diff options
| author | Jüri Valdmann <juri.valdmann@qt.io> | 2018-07-19 10:54:33 +0200 |
|---|---|---|
| committer | Jüri Valdmann <juri.valdmann@qt.io> | 2018-07-20 09:39:51 +0000 |
| commit | 8f914155c4d32fd8befa01c6cc09957d082ca7fe (patch) | |
| tree | 15b9d5cb0ba53e9ecceefd73c5dc7833b62167e0 /tests | |
| parent | 2d3afea3c0a1d56b62fbd28d0a49a64c06857eb1 (diff) | |
QWebEngineUrlRequestJob: QUrl("null") for unique initiator origins
The empty URL is used both for representing a missing origin (browser-initiated
navigation request) and a unique/opaque origin. This is problematic since the
security implications are very different in these two cases: browser-initiated
requests usually should have high security clearance, while requests from unique
origins should be restricted.
Task-number: QTBUG-69372
Change-Id: Iff73fd1c9a29f1c5c281a8945536333081ff2d6b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp index 123cb7b32..3415b06c5 100644 --- a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp +++ b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp @@ -56,6 +56,7 @@ private Q_SLOTS: void httpAcceptLanguage(); void downloadItem(); void changePersistentPath(); + void initiator(); }; void tst_QWebEngineProfile::init() @@ -534,5 +535,44 @@ void tst_QWebEngineProfile::changePersistentPath() QVERIFY(newPath.endsWith(QStringLiteral("Test2"))); } +class InitiatorSpy : public QWebEngineUrlSchemeHandler +{ +public: + QUrl initiator; + void requestStarted(QWebEngineUrlRequestJob *job) override + { + initiator = job->initiator(); + job->fail(QWebEngineUrlRequestJob::RequestDenied); + } +}; + +void tst_QWebEngineProfile::initiator() +{ + InitiatorSpy handler; + QWebEngineProfile profile; + profile.installUrlSchemeHandler("foo", &handler); + QWebEnginePage page(&profile); + QSignalSpy loadFinishedSpy(&page, SIGNAL(loadFinished(bool))); + + // about:blank has a unique origin, so initiator should be QUrl("null") + evaluateJavaScriptSync(&page, "window.location = 'foo:bar'"); + QVERIFY(loadFinishedSpy.wait()); + QCOMPARE(handler.initiator, QUrl("null")); + + page.setHtml("", QUrl("http://test:123/foo%20bar")); + QVERIFY(loadFinishedSpy.wait()); + + // baseUrl determines the origin, so QUrl("http://test:123") + evaluateJavaScriptSync(&page, "window.location = 'foo:bar'"); + QVERIFY(loadFinishedSpy.wait()); + QCOMPARE(handler.initiator, QUrl("http://test:123")); + + // Directly calling load/setUrl should have initiator QUrl(), meaning + // browser-initiated, trusted. + page.load(QUrl("foo:bar")); + QVERIFY(loadFinishedSpy.wait()); + QCOMPARE(handler.initiator, QUrl()); +} + QTEST_MAIN(tst_QWebEngineProfile) #include "tst_qwebengineprofile.moc" |