diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-04-03 12:34:04 +0200 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-04-05 15:14:59 +0000 |
| commit | a5ced3ad19e2ada6a0ed5a48de21d2879ba2f333 (patch) | |
| tree | 38081c0f605fcdfed63482b72c6c8a2a06d6beba | |
| parent | 0aca80b0a29aa64536653a56aa87f626acc47189 (diff) | |
Use cookie-access rights for webcontent settings
This ties the indexed-db, DOM storage and filesystem access to
cookie rights as they can all do the same cookies. A previous
patch did the same for workers, but we were missing this
class to complete the logic.
Change-Id: I5ea894b6c631bcf25439759174866d260b91b71a
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
| -rw-r--r-- | src/core/browser_message_filter_qt.cpp | 103 | ||||
| -rw-r--r-- | src/core/browser_message_filter_qt.h | 45 | ||||
| -rw-r--r-- | src/core/common/qt_messages.h | 50 | ||||
| -rw-r--r-- | src/core/content_browser_client_qt.cpp | 7 | ||||
| -rw-r--r-- | src/core/core_chromium.pri | 2 | ||||
| -rw-r--r-- | src/core/renderer/content_renderer_client_qt.cpp | 3 | ||||
| -rw-r--r-- | src/core/renderer/content_settings_observer_qt.cpp | 209 | ||||
| -rw-r--r-- | src/core/renderer/content_settings_observer_qt.h | 105 | ||||
| -rw-r--r-- | tests/auto/core/qwebenginecookiestore/tst_qwebenginecookiestore.cpp | 26 |
9 files changed, 544 insertions, 6 deletions
diff --git a/src/core/browser_message_filter_qt.cpp b/src/core/browser_message_filter_qt.cpp index 72b38e1bb..330bba3a9 100644 --- a/src/core/browser_message_filter_qt.cpp +++ b/src/core/browser_message_filter_qt.cpp @@ -39,14 +39,20 @@ #include "browser_message_filter_qt.h" +#include "chrome/browser/profiles/profile.h" #include "common/qt_messages.h" #include "content/public/browser/plugin_service.h" +#include "net/url_request/url_request_context.h" +#include "net/url_request/url_request_context_getter.h" #include "type_conversion.h" +#include "net/network_delegate_qt.h" + namespace QtWebEngineCore { -BrowserMessageFilterQt::BrowserMessageFilterQt(int /*render_process_id*/) +BrowserMessageFilterQt::BrowserMessageFilterQt(int /*render_process_id*/, Profile *profile) : BrowserMessageFilter(QtMsgStart) + , m_profile(profile) { } @@ -58,6 +64,13 @@ BrowserMessageFilterQt::BrowserMessageFilterQt(int /*render_process_id*/) bool BrowserMessageFilterQt::OnMessageReceived(const IPC::Message& message) { IPC_BEGIN_MESSAGE_MAP(BrowserMessageFilterQt, message) + IPC_MESSAGE_HANDLER(QtWebEngineHostMsg_AllowDatabase, OnAllowDatabase) + IPC_MESSAGE_HANDLER(QtWebEngineHostMsg_AllowDOMStorage, OnAllowDOMStorage) + IPC_MESSAGE_HANDLER_DELAY_REPLY(QtWebEngineHostMsg_RequestFileSystemAccessSync, + OnRequestFileSystemAccessSync) + IPC_MESSAGE_HANDLER(QtWebEngineHostMsg_RequestFileSystemAccessAsync, + OnRequestFileSystemAccessAsync) + IPC_MESSAGE_HANDLER(QtWebEngineHostMsg_AllowIndexedDB, OnAllowIndexedDB) #if BUILDFLAG(ENABLE_LIBRARY_CDMS) IPC_MESSAGE_HANDLER( QtWebEngineHostMsg_IsInternalPluginAvailableForMimeType, @@ -90,4 +103,92 @@ void BrowserMessageFilterQt::OnIsInternalPluginAvailableForMimeType( #endif // BUILDFLAG(ENABLE_LIBRARY_CDMS) + +void BrowserMessageFilterQt::OnAllowDatabase(int /*render_frame_id*/, + const GURL &origin_url, + const GURL &top_origin_url, + const base::string16 &/*name*/, + const base::string16 &/*display_name*/, + bool* allowed) +{ + NetworkDelegateQt *networkDelegate = static_cast<NetworkDelegateQt *>(m_profile->GetRequestContext()->GetURLRequestContext()->network_delegate()); + *allowed = networkDelegate->canGetCookies(top_origin_url, origin_url); +} + +void BrowserMessageFilterQt::OnAllowDOMStorage(int /*render_frame_id*/, + const GURL &origin_url, + const GURL &top_origin_url, + bool /*local*/, + bool *allowed) +{ + NetworkDelegateQt *networkDelegate = static_cast<NetworkDelegateQt *>(m_profile->GetRequestContext()->GetURLRequestContext()->network_delegate()); + *allowed = networkDelegate->canGetCookies(top_origin_url, origin_url); +} + +void BrowserMessageFilterQt::OnAllowIndexedDB(int /*render_frame_id*/, + const GURL &origin_url, + const GURL &top_origin_url, + const base::string16 &/*name*/, + bool *allowed) +{ + NetworkDelegateQt *networkDelegate = static_cast<NetworkDelegateQt *>(m_profile->GetRequestContext()->GetURLRequestContext()->network_delegate()); + *allowed = networkDelegate->canGetCookies(top_origin_url, origin_url); +} + +void BrowserMessageFilterQt::OnRequestFileSystemAccessSync(int render_frame_id, + const GURL& origin_url, + const GURL& top_origin_url, + IPC::Message* reply_msg) +{ + DCHECK_CURRENTLY_ON(content::BrowserThread::IO); + base::Callback<void(bool)> callback = base::Bind( + &BrowserMessageFilterQt::OnRequestFileSystemAccessSyncResponse, + base::WrapRefCounted(this), reply_msg); + OnRequestFileSystemAccess(render_frame_id, + origin_url, + top_origin_url, + callback); +} + +void BrowserMessageFilterQt::OnRequestFileSystemAccessSyncResponse(IPC::Message *reply_msg, bool allowed) +{ + QtWebEngineHostMsg_RequestFileSystemAccessSync::WriteReplyParams(reply_msg, allowed); + Send(reply_msg); +} + +void BrowserMessageFilterQt::OnRequestFileSystemAccessAsync(int render_frame_id, + int request_id, + const GURL& origin_url, + const GURL& top_origin_url) +{ + DCHECK_CURRENTLY_ON(content::BrowserThread::IO); + base::Callback<void(bool)> callback = base::Bind( + &BrowserMessageFilterQt::OnRequestFileSystemAccessAsyncResponse, + base::WrapRefCounted(this), render_frame_id, request_id); + OnRequestFileSystemAccess(render_frame_id, + origin_url, + top_origin_url, + callback); +} + +void BrowserMessageFilterQt::OnRequestFileSystemAccessAsyncResponse(int render_frame_id, + int request_id, + bool allowed) +{ + Send(new QtWebEngineMsg_RequestFileSystemAccessAsyncResponse(render_frame_id, request_id, allowed)); +} + +void BrowserMessageFilterQt::OnRequestFileSystemAccess(int /*render_frame_id*/, + const GURL &origin_url, + const GURL &top_origin_url, + base::Callback<void(bool)> callback) +{ + DCHECK_CURRENTLY_ON(content::BrowserThread::IO); + + NetworkDelegateQt *networkDelegate = static_cast<NetworkDelegateQt *>(m_profile->GetRequestContext()->GetURLRequestContext()->network_delegate()); + bool allowed = networkDelegate->canGetCookies(top_origin_url, origin_url); + + callback.Run(allowed); +} + } // namespace QtWebEngineCore diff --git a/src/core/browser_message_filter_qt.h b/src/core/browser_message_filter_qt.h index 9ad9a0e6e..c05da7944 100644 --- a/src/core/browser_message_filter_qt.h +++ b/src/core/browser_message_filter_qt.h @@ -40,16 +40,20 @@ #ifndef BROWSER_MESSAGE_FILTER_QT_H #define BROWSER_MESSAGE_FILTER_QT_H +#include "base/callback.h" #include "content/public/browser/browser_message_filter.h" #include "content/public/common/webplugininfo.h" #include "media/media_features.h" +class GURL; +class Profile; + namespace QtWebEngineCore { class BrowserMessageFilterQt : public content::BrowserMessageFilter { public: - BrowserMessageFilterQt(int render_process_id); + BrowserMessageFilterQt(int render_process_id, Profile *profile); private: bool OnMessageReceived(const IPC::Message& message) override; @@ -65,6 +69,45 @@ private: const std::string& mime_type, base::Optional<std::vector<content::WebPluginMimeType::Param>> *opt_additional_params); #endif + + void OnAllowDatabase(int render_frame_id, + const GURL &origin_url, + const GURL &top_origin_url, + const base::string16& name, + const base::string16& display_name, + bool *allowed); + + void OnAllowDOMStorage(int render_frame_id, + const GURL &origin_url, + const GURL &top_origin_url, + bool local, + bool *allowed); + + void OnAllowIndexedDB(int render_frame_id, + const GURL &origin_url, + const GURL &top_origin_url, + const base::string16 &name, + bool *allowed); + + void OnRequestFileSystemAccessSync(int render_frame_id, + const GURL &origin_url, + const GURL &top_origin_url, + IPC::Message *message); + void OnRequestFileSystemAccessAsync(int render_frame_id, + int request_id, + const GURL &origin_url, + const GURL &top_origin_url); + void OnRequestFileSystemAccessSyncResponse(IPC::Message *reply_msg, + bool allowed); + void OnRequestFileSystemAccessAsyncResponse(int render_frame_id, + int request_id, + bool allowed); + void OnRequestFileSystemAccess(int render_frame_id, + const GURL &origin_url, + const GURL &top_origin_url, + base::Callback<void(bool)> callback); + + Profile *m_profile; }; } // namespace QtWebEngineCore diff --git a/src/core/common/qt_messages.h b/src/core/common/qt_messages.h index 411d06bc8..c5caa0fff 100644 --- a/src/core/common/qt_messages.h +++ b/src/core/common/qt_messages.h @@ -54,6 +54,12 @@ IPC_MESSAGE_CONTROL1(UserResourceController_AddScript, UserScriptData /* scriptC IPC_MESSAGE_CONTROL1(UserResourceController_RemoveScript, UserScriptData /* scriptContents */) IPC_MESSAGE_CONTROL0(UserResourceController_ClearScripts) +// Tells the renderer whether or not a file system access has been allowed. +IPC_MESSAGE_ROUTED2(QtWebEngineMsg_RequestFileSystemAccessAsyncResponse, + int /* request_id */, + bool /* allowed */) + + //----------------------------------------------------------------------------- // WebContents messages // These are messages sent from the renderer back to the browser process. @@ -85,3 +91,47 @@ IPC_SYNC_MESSAGE_CONTROL1_1(QtWebEngineHostMsg_IsInternalPluginAvailableForMimeT std::string /* mime_type */, base::Optional<std::vector<content::WebPluginMimeType::Param>>) #endif + +// Sent by the renderer process to check whether access to web databases is +// granted by content settings. +IPC_SYNC_MESSAGE_CONTROL5_1(QtWebEngineHostMsg_AllowDatabase, + int /* render_frame_id */, + GURL /* origin_url */, + GURL /* top origin url */, + base::string16 /* database name */, + base::string16 /* database display name */, + bool /* allowed */) + +// Sent by the renderer process to check whether access to DOM Storage is +// granted by content settings. +IPC_SYNC_MESSAGE_CONTROL4_1(QtWebEngineHostMsg_AllowDOMStorage, + int /* render_frame_id */, + GURL /* origin_url */, + GURL /* top origin url */, + bool /* if true local storage, otherwise session */, + bool /* allowed */) + +// Sent by the renderer process to check whether access to FileSystem is +// granted by content settings. +IPC_SYNC_MESSAGE_CONTROL3_1(QtWebEngineHostMsg_RequestFileSystemAccessSync, + int /* render_frame_id */, + GURL /* origin_url */, + GURL /* top origin