| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Change-Id: Id4bef9a7bd6a798511f8b8850d27f48f75fbeebd
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Changes:
9f4aba1869 FIXUP: Building with plugins but webrtc disabled
37195be7fc [Backport] Fix for CVE-2018-17478
2095a35f30 FIXUP: Building with plugins but webrtc disabled
Change-Id: I2a95bb45c8e580246b4c00620045a45aafc635cd
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
33fd7a21ed - [Backport] Fix for CVE-2018-17466
4a6c45c124 - [Backport] Second fix for CVE-2018-12371
cf0481a4fb - [Backport] Fix for security issue 875494
f428bbce2a - [Backport] Fix for security issue 888678
5d514fa9ba - [Backport][Blink/SPv175+] Change DCHECK(chunk clip escaped layer clip) to a DLOG
Fixes: QTBUG-71203
Change-Id: I20449b1e688e09313cb96e111f9e356120ba7088
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|\
| |
| |
| | |
Change-Id: Ibebb21d4948bd720badabe6a176274341098a9a0
|
| |
| |
| |
| | |
Change-Id: I907509e71cec2c63b9631458fba9ad70907fb422
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
1b6fc616ee - [Backport] Fix for CVE-2018-17462
567960cec4 - [Backport] Update LCMS
39ae61b30a - [Backport] Fix for CVE-2018-17468
ddd25ab971 - [Backport] Fix for CVE-2018-17469
37b5fe3597 - [Backport] Fix for CVE-2018-17470
e467d56363 - [Backport] Fix for CVE-2018-17471
2dcf2c6d0c - [Backport] Fix for CVE-2018-17474
976446bcc0 - [Backport] Fix for CVE-2018-17473
cb98d8cc57 - Build fix for [Backport] Fix for CVE-2018-17470
bc188914f3 - Fixup for fix for CVE-2018-17469
ccb8f3ea6e - Fixup for Fix for CVE-2018-17468
8a39f81276 - [Backport] Fix for CVE-2018-17476
Task-number: QTBUG-71203
Change-Id: I6b698e77272cd762ca40f73c94fa31ce746bd8ff
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
| |
Some first party requests has no site_for_cookies yet, and thus returns
an empty string. The logic matches that of StaticCookiePolicy.
Change-Id: I10caf978dc410639cd21fc2aa01eb2bf6dc67c1f
Fixes: QTBUG-71393
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
This reads the hw.model string through sysctlbyname and sets the
environment variable QT_MAC_PRO_WEBENGINE_WORKAROUND to tell the
Cocoa platform plugin to not enable offline renderers upon creation
of the platform OpenGL context.
Task-number: QTBUG-70062
Change-Id: I986d9d76a80f96a215f3fcd08b3d47e546682e35
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
| |
Task-number: QTBUG-71128
Task-number: QTBUG-69281
Task-number: QTBUG-71229
Change-Id: If6b839ce12efb3ccd69c270d99b10b3756014bb2
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
| |
This adds proxy resolver service as a part of content utility process
and pulls in the corresponding change in Chromium.
Fixes: QTBUG-69281
Change-Id: Icb2b67e1e506a5b511531322a8c13d7df0e11f9f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
| |
Do no access m_request from ui thread. The auth request can get cancelled,
this can happen for example when a new navigation interrupts the current one.
Fixes: QTBUG-71128
Change-Id: I140b1a164294342bad13a76342c1f642ba0960c8
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-69281
Change-Id: If48d1a7ad723b18d4577d675b11c0cdc5e22f758
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately the versions reported by system freetype packages with
pkg-config are not always consistent with the actual freetype version.
Instead, we now use a compile time check, similar to what the
corresponding check for qtgui does.
Change-Id: I3316f5dfe423ffead5fd9cfec1542407c2b21bd8
Fixes: QTBUG-71033
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
Pull in fix for build failure on macOS with 10.14
Fixes: QTBUG-70981
Change-Id: Ie302e3b7f21edfe4390248c4953dbcce6525715a
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
|
|
| |
Pass interface to io thread and bind there.
Task-number: QTBUG-69281
Change-Id: Ia8630cb7ff216cecaec5274a0b3da3ef0881fcea
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-68462
Task-number: QTBUG-70728
Change-Id: I4314bce427555504cb49de93af45c910de554479
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
More security fixes from Chrome 69
Changes:
dd94e4234936 [Backport] CVE-2018-16066
9dec1e5d1048 [Backport] CVE-2018-16070
7610166df941 [Backport] Security patch 864932
9ffeaf4caa98 [Backport] CVE-2018-16076
af4500d25e07 [Backport] CVE-2018-16077
02d134e58d36 [Backport] CVE-2018-16083
22a79645f8d3 [Backport] CVE-2018-16085
8ea8f7a2e7ca [Backport] Security issue 867306
3b44cd3d8a9c [Backport] Security issue 867792
13aed800921e [Backport] Security issue 868592
Change-Id: I465915ee61443e8eab2204b56cbf9aca1123aab4
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-66871
Change-Id: I246d667dfe341a6bfe7a74b24286403bec4dde8b
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-68462
Change-Id: I6d3358d36bb3df91c05d434275e9c69682c982a9
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
High security fixes from Chrome 69
Changes:
c92e99aa5f [Backport] CVE-2018-16067
38b701b44f [Backport] CVE-2018-16068
5adda98099 [Backport] CVE-2018-16071
021e3ee70e [Backport] CVE-2018-16072
cfc13dfc78 [Backport] Correctly handle blob:file:///... URIs in SiteInstance::GetSiteForURL.
