diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2020-09-07 10:59:23 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2020-09-07 10:59:23 +0200 |
commit | 627a1ecaa684eea10ae9844563e54ff09389cb93 (patch) | |
tree | f097ad09b69fdd5cc8d3fa38b1cedac08812cfd6 | |
parent | 9bd422add06df6d384eff4e4480ccda2fd27d60a (diff) | |
parent | 9e4d1eb45d5c6299e79ac3f28282fd76f949980e (diff) |
Merge remote-tracking branch 'origin/5.15.1' into 5.15
Change-Id: Ieb546ccd35db06e8ad6358b11e3139a839c9b4cf
-rw-r--r-- | coin/qt-installer-package-config.json | 1 | ||||
-rw-r--r-- | dist/changes-5.15.1 | 6 | ||||
m--------- | src/3rdparty | 0 | ||||
-rw-r--r-- | src/buildtools/config/linking.pri | 9 | ||||
-rw-r--r-- | src/core/net/proxying_url_loader_factory_qt.cpp | 2 | ||||
-rw-r--r-- | tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp | 37 |
6 files changed, 40 insertions, 15 deletions
diff --git a/coin/qt-installer-package-config.json b/coin/qt-installer-package-config.json index f9584a100..8507c9ec9 100644 --- a/coin/qt-installer-package-config.json +++ b/coin/qt-installer-package-config.json @@ -8,6 +8,7 @@ "**/lib/cmake/Qt5PdfWidgets/*", "**/lib/pkgconfig/Qt5Pdf*", "**/lib/libQt5Pdf*", + "**/lib/static_chrome/*", "**/mkspecs/modules/qt_lib_pdf*", "**/plugins/imageformats/*", "**/qml/QtQuick/**/*" diff --git a/dist/changes-5.15.1 b/dist/changes-5.15.1 index eebe5957e..263f04ec3 100644 --- a/dist/changes-5.15.1 +++ b/dist/changes-5.15.1 @@ -66,7 +66,7 @@ General Chromium -------- - - Security fixes from Chromium up to version 84.0.4147.125, including: + - Security fixes from Chrome up to version 85.0.4183.83, including: * CVE-2020-6467 * CVE-2020-6468 @@ -114,6 +114,7 @@ Chromium * CVE-2020-6550: Use after free in IndexedDB * CVE-2020-6551: Use after free in WebXR * CVE-2020-6555: Out of bounds read in WebGL + * CVE-2020-6559: Use after free in presentation API * Security bug 1025302 * Security bug 1029569 * Security Bug 1048619 @@ -131,4 +132,7 @@ Chromium * Security bug 1087158 * Security bug 1087629 * Security bug 1090543 + * Security bug 1098860 + * Security bug 1102137 * Security bug 1102408 + * Security bug 1108639 diff --git a/src/3rdparty b/src/3rdparty -Subproject 4e0b66a6f2d6901b4c738c8bcfb9d89d74def60 +Subproject 62bc475876cbae17e2e39175fe321780512e595 diff --git a/src/buildtools/config/linking.pri b/src/buildtools/config/linking.pri index e4f40ba71..e76f6ef10 100644 --- a/src/buildtools/config/linking.pri +++ b/src/buildtools/config/linking.pri @@ -25,28 +25,31 @@ for(archive, NINJA_ARCHIVES): RSP_A_CONTENT += $$archive write_file($$RSP_ARCHIVE_FILE, RSP_A_CONTENT) if(macos|ios) { - QMAKE_LFLAGS += -Wl,-filelist,$$shell_quote($${RSP_OBJECT_FILE}) !static { + QMAKE_LFLAGS += -Wl,-filelist,$$shell_quote($${RSP_OBJECT_FILE}) QMAKE_LFLAGS += @$${RSP_ARCHIVE_FILE} } else { + OBJECTS += $$NINJA_OBJECTS LIBS_PRIVATE += $${NINJA_ARCHIVES} } } linux { - QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} !static { + QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} QMAKE_LFLAGS += -Wl,--start-group @$${RSP_ARCHIVE_FILE} -Wl,--end-group } else { + OBJECTS += $$NINJA_OBJECTS LIBS_PRIVATE += -Wl,--start-group @$${NINJA_ARCHIVES} -Wl,--end-group } } win32 { - QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} !static { + QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} QMAKE_LFLAGS += @$${RSP_ARCHIVE_FILE} } else { + OBJECTS += $$NINJA_OBJECTS LIBS_PRIVATE += $${NINJA_ARCHIVES} } } diff --git a/src/core/net/proxying_url_loader_factory_qt.cpp b/src/core/net/proxying_url_loader_factory_qt.cpp index b42aa64bb..8e084a40b 100644 --- a/src/core/net/proxying_url_loader_factory_qt.cpp +++ b/src/core/net/proxying_url_loader_factory_qt.cpp @@ -258,7 +258,7 @@ void InterceptedRequest::InterceptOnIOThread(base::WaitableEvent *event) void InterceptedRequest::InterceptOnUIThread() { DCHECK_CURRENTLY_ON(content::BrowserThread::UI); - if (profile_request_interceptor_) + if (profile_request_interceptor_ && !profile_request_interceptor_->property("deprecated").toBool()) profile_request_interceptor_->interceptRequest(request_info_); if (!request_info_.changed() && page_request_interceptor_) diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp index e3b7af18c..d22c897da 100644 --- a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp +++ b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp @@ -118,29 +118,42 @@ struct RequestInfo { static const QByteArray kHttpHeaderReferrerValue = QByteArrayLiteral("http://somereferrer.com/"); static const QByteArray kHttpHeaderRefererName = QByteArrayLiteral("referer"); +static const QUrl kRedirectUrl = QUrl("qrc:///resources/content.html"); class TestRequestInterceptor : public QWebEngineUrlRequestInterceptor { public: QList<RequestInfo> requestInfos; - bool shouldIntercept; + bool shouldRedirect = false; QMap<QUrl, QSet<QUrl>> requestInitiatorUrls; + QMap<QByteArray, QByteArray> headers; void interceptRequest(QWebEngineUrlRequestInfo &info) override { QCOMPARE(QThread::currentThread() == QCoreApplication::instance()->thread(), !property("deprecated").toBool()); + // Since 63 we also intercept some unrelated blob requests.. if (info.requestUrl().scheme() == QLatin1String("blob")) return; - info.block(info.requestMethod() != QByteArrayLiteral("GET")); - if (shouldIntercept && info.requestUrl().toString().endsWith(QLatin1String("__placeholder__"))) - info.redirect(QUrl("qrc:///resources/content.html")); - // Set referrer header - info.setHttpHeader(kHttpHeaderRefererName, kHttpHeaderReferrerValue); + bool block = info.requestMethod() != QByteArrayLiteral("GET"); + bool redirect = shouldRedirect && info.requestUrl() != kRedirectUrl; + + if (block) { + info.block(true); + } else if (redirect) { + info.redirect(kRedirectUrl); + } else { + // set additional headers if any required by test + for (auto it = headers.begin(); it != headers.end(); ++it) info.setHttpHeader(it.key(), it.value()); + } requestInitiatorUrls[info.requestUrl()].insert(info.initiator()); requestInfos.append(info); + + // MEMO avoid unintentionally changing request when it is not needed for test logic + // since api behavior depends on 'changed' state of the info object + Q_ASSERT(info.changed() == (block || redirect || !headers.empty())); } bool shouldSkipRequest(const RequestInfo &requestInfo) @@ -182,8 +195,8 @@ public: return false; } - TestRequestInterceptor(bool intercept) - : shouldIntercept(intercept) + TestRequestInterceptor(bool redirect) + : shouldRedirect(redirect) { } }; @@ -219,7 +232,7 @@ void tst_QWebEngineUrlRequestInterceptor::interceptRequest() QFETCH(InterceptorSetter, setter); QWebEngineProfile profile; profile.settings()->setAttribute(QWebEngineSettings::ErrorPageEnabled, false); - TestRequestInterceptor interceptor(/* intercept */ true); + TestRequestInterceptor interceptor(/* intercept */ false); (profile.*setter)(&interceptor); QWebEnginePage page(&profile); QSignalSpy loadSpy(&page, SIGNAL(loadFinished(bool))); @@ -239,6 +252,7 @@ void tst_QWebEngineUrlRequestInterceptor::interceptRequest() QVERIFY(!success.toBool()); loadSpy.clear(); + interceptor.shouldRedirect = true; page.load(QUrl("qrc:///resources/__placeholder__")); QTRY_COMPARE(loadSpy.count(), 1); success = loadSpy.takeFirst().takeFirst(); @@ -339,6 +353,8 @@ void tst_QWebEngineUrlRequestInterceptor::requestedUrl() QCOMPARE(page.requestedUrl(), QUrl("qrc:///resources/__placeholder__")); QCOMPARE(page.url(), QUrl("qrc:///resources/content.html")); + interceptor.shouldRedirect = false; + page.setUrl(QUrl("qrc:/non-existent.html")); QTRY_COMPARE(spy.count(), 2); QVERIFY(interceptor.requestInfos.count() >= 3); @@ -634,7 +650,8 @@ void tst_QWebEngineUrlRequestInterceptor::passRefererHeader() }); QWebEngineProfile profile; - TestRequestInterceptor interceptor(true); + TestRequestInterceptor interceptor(false); + interceptor.headers.insert(kHttpHeaderRefererName, kHttpHeaderReferrerValue); (profile.*setter)(&interceptor); QWebEnginePage page(&profile); |