diff options
author | Yigit Akcay <yigit.akcay@qt.io> | 2023-03-14 17:31:11 +0100 |
---|---|---|
committer | Yigit Akcay <yigit.akcay@qt.io> | 2023-04-28 00:52:19 +0200 |
commit | 6b3e7f2baa17a5bff7051949f743f2ec6926ec06 (patch) | |
tree | 2780164be712708f0018ff61306c872c2c033048 /src/core/net | |
parent | a2d0bb9ef69bb5d677d177d91dd9ad414b915436 (diff) |
Allow configuration of DNS-over-HTTPS
Implement QWebEngineGlobalSettings, a singleton class that contains
global web engine settings (currently only for DoH).
Allow the user to configure the stub host resolver to enable
DNS-over-HTTPS.
Fixes: QTBUG-98284
Change-Id: I1b06737c84e1b8d613aa257f4a891f82cac21013
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'src/core/net')
-rw-r--r-- | src/core/net/system_network_context_manager.cpp | 36 | ||||
-rw-r--r-- | src/core/net/system_network_context_manager.h | 4 |
2 files changed, 31 insertions, 9 deletions
diff --git a/src/core/net/system_network_context_manager.cpp b/src/core/net/system_network_context_manager.cpp index 83e122aab..8df65b7a5 100644 --- a/src/core/net/system_network_context_manager.cpp +++ b/src/core/net/system_network_context_manager.cpp @@ -29,6 +29,8 @@ #include "services/network/public/mojom/cert_verifier_service.mojom.h" #include "services/network/public/mojom/network_context.mojom.h" #include "services/proxy_resolver/public/mojom/proxy_resolver.mojom.h" +#include "api/qwebengineglobalsettings.h" +#include "api/qwebengineglobalsettings_p.h" #if BUILDFLAG(IS_WIN) #include "chrome/browser/net/chrome_mojo_proxy_resolver_win.h" @@ -38,9 +40,6 @@ namespace { -// The global instance of the SystemNetworkContextmanager. -SystemNetworkContextManager *g_system_network_context_manager = nullptr; - network::mojom::HttpAuthStaticParamsPtr CreateHttpAuthStaticParams() { network::mojom::HttpAuthStaticParamsPtr auth_static_params = @@ -65,6 +64,11 @@ network::mojom::HttpAuthDynamicParamsPtr CreateHttpAuthDynamicParams() } // namespace +namespace QtWebEngineCore { + +// The global instance of the SystemNetworkContextmanager. +SystemNetworkContextManager *g_system_network_context_manager = nullptr; + // SharedURLLoaderFactory backed by a SystemNetworkContextManager and its // network context. Transparently handles crashes. class SystemNetworkContextManager::URLLoaderFactoryForSystem : public network::SharedURLLoaderFactory @@ -255,12 +259,24 @@ void SystemNetworkContextManager::OnNetworkServiceCreated(network::mojom::Networ network_service->SetExplicitlyAllowedPorts(explicitly_allowed_network_ports); } - // Configure the stub resolver. This must be done after the system - // NetworkContext is created, but before anything has the chance to use it. - // bool stub_resolver_enabled; - // absl::optional<std::vector<network::mojom::DnsOverHttpsServerPtr>> dns_over_https_servers; - // GetStubResolverConfig(local_state_, &stub_resolver_enabled, &dns_over_https_servers); - // content::GetNetworkService()->ConfigureStubHostResolver(stub_resolver_enabled, std::move(dns_over_https_servers)); + + // The network service is a singleton that can be reinstantiated for different reasons, + // e.g., when the network service crashes. Therefore, we configure the stub host + // resolver of the network service here, each time it is instantiated, with our global + // DNS-Over-HTTPS settings. This ensures that the global settings don't get lost + // on reinstantiation and are in effect upon initial instantiation. + QWebEngineGlobalSettings *const globalSettings = QWebEngineGlobalSettings::GetInstance(); + if (globalSettings->d_ptr->isDnsOverHttpsUserConfigured) { + const bool insecureDnsClientEnabled = globalSettings->d_ptr->insecureDnsClientEnabled; + const bool additionalInsecureDnsTypesEnabled = + globalSettings->d_ptr->additionalInsecureDnsTypesEnabled; + const net::SecureDnsMode dnsMode = net::SecureDnsMode(globalSettings->d_ptr->dnsMode); + const absl::optional<net::DnsOverHttpsConfig> dnsOverHttpsTemplates = + net::DnsOverHttpsConfig::FromString(globalSettings->d_ptr->dnsOverHttpsTemplates); + content::GetNetworkService()->ConfigureStubHostResolver(insecureDnsClientEnabled, dnsMode, + *dnsOverHttpsTemplates, + additionalInsecureDnsTypesEnabled); + } } void SystemNetworkContextManager::AddSSLConfigToNetworkContextParams(network::mojom::NetworkContextParams *network_context_params) @@ -320,3 +336,5 @@ network::mojom::NetworkContextParamsPtr SystemNetworkContextManager::CreateNetwo content::GetCertVerifierParams(std::move(cert_verifier_creation_params)); return network_context_params; } + +} // namespace QtWebEngineCore diff --git a/src/core/net/system_network_context_manager.h b/src/core/net/system_network_context_manager.h index fa761cb44..d56bdab78 100644 --- a/src/core/net/system_network_context_manager.h +++ b/src/core/net/system_network_context_manager.h @@ -28,6 +28,8 @@ class URLLoaderFactory; class SharedURLLoaderFactory; } // namespace network +namespace QtWebEngineCore { + // Responsible for creating and managing access to the system NetworkContext. // Lives on the UI thread. The NetworkContext this owns is intended for requests // not associated with a profile. It stores no data on disk, and has no HTTP @@ -114,4 +116,6 @@ private: ProxyConfigMonitor proxy_config_monitor_; }; +} // namespace QtWebEngineCore + #endif // SYSTEM_NETWORK_CONTEXT_MANAGER_H_ |