Add QWebEngineUrlScheme::CorsEnabled flag

Add support for enabling CORS for custom schemes. Headers for CORS are generated
automatically by UrlRequestCustomJob for all CorsEnabled schemes.

[ChangeLog][Custom Schemes] Added the QWebEngineUrlScheme::CorsEnabled flag for
enabling cross-origin resource sharing with custom schemes.

Fixes: QTBUG-75651
Change-Id: Ia17acf25ae8488f23c6b4609777a3bdbf72149ee
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

3 files changed, 72 insertions, 1 deletions

diff --git a/tests/auto/widgets/origins/resources/redirect.css b/tests/auto/widgets/origins/resources/redirect.css
new file mode 100644
index 000000000..41d7560cc
--- /dev/null
+++ b/tests/auto/widgets/origins/resources/redirect.css
@@ -0,0 +1,8 @@
+@font-face {
+    font-family: 'MyWebFont';
+    src: url('redirect1:/resources/Akronim-Regular.woff2') format('woff2');
+}
+
+body {
+    font-family: 'MyWebFont', Fallback, sans-serif;
+}
diff --git a/tests/auto/widgets/origins/resources/redirect.html b/tests/auto/widgets/origins/resources/redirect.html
new file mode 100644
index 000000000..04948e14b
--- /dev/null
+++ b/tests/auto/widgets/origins/resources/redirect.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>redirect</title>
+        <link rel="stylesheet" href="redirect1:/resources/redirect.css">
+    </head>
+    <body>
+        Text
+    </body>
+</html>
diff --git a/tests/auto/widgets/origins/tst_origins.cpp b/tests/auto/widgets/origins/tst_origins.cpp
index 8fed79975..02d5bfba3 100644
--- a/tests/auto/widgets/origins/tst_origins.cpp
+++ b/tests/auto/widgets/origins/tst_origins.cpp
@@ -122,6 +122,18 @@ void registerSchemes()
         scheme.setDefaultPort(42);
         QWebEngineUrlScheme::registerScheme(scheme);
     }
+
+    {
+        QWebEngineUrlScheme scheme(QBAL("redirect1"));
+        scheme.setFlags(QWebEngineUrlScheme::CorsEnabled);
+        QWebEngineUrlScheme::registerScheme(scheme);
+    }
+
+    {
+        QWebEngineUrlScheme scheme(QBAL("redirect2"));
+        scheme.setFlags(QWebEngineUrlScheme::CorsEnabled);
+        QWebEngineUrlScheme::registerScheme(scheme);
+    }
 }
 Q_CONSTRUCTOR_FUNCTION(registerSchemes)
 
@@ -145,13 +157,26 @@ public:
         profile->installUrlSchemeHandler(QBAL("HostSyntax-ContentSecurityPolicyIgnored"), this);
         profile->installUrlSchemeHandler(QBAL("HostAndPortSyntax"), this);
         profile->installUrlSchemeHandler(QBAL("HostPortAndUserInformationSyntax"), this);
+        profile->installUrlSchemeHandler(QBAL("redirect1"), this);
+        profile->installUrlSchemeHandler(QBAL("redirect2"), this);
     }
 
+    QVector<QUrl> &requests() { return m_requests; }
+
 private:
     void requestStarted(QWebEngineUrlRequestJob *job) override
     {
+        QUrl url = job->requestUrl();
+        m_requests << url;
+
+        if (url.scheme() == QBAL("redirect1")) {
+            url.setScheme(QBAL("redirect2"));
+            job->redirect(url);
+            return;
+        }
+
         QString pathPrefix = QSL(THIS_DIR);
-        QString pathSuffix = job->requestUrl().path();
+        QString pathSuffix = url.path();
         QFile *file = new QFile(pathPrefix + pathSuffix, job);
         if (!file->open(QIODevice::ReadOnly)) {
             job->fail(QWebEngineUrlRequestJob::RequestFailed);
@@ -160,8 +185,12 @@ private:
         QByteArray mimeType = QBAL("text/html");
         if (pathSuffix.endsWith(QSL(".js")))
             mimeType = QBAL("application/javascript");
+        else if (pathSuffix.endsWith(QSL(".css")))
+            mimeType = QBAL("text/css");
         job->reply(mimeType, file);
     }
+
+    QVector<QUrl> m_requests;
 };
 
 class tst_Origins final : public QObject {
@@ -169,6 +198,7 @@ class tst_Origins final : public QObject {
 
 private Q_SLOTS:
     void initTestCase();
+    void cleanup();
     void cleanupTestCase();
 
     void jsUrlCanon();
@@ -187,6 +217,7 @@ private Q_SLOTS:
     void serviceWorker();
     void viewSource();
     void createObjectURL();
+    void redirect();
 
 private:
     bool load(const QUrl &url)
@@ -209,10 +240,19 @@ private:
 
 void tst_Origins::initTestCase()
 {
+    QTest::ignoreMessage(
+            QtWarningMsg,
+            QRegularExpression("Please register the custom scheme 'tst'.*"));
+
     m_page = new QWebEnginePage(&m_profile, nullptr);
     m_handler = new TstUrlSchemeHandler(&m_profile);
 }
 
+void tst_Origins::cleanup()
+{
+    m_handler->requests().clear();
+}
+
 void tst_Origins::cleanupTestCase()
 {
     delete m_handler;
@@ -772,5 +812,18 @@ void tst_Origins::createObjectURL()
     QVERIFY(eval(QSL("result")).toString().startsWith(QSL("blob:tst:")));
 }
 
+void tst_Origins::redirect()
+{
+    QVERIFY(load(QSL("redirect1:/resources/redirect.html")));
+    QTRY_COMPARE(m_handler->requests().size(), 7);
+    QCOMPARE(m_handler->requests()[0], QUrl(QStringLiteral("redirect1:/resources/redirect.html")));
+    QCOMPARE(m_handler->requests()[1], QUrl(QStringLiteral("redirect2:/resources/redirect.html")));
+    QCOMPARE(m_handler->requests()[2], QUrl(QStringLiteral("redirect1:/resources/redirect.css")));
+    QCOMPARE(m_handler->requests()[3], QUrl(QStringLiteral("redirect2:/resources/redirect.css")));
+    QCOMPARE(m_handler->requests()[4], QUrl(QStringLiteral("redirect1:/resources/Akronim-Regular.woff2")));
+    QCOMPARE(m_handler->requests()[5], QUrl(QStringLiteral("redirect1:/resources/Akronim-Regular.woff2")));
+    QCOMPARE(m_handler->requests()[6], QUrl(QStringLiteral("redirect2:/resources/Akronim-Regular.woff2")));
+}
+
 QTEST_MAIN(tst_Origins)
 #include "tst_origins.moc"