url */, + bool /* allowed */) + +// Sent by the renderer process to check whether access to FileSystem is +// granted by content settings. +IPC_MESSAGE_CONTROL4(QtWebEngineHostMsg_RequestFileSystemAccessAsync, + int /* render_frame_id */, + int /* request_id */, + GURL /* origin_url */, + GURL /* top origin url */) + +// Sent by the renderer process to check whether access to Indexed DB is +// granted by content settings. +IPC_SYNC_MESSAGE_CONTROL4_1(QtWebEngineHostMsg_AllowIndexedDB, + int /* render_frame_id */, + GURL /* origin_url */, + GURL /* top origin url */, + base::string16 /* database name */, + bool /* allowed */) diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp index 3e620bd1f..60d7e3fdf 100644 --- a/src/core/content_browser_client_qt.cpp +++ b/src/core/content_browser_client_qt.cpp @@ -390,13 +390,12 @@ content::BrowserMainParts *ContentBrowserClientQt::CreateBrowserMainParts(const void ContentBrowserClientQt::RenderProcessWillLaunch(content::RenderProcessHost* host) { - // FIXME: Add a settings variable to enable/disable the file scheme. const int id = host->GetID(); + Profile *profile = Profile::FromBrowserContext(host->GetBrowserContext()); + // FIXME: Add a settings variable to enable/disable the file scheme. content::ChildProcessSecurityPolicy::GetInstance()->GrantScheme(id, url::kFileScheme); static_cast<BrowserContextQt*>(host->GetBrowserContext())->m_adapter->userResourceController()->renderProcessStartedWithHost(host); -#if BUILDFLAG(ENABLE_LIBRARY_CDMS) - host->AddFilter(new BrowserMessageFilterQt(id)); -#endif + host->AddFilter(new BrowserMessageFilterQt(id, profile)); #if defined(Q_OS_MACOS) && BUILDFLAG(ENABLE_SPELLCHECK) && BUILDFLAG(USE_BROWSER_SPELLCHECKER) host->AddFilter(new SpellCheckMessageFilterPlatform(id)); #endif diff --git a/src/core/core_chromium.pri b/src/core/core_chromium.pri index 84866c6cf..adc0e1fe0 100644 --- a/src/core/core_chromium.pri +++ b/src/core/core_chromium.pri @@ -96,6 +96,7 @@ SOURCES = \ render_view_observer_host_qt.cpp \ render_widget_host_view_qt.cpp \ renderer/content_renderer_client_qt.cpp \ + renderer/content_settings_observer_qt.cpp \ renderer/render_frame_observer_qt.cpp \ renderer/render_view_observer_qt.cpp \ renderer/user_resource_controller.cpp \ @@ -187,6 +188,7 @@ HEADERS = \ render_widget_host_view_qt.h \ render_widget_host_view_qt_delegate.h \ renderer/content_renderer_client_qt.h \ + renderer/content_settings_observer_qt.h \ renderer/render_frame_observer_qt.h \ renderer/render_view_observer_qt.h \ renderer/user_resource_controller.h \ diff --git a/src/core/renderer/content_renderer_client_qt.cpp b/src/core/renderer/content_renderer_client_qt.cpp index 74edc4369..db3ab5745 100644 --- a/src/core/renderer/content_renderer_client_qt.cpp +++ b/src/core/renderer/content_renderer_client_qt.cpp @@ -41,6 +41,7 @@ #include "common/qt_messages.h" #include "printing/features/features.h" +#include "renderer/content_settings_observer_qt.h" #include "base/strings/string_split.h" #if BUILDFLAG(ENABLE_SPELLCHECK) @@ -133,6 +134,8 @@ void ContentRendererClientQt::RenderFrameCreated(content::RenderFrame* render_fr new WebChannelIPCTransport(render_frame); UserResourceController::instance()->renderFrameCreated(render_frame); + new QtWebEngineCore::ContentSettingsObserverQt(render_frame); + #if BUILDFLAG(ENABLE_SPELLCHECK) new SpellCheckProvider(render_frame, m_spellCheck.data(), this); #endif diff --git a/src/core/renderer/content_settings_observer_qt.cpp