diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/core/api/qwebengineurlrequestinfo.cpp | 12 | ||||
-rw-r--r-- | src/core/certificate_error_controller.cpp | 12 | ||||
-rw-r--r-- | src/core/certificate_error_controller.h | 2 | ||||
-rw-r--r-- | src/core/certificate_error_controller_p.h | 1 | ||||
-rw-r--r-- | src/core/type_conversion.cpp | 19 | ||||
-rw-r--r-- | src/core/type_conversion.h | 7 | ||||
-rw-r--r-- | src/webenginewidgets/api/qwebenginecertificateerror.cpp | 109 | ||||
-rw-r--r-- | src/webenginewidgets/api/qwebenginecertificateerror.h | 22 | ||||
-rw-r--r-- | src/webenginewidgets/api/qwebenginedownloaditem.cpp | 21 | ||||
-rw-r--r-- | src/webenginewidgets/api/qwebenginepage.cpp | 8 | ||||
-rw-r--r-- | src/webenginewidgets/api/qwebenginepage_p.h | 2 | ||||
-rw-r--r-- | src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc | 2 |
12 files changed, 190 insertions, 27 deletions
diff --git a/src/core/api/qwebengineurlrequestinfo.cpp b/src/core/api/qwebengineurlrequestinfo.cpp index e2101fd02..2aa43a318 100644 --- a/src/core/api/qwebengineurlrequestinfo.cpp +++ b/src/core/api/qwebengineurlrequestinfo.cpp @@ -1,6 +1,6 @@ /**************************************************************************** ** -** Copyright (C) 2016 The Qt Company Ltd. +** Copyright (C) 2019 The Qt Company Ltd. ** Contact: https://www.qt.io/licensing/ ** ** This file is part of the QtWebEngine module of the Qt Toolkit. @@ -185,7 +185,9 @@ QWebEngineUrlRequestInfo::QWebEngineUrlRequestInfo(QWebEngineUrlRequestInfoPriva \value ResourceTypeCspReport A report of Content Security Policy (CSP) violations. CSP reports are in JSON format and they are delivered by HTTP POST requests to specified servers. (Added in Qt 5.7) - \value ResourceTypePluginResource A resource requested by a plugin. (Added in Qt 5.7) + \value ResourceTypePluginResource A resource requested by a plugin. (Added in Qt 5.7) + \value ResourceTypeNavigationPreload A service worker navigation preload + request. (Added in Qt 5.14) \value ResourceTypeUnknown Unknown request type. \note For forward compatibility all values not matched should be treated as unknown, @@ -248,8 +250,10 @@ QUrl QWebEngineUrlRequestInfo::firstPartyUrl() const } /*! - Returns the origin url of the document which initiated - the navigation when a frame navigates another frame. + Returns the origin URL of the document that initiated + the navigation of a frame to another frame. + + \since 5.14 */ QUrl QWebEngineUrlRequestInfo::initiator() const diff --git a/src/core/certificate_error_controller.cpp b/src/core/certificate_error_controller.cpp index a747451df..71465a1af 100644 --- a/src/core/certificate_error_controller.cpp +++ b/src/core/certificate_error_controller.cpp @@ -90,9 +90,10 @@ CertificateErrorControllerPrivate::CertificateErrorControllerPrivate(int cert_er , strictEnforcement(strict_enforcement) , callback(cb) { - if (ssl_info.cert.get()) { - validStart = toQt(ssl_info.cert->valid_start()); - validExpiry = toQt(ssl_info.cert->valid_expiry()); + if (auto cert = ssl_info.cert.get()) { + validStart = toQt(cert->valid_start()); + validExpiry = toQt(cert->valid_expiry()); + chain = toCertificateChain(cert); } } @@ -186,4 +187,9 @@ QString CertificateErrorController::errorString() const return getQStringForMessageId(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); } +QList<QSslCertificate> CertificateErrorController::chain() const +{ + return d->chain; +} + QT_END_NAMESPACE diff --git a/src/core/certificate_error_controller.h b/src/core/certificate_error_controller.h index 5bea61c9b..7f5300dc8 100644 --- a/src/core/certificate_error_controller.h +++ b/src/core/certificate_error_controller.h @@ -55,6 +55,7 @@ #include <QtCore/QDateTime> #include <QtCore/QUrl> +#include <QtNetwork/QSslCertificate> QT_BEGIN_NAMESPACE @@ -95,6 +96,7 @@ public: QString errorString() const; QDateTime validStart() const; QDateTime validExpiry() const; + QList<QSslCertificate> chain() const; void accept(bool); diff --git a/src/core/certificate_error_controller_p.h b/src/core/certificate_error_controller_p.h index abde9a7d5..f3b0c23fa 100644 --- a/src/core/certificate_error_controller_p.h +++ b/src/core/certificate_error_controller_p.h @@ -71,6 +71,7 @@ public: bool overridable; bool strictEnforcement; const base::Callback<void(content::CertificateRequestResultType)> callback; + QList<QSslCertificate> chain; }; QT_END_NAMESPACE