Expose allow-running-insecure-contents as a setting

AllowRunningInsecureContent was added as a setting in core to enable
parsing a chromium command-line argument. This patch forwards the
setting to our API layers.

[ChangeLog][Settings] Added setting to allow secure content to run
insecure content.

Task-number: QTBUG-54902
Change-Id: I4e005be1a29905ccf931fabe9ccb308b7d947c62
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

5 files changed, 37 insertions, 1 deletions

diff --git a/src/webengine/api/qquickwebenginesettings.cpp b/src/webengine/api/qquickwebenginesettings.cpp
index 7aa4d2a96..ba6563e47 100644
--- a/src/webengine/api/qquickwebenginesettings.cpp
+++ b/src/webengine/api/qquickwebenginesettings.cpp
@@ -331,6 +331,21 @@ bool QQuickWebEngineSettings::printElementBackgrounds() const
 }
 
 /*!
+  \qmlproperty bool WebEngineSettings::allowRunningInsecureContent
+  \since QtWebEngine 1.4
+
+  By default, HTTPS pages cannot run JavaScript, CSS, plugins or
+  web-sockets from HTTP URLs. This used to be possible and this
+  provides an override to get the old behavior.
+
+  Disabled by default.
+*/
+bool QQuickWebEngineSettings::allowRunningInsecureContent() const
+{
+    return d_ptr->testAttribute(WebEngineSettings::AllowRunningInsecureContent);
+}
+
+/*!
     \qmlproperty QString WebEngineSettings::defaultTextEncoding
     \since QtWebEngine 1.2
 
@@ -515,6 +530,15 @@ void QQuickWebEngineSettings::setFocusOnNavigationEnabled(bool on)
         Q_EMIT focusOnNavigationEnabledChanged();
 }
 
+
+void QQuickWebEngineSettings::setAllowRunningInsecureContent(bool on)
+{
+    bool wasOn = d_ptr->testAttribute(WebEngineSettings::AllowRunningInsecureContent);
+    d_ptr->setAttribute(WebEngineSettings::AllowRunningInsecureContent, on);
+    if (wasOn != on)
+        Q_EMIT allowRunningInsecureContentChanged();
+}
+
 void QQuickWebEngineSettings::setParentSettings(QQuickWebEngineSettings *parentSettings)
 {
     d_ptr->setParentSettings(parentSettings->d_ptr.data());
diff --git a/src/webengine/api/qquickwebenginesettings_p.h b/src/webengine/api/qquickwebenginesettings_p.h
index 917b9e443..a53c7cdb3 100644
--- a/src/webengine/api/qquickwebenginesettings_p.h
+++ b/src/webengine/api/qquickwebenginesettings_p.h
@@ -84,6 +84,7 @@ class Q_WEBENGINE_PRIVATE_EXPORT QQuickWebEngineSettings : public QObject {
     Q_PROPERTY(bool touchIconsEnabled READ touchIconsEnabled WRITE setTouchIconsEnabled NOTIFY touchIconsEnabledChanged REVISION 2)
     Q_PROPERTY(bool focusOnNavigationEnabled READ focusOnNavigationEnabled WRITE setFocusOnNavigationEnabled NOTIFY focusOnNavigationEnabledChanged REVISION 3)
     Q_PROPERTY(bool printElementBackgrounds READ printElementBackgrounds WRITE setPrintElementBackgrounds NOTIFY printElementBackgroundsChanged REVISION 3)
+    Q_PROPERTY(bool allowRunningInsecureContent READ allowRunningInsecureContent WRITE setAllowRunningInsecureContent NOTIFY allowRunningInsecureContentChanged REVISION 3)
 
 public:
     ~QQuickWebEngineSettings();
@@ -109,6 +110,7 @@ public:
     bool touchIconsEnabled() const;
     bool focusOnNavigationEnabled() const;
     bool printElementBackgrounds() const;
+    bool allowRunningInsecureContent() const;
 
     void setAutoLoadImages(bool on);
     void setJavascriptEnabled(bool on);
@@ -131,6 +133,7 @@ public:
     void setTouchIconsEnabled(bool on);
     void setFocusOnNavigationEnabled(bool on);
     void setPrintElementBackgrounds(bool on);
+    void setAllowRunningInsecureContent(bool on);
 
 signals:
     void autoLoadImagesChanged();
@@ -154,6 +157,7 @@ signals:
     Q_REVISION(2) void touchIconsEnabledChanged();
     Q_REVISION(3) void focusOnNavigationEnabledChanged();
     Q_REVISION(3) void printElementBackgroundsChanged();
+    Q_REVISION(3) void allowRunningInsecureContentChanged();
 
 private:
     explicit QQuickWebEngineSettings(QQuickWebEngineSettings *parentSettings = 0);
diff --git a/src/webenginewidgets/api/qwebenginesettings.cpp b/src/webenginewidgets/api/qwebenginesettings.cpp
index f14aa9352..50002e3e6 100644
--- a/src/webenginewidgets/api/qwebenginesettings.cpp
+++ b/src/webenginewidgets/api/qwebenginesettings.cpp
@@ -93,6 +93,8 @@ static WebEngineSettings::Attribute toWebEngineAttribute(QWebEngineSettings::Web
         return WebEngineSettings::FocusOnNavigationEnabled;
     case QWebEngineSettings::PrintElementBackgrounds:
         return WebEngineSettings::PrintElementBackgrounds;
+    case QWebEngineSettings::AllowRunningInsecureContent:
+        return WebEngineSettings::AllowRunningInsecureContent;
 
     default:
         return WebEngineSettings::UnsupportedInCoreSettings;
diff --git a/src/webenginewidgets/api/qwebenginesettings.h b/src/webenginewidgets/api/qwebenginesettings.h
index 23a1d5c99..e3fb83ff5 100644
--- a/src/webenginewidgets/api/qwebenginesettings.h
+++ b/src/webenginewidgets/api/qwebenginesettings.h
@@ -87,7 +87,8 @@ public:
         AutoLoadIconsForPage,
         TouchIconsEnabled,
         FocusOnNavigationEnabled,
-        PrintElementBackgrounds
+        PrintElementBackgrounds,
+        AllowRunningInsecureContent
     };
 
     enum FontSize {
diff --git a/src/webenginewidgets/doc/src/qwebenginesettings_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginesettings_lgpl.qdoc
index 955f6d80b..69bac36c8 100644
--- a/src/webenginewidgets/doc/src/qwebenginesettings_lgpl.qdoc
+++ b/src/webenginewidgets/doc/src/qwebenginesettings_lgpl.qdoc
@@ -155,6 +155,11 @@
     \value  PrintElementBackgrounds
             Turns on printing of CSS backgrounds when printing a web page.
             Enabled by default. (Added in Qt 5.8)
+    \value  AllowRunningInsecureContent
+            By default, HTTPS pages cannot run JavaScript, CSS, plugins or
+            web-sockets from HTTP URLs. This provides an override to get
+            the old insecure behavior.
+            Disabled by default. (Added in Qt 5.8)
 */
 
 /*!