b/src/core/renderer/content_settings_observer_qt.cpp new file mode 100644 index 000000000..bfd0c96f8 --- /dev/null +++ b/src/core/renderer/content_settings_observer_qt.cpp @@ -0,0 +1,209 @@ +/**************************************************************************** +** +** Copyright (C) 2018 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or (at your option) the GNU General +** Public license version 3 or any later version approved by the KDE Free +** Qt Foundation. The licenses are as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-2.0.html and +** https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +// Based on chrome/renderer/content_settings_observer.cc: +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "content_settings_observer_qt.h" + +#include "content/public/renderer/render_frame.h" +#include "third_party/WebKit/public/platform/WebContentSettingCallbacks.h" +#include "third_party/WebKit/public/platform/WebSecurityOrigin.h" +#include "third_party/WebKit/public/web/WebDocument.h" +#include "third_party/WebKit/public/web/WebLocalFrame.h" +#include "url/origin.h" + +#include "common/qt_messages.h" + +using blink::WebContentSettingCallbacks; +using blink::WebSecurityOrigin; +using blink::WebString; + +namespace { + +bool IsUniqueFrame(blink::WebFrame *frame) +{ + return frame->GetSecurityOrigin().IsUnique() || + frame->Top()->GetSecurityOrigin().IsUnique(); +} + +} // namespace + +namespace QtWebEngineCore { + +ContentSettingsObserverQt::ContentSettingsObserverQt(content::RenderFrame *render_frame) + : content::RenderFrameObserver(render_frame) + , content::RenderFrameObserverTracker<ContentSettingsObserverQt>(render_frame) + , m_currentRequestId(0) +{ + ClearBlockedContentSettings(); + render_frame->GetWebFrame()->SetContentSettingsClient(this); +} + +ContentSettingsObserverQt::~ContentSettingsObserverQt() { +} + +bool ContentSettingsObserverQt::OnMessageReceived(const IPC::Message& message) +{ + bool handled = true; + IPC_BEGIN_MESSAGE_MAP(ContentSettingsObserverQt, message) + IPC_MESSAGE_HANDLER(QtWebEngineMsg_RequestFileSystemAccessAsyncResponse, + OnRequestFileSystemAccessAsyncResponse) + IPC_MESSAGE_UNHANDLED(handled = false) + IPC_END_MESSAGE_MAP() + + return handled; +} + +void ContentSettingsObserverQt::DidCommitProvisionalLoad(bool /*is_new_navigation*/, + bool is_same_document_navigation) +{ + blink::WebLocalFrame* frame = render_frame()->GetWebFrame(); + if (frame->Parent()) + return; // Not a top-level navigation. + + if (!is_same_document_navigation) + ClearBlockedContentSettings(); + + GURL url = frame->GetDocument().Url(); + // If we start failing this DCHECK, please makes sure we don't regress + // this bug: http://code.google.com/p/chromium/issues/detail?id=79304 + DCHECK(frame->GetDocument().GetSecurityOrigin().ToString() == "null" || + !url.SchemeIs(url::kDataScheme)); +} + +void ContentSettingsObserverQt::OnDestruct() +{ + delete this; +} + +bool ContentSettingsObserverQt::AllowDatabase(const WebString &name, + const WebString &display_name, + unsigned /*estimated_size*/) +{ + blink::WebFrame *frame = render_frame()->GetWebFrame(); + if (IsUniqueFrame(frame)) + return false; + + bool result = false; + Send(new QtWebEngineHostMsg_AllowDatabase( + routing_id(), url::Origin(frame->GetSecurityOrigin()).GetURL(), + url::Origin(frame->Top()->GetSecurityOrigin()).GetURL(), name.Utf16(), + display_name.Utf16(), &result)); + return result; +} + +void