diff --git a/src/core/type_conversion.cpp b/src/core/type_conversion.cpp index 02d2db448..ddadeb9f2 100644 --- a/src/core/type_conversion.cpp +++ b/src/core/type_conversion.cpp @@ -40,11 +40,14 @@ #include "type_conversion.h" #include <content/public/common/favicon_url.h> +#include <net/cert/x509_certificate.h> +#include <net/cert/x509_util.h> #include <ui/events/event_constants.h> #include <ui/gfx/image/image_skia.h> #include <QtCore/qcoreapplication.h> #include <QtGui/qmatrix4x4.h> +#include <QtNetwork/qsslcertificate.h> namespace QtWebEngineCore { @@ -256,4 +259,20 @@ void convertToQt(const SkMatrix44 &m, QMatrix4x4 &c) c = qtMatrix; } +static QSslCertificate toCertificate(CRYPTO_BUFFER *buffer) +{ + auto derCert = net::x509_util::CryptoBufferAsStringPiece(buffer); + return QSslCertificate(QByteArray::fromRawData(derCert.data(), derCert.size()), QSsl::Der); +} + +QList<QSslCertificate> toCertificateChain(net::X509Certificate *certificate) +{ + // from leaf to root as in QtNetwork + QList<QSslCertificate> chain; + chain.append(toCertificate(certificate->cert_buffer())); + for (auto &&buffer : certificate->intermediate_buffers()) + chain.append(toCertificate(buffer.get())); + return chain; +} + } // namespace QtWebEngineCore diff --git a/src/core/type_conversion.h b/src/core/type_conversion.h index 7b1f1b4d6..dfd8e8fef 100644 --- a/src/core/type_conversion.h +++ b/src/core/type_conversion.h @@ -64,6 +64,7 @@ #include "url/gurl.h" QT_FORWARD_DECLARE_CLASS(QMatrix4x4) +QT_FORWARD_DECLARE_CLASS(QSslCertificate) namespace content { struct FaviconURL; @@ -73,6 +74,10 @@ namespace gfx { class ImageSkiaRep; } +namespace net { +class X509Certificate; +} + namespace QtWebEngineCore { inline QString toQt(const base::string16 &string) @@ -291,6 +296,8 @@ inline QStringList fromVector(const std::vector<base::string16> &vector) FaviconInfo toFaviconInfo(const content::FaviconURL &); +QList<QSslCertificate> toCertificateChain(net::X509Certificate *certificate); + } // namespace QtWebEngineCore #endif // TYPE_CONVERSION_H diff --git a/src/webenginewidgets/api/qwebenginecertificateerror.cpp b/src/webenginewidgets/api/qwebenginecertificateerror.cpp index f04b73615..a61d98f94 100644 --- a/src/webenginewidgets/api/qwebenginecertificateerror.cpp +++ b/src/webenginewidgets/api/qwebenginecertificateerror.cpp @@ -39,6 +39,8 @@ #include "qwebenginecertificateerror.h" +#include "certificate_error_controller.h" + QT_BEGIN_NAMESPACE /*! @@ -51,14 +53,38 @@ QT_BEGIN_NAMESPACE QWebEnginePage::certificateError(). */ -class QWebEngineCertificateErrorPrivate { +class QWebEngineCertificateErrorPrivate : public QSharedData { public: QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription); + ~QWebEngineCertificateErrorPrivate() { + if (deferred && !answered) + rejectCertificate(); + } + + void resolveError(bool accept) { + if (answered) + return; + answered = true; + if (overridable) { + if (auto ctl = controller.lock()) + ctl->accept(accept); + } + } + + void ignoreCertificateError() { resolveError(true); } + void rejectCertificate() { resolveError(false); } + QWebEngineCertificateError::Error error; QUrl url; bool overridable; QString errorDescription; + QList<QSslCertificate> chain; + + bool answered = false, deferred = false; + QWeakPointer<CertificateErrorController> controller; + + Q_DISABLE_COPY(QWebEngineCertificateErrorPrivate) }; QWebEngineCertificateErrorPrivate::QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription) @@ -68,17 +94,31 @@ QWebEngineCertificateErrorPrivate::QWebEngineCertificateErrorPrivate(int error, , errorDescription(errorDescription) { } - /*! \internal */ QWebEngineCertificateError::QWebEngineCertificateError(int error, QUrl url, bool overridable, QString errorDescription) - : d_ptr(new QWebEngineCertificateErrorPrivate(error, url, overridable, errorDescription)) + : d(new QWebEngineCertificateErrorPrivate(error, url, overridable, errorDescription)) { } /*! \internal */ +QWebEngineCertificateError::QWebEngineCertificateError(const QSharedPointer<CertificateErrorController> &controller) + : d(new QWebEngineCertificateErrorPrivate(controller->error(), controller->url(), + controller->overridable(), controller->errorString())) +{ + d->controller = controller; + d->chain = controller->chain(); +} + +QWebEngineCertificateError::QWebEngineCertificateError(const