relaxedSecurityEnabled) {
+    if (this.args.relaxedSecurityEnabled) {
       log.info(`Applying relaxed security to ${InnerDriver.name} as per server command line argument`);
       d.relaxedSecurityEnabled = true;
     }