ContentSettingsObserverQt::RequestFileSystemAccessAsync(const WebContentSettingCallbacks &callbacks) +{ + blink::WebFrame *frame = render_frame()->GetWebFrame(); + if (IsUniqueFrame(frame)) { + WebContentSettingCallbacks permissionCallbacks(callbacks); + permissionCallbacks.DoDeny(); + return; + } + ++m_currentRequestId; + bool inserted = m_permissionRequests.insert(std::make_pair(m_currentRequestId, callbacks)).second; + + // Verify there are no duplicate insertions. + DCHECK(inserted); + + Send(new QtWebEngineHostMsg_RequestFileSystemAccessAsync( + routing_id(), m_currentRequestId, + url::Origin(frame->GetSecurityOrigin()).GetURL(), + url::Origin(frame->Top()->GetSecurityOrigin()).GetURL())); +} + +bool ContentSettingsObserverQt::AllowIndexedDB(const WebString &name, + const WebSecurityOrigin &/*origin*/) +{ + blink::WebFrame *frame = render_frame()->GetWebFrame(); + if (IsUniqueFrame(frame)) + return false; + + bool result = false; + Send(new QtWebEngineHostMsg_AllowIndexedDB( + routing_id(), url::Origin(frame->GetSecurityOrigin()).GetURL(), + url::Origin(frame->Top()->GetSecurityOrigin()).GetURL(), name.Utf16(), + &result)); + return result; +} + +bool ContentSettingsObserverQt::AllowStorage(bool local) +{ + blink::WebLocalFrame *frame = render_frame()->GetWebFrame(); + if (IsUniqueFrame(frame)) + return false; + + StoragePermissionsKey key(url::Origin(frame->GetDocument().GetSecurityOrigin()).GetURL(), local); + const auto permissions = m_cachedStoragePermissions.find(key); + if (permissions != m_cachedStoragePermissions.end()) + return permissions->second; + + bool result = false; + Send(new QtWebEngineHostMsg_AllowDOMStorage( + routing_id(), url::Origin(frame->GetSecurityOrigin()).GetURL(), + url::Origin(frame->Top()->GetSecurityOrigin()).GetURL(), local, &result)); + m_cachedStoragePermissions[key] = result; + return result; +} + +void ContentSettingsObserverQt::OnRequestFileSystemAccessAsyncResponse(int request_id, bool allowed) +{ + auto it = m_permissionRequests.find(request_id); + if (it == m_permissionRequests.end()) + return; + + WebContentSettingCallbacks callbacks = it->second; + m_permissionRequests.erase(it); + + if (allowed) { + callbacks.DoAllow(); + return; + } + callbacks.DoDeny(); +} + +void ContentSettingsObserverQt::ClearBlockedContentSettings() +{ + m_cachedStoragePermissions.clear(); +} + +} // namespace QtWebEngineCore diff --git a/src/core/renderer/content_settings_observer_qt.h b/src/core/renderer/content_settings_observer_qt.h new file mode 100644 index 000000000..07dcbe350 --- /dev/null +++ b/src/core/renderer/content_settings_observer_qt.h @@ -0,0 +1,105 @@ +/**************************************************************************** +** +** Copyright (C) 2018 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or (at your option) the GNU General +** Public license version 3 or any later version approved by the KDE Free +** Qt Foundation. The licenses are as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-2.0.html and +** https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CONTENT_SETTINGS_OBSERVER_QT_H +#define CONTENT_SETTINGS_OBSERVER_QT_H + +#include "base/containers/flat_map.h" +#include "content/public/renderer/render_frame_observer.h" +#include "content/public/renderer/render_frame_observer_tracker.h" +#include "third_party/WebKit/public/platform/WebContentSettingsClient.h" +#include "url/gurl.h" + +namespace blink { +class