QWebEngineCertificateError &other) = default; + +QWebEngineCertificateError& QWebEngineCertificateError::operator=(const QWebEngineCertificateError &other) = default; + +/*! \internal +*/ QWebEngineCertificateError::~QWebEngineCertificateError() { + } /*! @@ -116,7 +156,6 @@ QWebEngineCertificateError::~QWebEngineCertificateError() */ bool QWebEngineCertificateError::isOverridable() const { - const Q_D(QWebEngineCertificateError); return d->overridable; } @@ -127,7 +166,6 @@ bool QWebEngineCertificateError::isOverridable() const */ QUrl QWebEngineCertificateError::url() const { - const Q_D(QWebEngineCertificateError); return d->url; } @@ -138,7 +176,6 @@ QUrl QWebEngineCertificateError::url() const */ QWebEngineCertificateError::Error QWebEngineCertificateError::error() const { - const Q_D(QWebEngineCertificateError); return d->error; } @@ -149,8 +186,66 @@ QWebEngineCertificateError::Error QWebEngineCertificateError::error() const */ QString QWebEngineCertificateError::errorDescription() const { - const Q_D(QWebEngineCertificateError); return d->errorDescription; } +/*! + Marks the certificate error for delayed handling. + + This function should be called when there is a need to postpone the decision whether to ignore a + certificate error, for example, while waiting for user input. When called, the function pauses the + URL request until ignoreCertificateError() or rejectCertificate() is called. + + \note It is only possible to defer overridable certificate errors. + + \sa isOverridable(), deferred() +*/ +void QWebEngineCertificateError::defer() +{ + if (isOverridable()) + d->deferred = true; +} + +/*! + Returns whether the decision for error handling was delayed and the URL load was halted. +*/ +bool QWebEngineCertificateError::deferred() const +{ + return d->deferred; +} + +/*! + Ignores the certificate error and continues the loading of the requested URL. +*/ +void QWebEngineCertificateError::ignoreCertificateError() +{ + d->ignoreCertificateError(); +} + +/*! + Rejects the certificate and aborts the loading of the requested URL. +*/ +void QWebEngineCertificateError::rejectCertificate() +{ + d->rejectCertificate(); +} + +/*! + Returns \c true if the error was explicitly rejected or accepted. +*/ +bool QWebEngineCertificateError::answered() const +{ + return d->answered; +} + +/*! + Returns the peer's chain of digital certificates + + Chain starts with the peer's immediate certificate and ending with the CA's certificate. +*/ +QList<QSslCertificate> QWebEngineCertificateError::chain() const +{ + return d->chain; +} + QT_END_NAMESPACE diff --git a/src/webenginewidgets/api/qwebenginecertificateerror.h b/src/webenginewidgets/api/qwebenginecertificateerror.h index 82ac281be..b2dd65a9f 100644 --- a/src/webenginewidgets/api/qwebenginecertificateerror.h +++ b/src/webenginewidgets/api/qwebenginecertificateerror.h @@ -42,11 +42,13 @@ #include <QtWebEngineWidgets/qtwebenginewidgetsglobal.h> -#include <QtCore/qscopedpointer.h> +#include <QtCore/qsharedpointer.h> #include <QtCore/qurl.h> +#include <QtNetwork/QSslCertificate> QT_BEGIN_NAMESPACE +class CertificateErrorController; class QWebEngineCertificateErrorPrivate; class QWEBENGINEWIDGETS_EXPORT QWebEngineCertificateError { @@ -78,10 +80,22 @@ public: bool isOverridable() const; QString errorDescription() const; + QWebEngineCertificateError(const QWebEngineCertificateError &other); + QWebEngineCertificateError& operator=(const QWebEngineCertificateError &other); + + void defer(); + bool deferred() const; + + void rejectCertificate(); + void ignoreCertificateError(); + bool answered() const; + + QList<QSslCertificate> chain() const; + private: - Q_DISABLE_COPY(QWebEngineCertificateError) - Q_DECLARE_PRIVATE(QWebEngineCertificateError) - QScopedPointer<QWebEngineCertificateErrorPrivate> d_ptr; + friend class QWebEnginePagePrivate; + QWebEngineCertificateError(const QSharedPointer<CertificateErrorController> &controller); + QExplicitlySharedDataPointer<QWebEngineCertificateErrorPrivate> d; }; QT_END_NAMESPACE diff --git a/src/webenginewidgets/api/qwebenginedownloaditem.cpp b/src/webenginewidgets/api/qwebenginedownloaditem.cpp index 7ce572e2f..7b0cfe074 100644 --- a/src/webenginewidgets/api/qwebenginedownloaditem.cpp +++ b/src/webenginewidgets/api/qwebenginedownloaditem.cpp @@ -1,6 +1,6 @@ /**************************************************************************** ** -** Copyright (C) 2016 The Qt Company Ltd. +** Copyright (C) 2019 The Qt Company Ltd. ** Contact: https://www.qt.io/licensing/ ** ** This file is part of the QtWebEngine module of the Qt Toolkit. @@ -124,8 +124,9 @@ static inline QWebEngineDownloadItem::DownloadInterruptReason toDownloadInterrup then the download request will be automatically rejected and nothing will be written to disk. - \note Some properties, like the \l path under which the file will be saved, - can only be changed before calling accept(). + \note Some properties, such as setting the path and file name where the file + will be saved (see \l downloadDirectory() and \l downloadFileName()), can + only be changed before calling accept(). \section2 Object Life Cycle @@ -510,6 +511,10 @@ QString QWebEngineDownloadItem::mimeType() const /*! \obsolete + + Use \l suggestedFileName(), \l downloadDirectory(), and + \l downloadFileName() instead. + Returns the full target path where data is being downloaded to. The path includes the file name. The default suggested path is the standard download location @@ -523,6 +528,10 @@ QString QWebEngineDownloadItem::path() const } /*! + \obsolete + + Use \l setDownloadDirectory() and \l setDownloadFileName() instead. + Sets the full target path to download the file to. The \a path should also include the file name. The download path can only be set in response @@ -572,7 +581,7 @@ QString QWebEngineDownloadItem::downloadDirectory() const /*! \since 5.14 - Sets the directory path to download the file to. + Sets \a directory as the directory path to download the file to. The download directory path can only be set in response to the QWebEngineProfile::downloadRequested() signal before the download is accepted. Past that point, this function has no effect on the @@ -598,7 +607,7 @@ void QWebEngineDownloadItem::setDownloadDirectory(QString directory) /*! \since 5.14 - Returns the suggested file name. + Returns the file name to download the file to. */ QString QWebEngineDownloadItem::downloadFileName() const @@ -610,7 +619,7 @@ QString QWebEngineDownloadItem::downloadFileName() const /*! \since 5.14 - Sets the file name to download the file to. + Sets \a fileName as the file name to download the file to. The download file name can only be set in response to the QWebEngineProfile::downloadRequested() signal before the download is accepted. Past that point, this function has no effect on the diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index c9e9177b7..b22d47916 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -294,6 +294,7 @@ void QWebEnginePagePrivate::loadStarted(const QUrl &provisionalUrl, bool isError return; isLoading = true; + m_certificateErrorControllers.clear(); QTimer::singleShot(0, q, &QWebEnginePage::loadStarted); } @@ -1715,10 +1716,11 @@ void QWebEnginePagePrivate::allowCertificateError(const QSharedPointer<Certifica Q_Q(QWebEnginePage); bool accepted = false; - QWebEngineCertificateError error(controller->error(), controller->url(), controller->overridable() && !controller->strictEnforcement(), controller->errorString()); + QWebEngineCertificateError error(controller); accepted = q->certificateError(error); - - if (error.isOverridable()) + if (error.deferred() && !error.answered()) + m_certificateErrorControllers.append(controller); + else if (!error.answered() && error.isOverridable()) controller->accept(accepted); } diff --git a/src/webenginewidgets/api/qwebenginepage_p.h b/src/webenginewidgets/api/qwebenginepage_p.h index fae97b9fa..2843f69c4 100644 --- a/src/webenginewidgets/api/qwebenginepage_p.h +++ b/src/webenginewidgets/api/qwebenginepage_p.h @@ -210,6 +210,8 @@ public: #if QT_CONFIG(webengine_printing_and_pdf) QPrinter *currentPrinter; #endif + + QList<QSharedPointer<CertificateErrorController>> m_certificateErrorControllers; }; class QContextMenuBuilder : public QtWebEngineCore::RenderViewContextMenuQt diff --git a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc index 64fe4c9cd..5536c0058 100644 --- a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc @@ -522,6 +522,8 @@ Return \c true to ignore the error and complete the request. Return \c false to stop loading the request. + \note If the error was successfully deferred then the returned value will be ignored. + \sa QWebEngineCertificateError */ |