diff options
author | Szabolcs David <davidsz@inf.u-szeged.hu> | 2022-05-09 13:06:06 +0200 |
---|---|---|
committer | Szabolcs David <davidsz@inf.u-szeged.hu> | 2022-05-26 12:10:35 +0200 |
commit | 567739fda232c28992962f32a9e652eab723a4d4 (patch) | |
tree | cb933c189d87ed104f71ad8393d9e93d0eec193a /tests | |
parent | 2ba1f04b4589e5883a399b022b7795266c4d4646 (diff) |
Implement File System Access permission API
Allow web pages to safely access the local file system
by exposing a permission API. Permissions are stored in-memory.
The built-in access rules are the same as the behavior of Chrome:
JS can't request access to system libraries, sensitive directories
and the application itself.
Task-number: QTBUG-97829
Change-Id: Ic675422cafbad5a90243b4fa8f0749c46afa192c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/auto/quick/publicapi/tst_publicapi.cpp | 13 | ||||
-rw-r--r-- | tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp | 33 |
2 files changed, 40 insertions, 6 deletions
diff --git a/tests/auto/quick/publicapi/tst_publicapi.cpp b/tests/auto/quick/publicapi/tst_publicapi.cpp index edec675f6..3b7da9759 100644 --- a/tests/auto/quick/publicapi/tst_publicapi.cpp +++ b/tests/auto/quick/publicapi/tst_publicapi.cpp @@ -35,6 +35,7 @@ #include <QtTest/QtTest> #include <QtWebEngineQuick/QQuickWebEngineProfile> #include <QtWebEngineCore/QWebEngineCertificateError> +#include <QtWebEngineCore/QWebEngineFileSystemAccessRequest> #include <QtWebEngineCore/QWebEngineFindTextResult> #include <QtWebEngineCore/QWebEngineFullScreenRequest> #include <QtWebEngineCore/QWebEngineHistory> @@ -85,6 +86,7 @@ static const QList<const QMetaObject *> typesToCheck = QList<const QMetaObject * << &QQuickWebEngineTooltipRequest::staticMetaObject << &QWebEngineContextMenuRequest::staticMetaObject << &QWebEngineCertificateError::staticMetaObject + << &QWebEngineFileSystemAccessRequest::staticMetaObject << &QWebEngineFindTextResult::staticMetaObject << &QWebEngineLoadingInfo::staticMetaObject << &QWebEngineNavigationRequest::staticMetaObject @@ -288,6 +290,16 @@ static const QStringList expectedAPI = QStringList() << "QWebEngineFullScreenRequest.origin --> QUrl" << "QWebEngineFullScreenRequest.reject() --> void" << "QWebEngineFullScreenRequest.toggleOn --> bool" + << "QWebEngineFileSystemAccessRequest.File --> HandleType" + << "QWebEngineFileSystemAccessRequest.Directory --> HandleType" + << "QWebEngineFileSystemAccessRequest.Read --> AccessFlags" + << "QWebEngineFileSystemAccessRequest.Write --> AccessFlags" + << "QWebEngineFileSystemAccessRequest.origin --> QUrl" + << "QWebEngineFileSystemAccessRequest.filePath --> QUrl" + << "QWebEngineFileSystemAccessRequest.handleType --> QWebEngineFileSystemAccessRequest::HandleType" + << "QWebEngineFileSystemAccessRequest.accessFlags --> QFlags<QWebEngineFileSystemAccessRequest::AccessFlag>" + << "QWebEngineFileSystemAccessRequest.accept() --> void" + << "QWebEngineFileSystemAccessRequest.reject() --> void" << "QWebEngineHistory.backItems --> QWebEngineHistoryModel*" << "QWebEngineHistory.clear() --> void" << "QWebEngineHistory.forwardItems --> QWebEngineHistoryModel*" @@ -697,6 +709,7 @@ static const QStringList expectedAPI = QStringList() << "QQuickWebEngineView.devToolsViewChanged() --> void" << "QQuickWebEngineView.featurePermissionRequested(QUrl,Feature) --> void" << "QQuickWebEngineView.fileDialogRequested(QQuickWebEngineFileDialogRequest*) --> void" + << "QQuickWebEngineView.fileSystemAccessRequested(QWebEngineFileSystemAccessRequest) --> void" << "QQuickWebEngineView.findText(QString) --> void" << "QQuickWebEngineView.findText(QString,FindFlags) --> void" << "QQuickWebEngineView.findText(QString,FindFlags,QJSValue) --> void" diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp index b16e9fa62..57f6b24a8 100644 --- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp +++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp @@ -48,6 +48,7 @@ #include <qnetworkreply.h> #include <qnetworkrequest.h> #include <qwebenginedownloadrequest.h> +#include <qwebenginefilesystemaccessrequest.h> #include <qwebenginefindtextresult.h> #include <qwebenginefullscreenrequest.h> #include <qwebenginehistory.h> @@ -4794,17 +4795,17 @@ void tst_QWebEnginePage::renderProcessPid() class FileSelectionTestPage : public QWebEnginePage { public: - FileSelectionTestPage() - { } + FileSelectionTestPage() : m_tempDir(QDir::tempPath() + "/tst_qwebenginepage-XXXXXX") { } QStringList chooseFiles(FileSelectionMode mode, const QStringList &oldFiles, const QStringList &acceptedMimeTypes) override { Q_UNUSED(oldFiles); chosenFileSelectionMode = mode; chosenAcceptedMimeTypes = acceptedMimeTypes; - return QStringList(); + return QStringList() << (m_tempDir.path() + "/file.txt"); } + QTemporaryDir m_tempDir; int chosenFileSelectionMode = -1; QStringList chosenAcceptedMimeTypes; }; @@ -4890,9 +4891,27 @@ void tst_QWebEnginePage::fileSystemAccessDialog() view.show(); QVERIFY(QTest::qWaitForWindowExposed(&view)); - page.setHtml(QString("<html><body>" + connect(&page, &QWebEnginePage::fileSystemAccessRequested, + [](QWebEngineFileSystemAccessRequest request) { + QCOMPARE(request.accessFlags(), + QWebEngineFileSystemAccessRequest::Read + | QWebEngineFileSystemAccessRequest::Write); + request.accept(); + }); + + page.setHtml(QString("<html><head><script>" + "async function getTemporaryDir() {" + " const newHandle = await window.showSaveFilePicker();" + " const writable = await newHandle.createWritable();" + " await writable.write(new Blob(['New value']));" + " await writable.close();" + "" + " const fileData = await newHandle.getFile();" + " document.title = await fileData.text();" + "}" + "</script></head><body>" "<button id='triggerDialog' value='trigger' " - "onclick='window.showDirectoryPicker()'>" + "onclick='getTemporaryDir()'" "</body></html>"), QString("qrc:/")); QVERIFY(spyFinished.wait()); @@ -4903,7 +4922,9 @@ void tst_QWebEnginePage::fileSystemAccessDialog() QStringLiteral("triggerDialog")); QTest::keyClick(view.focusProxy(), Qt::Key_Enter); - QTRY_COMPARE(page.chosenFileSelectionMode, QWebEnginePage::FileSelectUploadFolder); + QTRY_COMPARE(page.title(), "New value"); + + QTRY_COMPARE(page.chosenFileSelectionMode, QWebEnginePage::FileSelectSave); QTRY_COMPARE(page.chosenAcceptedMimeTypes, QStringList()); } |