WebContentSettingCallbacks; +class WebSecurityOrigin; +} + +namespace QtWebEngineCore { + +// Handles blocking content per content settings for each RenderFrame. +class ContentSettingsObserverQt + : public content::RenderFrameObserver + , public content::RenderFrameObserverTracker<ContentSettingsObserverQt> + , public blink::WebContentSettingsClient +{ +public: + ContentSettingsObserverQt(content::RenderFrame *render_frame); + ~ContentSettingsObserverQt() override; + + // blink::WebContentSettingsClient: + bool AllowDatabase(const blink::WebString &name, + const blink::WebString &display_name, + unsigned estimated_size) override; + void RequestFileSystemAccessAsync(const blink::WebContentSettingCallbacks &callbacks) override; + bool AllowIndexedDB(const blink::WebString &name, + const blink::WebSecurityOrigin &origin) override; + bool AllowStorage(bool local) override; + +private: + + // RenderFrameObserver implementation: + bool OnMessageReceived(const IPC::Message &message) override; + void DidCommitProvisionalLoad(bool is_new_navigation, + bool is_same_document_navigation) override; + void OnDestruct() override; + + // Message handlers. + void OnRequestFileSystemAccessAsyncResponse(int request_id, bool allowed); + + // Clears m_cachedStoragePermissions + void ClearBlockedContentSettings(); + + // Caches the result of AllowStorage. + using StoragePermissionsKey = std::pair<GURL, bool>; + base::flat_map<StoragePermissionsKey, bool> m_cachedStoragePermissions; + + int m_currentRequestId; + base::flat_map<int, blink::WebContentSettingCallbacks> m_permissionRequests; + + DISALLOW_COPY_AND_ASSIGN(ContentSettingsObserverQt); +}; + +} // namespace QtWebEngineCore + +#endif // RENDERER_CONTENT_SETTINGS_OBSERVER_QT_H diff --git a/tests/auto/core/qwebenginecookiestore/tst_qwebenginecookiestore.cpp b/tests/auto/core/qwebenginecookiestore/tst_qwebenginecookiestore.cpp index 4350575ab..b24c05a37 100644 --- a/tests/auto/core/qwebenginecookiestore/tst_qwebenginecookiestore.cpp +++ b/tests/auto/core/qwebenginecookiestore/tst_qwebenginecookiestore.cpp @@ -52,6 +52,7 @@ private Q_SLOTS: void setAndDeleteCookie(); void batchCookieTasks(); void basicFilter(); + void html5featureFilter(); private: QWebEngineProfile m_profile; @@ -219,5 +220,30 @@ void tst_QWebEngineCookieStore::basicFilter() QCOMPARE(cookieAddedSpy.count(), 2); } +void tst_QWebEngineCookieStore::html5featureFilter() +{ + QWebEnginePage page(&m_profile); + QWebEngineCookieStore *client = m_profile.cookieStore(); + + QAtomicInt accessTested = 0; + client->setCookieFilter([&](const QWebEngineCookieStore::FilterRequest &){ ++accessTested; return false;}); + + QSignalSpy loadSpy(&page, SIGNAL(loadFinished(bool))); + + page.load(QUrl("qrc:///resources/content.html")); + + QTRY_COMPARE(loadSpy.count(), 1); + QVERIFY(loadSpy.takeFirst().takeFirst().toBool()); + QCOMPARE(accessTested.loadAcquire(), 0); + QTest::ignoreMessage(QtCriticalMsg, QRegularExpression(".*Uncaught SecurityError.*sessionStorage.*")); + page.runJavaScript("sessionStorage.test = 5;"); + QTRY_COMPARE(accessTested.loadAcquire(), 1); + + QTest::ignoreMessage(QtCriticalMsg, QRegularExpression(".*Uncaught SecurityError.*sessionStorage.*")); + QAtomicInt callbackTriggered = 0; + page.runJavaScript("sessionStorage.test", [&](const QVariant &v) { QVERIFY(!v.isValid()); callbackTriggered = 1; }); + QTRY_VERIFY(callbackTriggered); +} + QTEST_MAIN(tst_QWebEngineCookieStore) #include "tst_qwebenginecookiestore.moc" |