f1f5e7417e [Backport] Avoid unneeded call to Origin::GetURL from SiteInstance::GetSiteForURL.
c952ab2ef5 [Backport] CVE-2018-16074
ae14d10af6 [Backport] CVE-2018-16073
ebbf15c58c Update usrsctp
Change-Id: Ia5d1c6622992f855de9d86fb2e99a972012f6fc0
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
| |
Either overlooked or added after we make the GN switch.
Change-Id: I93bfc27c2e71165901c2046ab2ea902d9dad39d3
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|\
| |
| |
| | |
Change-Id: Idee34fa6d4cc54effd84d3b78e3666fa7fcce8db
|
| |
| |
| |
| |
| | |
Change-Id: I134876aa68bd42356c0b897a5d7d5881f27724a4
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
Add a few missed changes from 3rdparty
Change-Id: Ie503da76d20440729516224c48bf0c95aade66d7
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| |
| | |
Change-Id: Ia3fe234353e489732ee5f914204ee3f46c894a52
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |\
| | |
| | |
| | | |
Change-Id: Iea03d76799b1e94991e536c056a5b918d63041a4
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The max was bumbed from 11 to 256, now document it.
Task-number: QTBUG-69904
Change-Id: I6cbf64afe3409c4722d7a903d833124880b32bc0
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This pulls in the following changes:
* 708511 Fix hunspell::NodeReader::affix_id_for_leaf bounds check
Change-Id: I54a3775c171361f227a27bfd3846ab4f5a78e76c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes have been made upstream, backported in
http://code.qt.io/cgit/qt/qtwebengine-chromium.git/commit/?h=65-based&id=eb5360b2
that make it possible to link against system libxml2 again, even if
it has been compiled with catalog support.
Thanks to Arfrever Frehtes Taifersar Arahesis for their help on this.
Change-Id: I61a49ab806f6dbbd96a2df09946c1a14062e6df5
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Somehow it's the case that QtTest 5.9 doesn't know how to QCOMPARE a QString
with a normal string literal:
ld: error: undefined symbol: bool QTest::qCompare<QString, char [31]>(QString
const&, char const (&) [31], char const*, char const*, char const*, int)
Change-Id: I13ce50689d9f1c157378b862fb1ed4a572ac7f79
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This pulls in the following changes:
* 084a80 [Backport] Security Bug 831117 2/2
* f78390 [Backport] Security Bug 831117 1/2
* d739b9 [Backport] Security Bug 683418
* cf51b5 [Backport] Security Bug 840695
* 009019 [Backport] Security Bug 838886
* 424911 [Backport] CVE-2018-6158
* 6d5f60 Fix compilation issues in introduced previous commits
* a6e2ca [Backport] Security fix for Chromium bug 860721
* 3e6d0c [Backport] Security fix for Chromium bug 839197
* f4115a [Backport] additional patch for security fix for Chromium bug 839197
Task-number: QTBUG-69663
Change-Id: I6ad8509efb210972b753d8763e02cc31e90e0f8a
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
We do not have it working together with the building of Chromium.
Task-number: QTBUG-66571
Change-Id: Ib000a4102b02902f2ac257347e406297fe1608cf
Reviewed-by: Samuli Piippo <samuli.piippo@qt.io>
|
|/
|
|
|
|
| |
Task-number: QTBUG-62053
Change-Id: I2df300239f4f02bb74f1ec27a74874b3877aabd0
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This pulls in the following changes :
* 827405 [Backport] Security fix for Chromium bug 854887
* e79b92 [Backport] Security fix for Chromium bug 861571
* d845af [Backport] CVE-2018-6161
* 3cdf31 [Backport] CVE-2018-6159
* 625870 [Backport] CVE-2018-6162
* 2b111a [Backport] CVE-2018-6164
* eb5360 [Backport] blink: disable XML catalogs at runtime
* 273272 Bump maximum number of custom isolated world ids
* 8f53e0 [Backport] CVE-2018-6167
* 07c34e [Backport] CVE-2018-6172 CVE-2018-6163
* 5d8596 [Backport] CVE-2018-6165
* e8b9ae [Backport] CVE-2018-6177 CVE-2018-6168
* 0cce34 [Backport] CVE-2018-4117
Task-number: QTBUG-69663
Change-Id: Ied119f9d0b28ccba4954c087ab7bcf129969d52a
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Although the test should have been fixed by the change and did succeed
during local tests and CI runs, it still fails on the CI.
This prevents a merge to dev.
Partially reverts commit: d62cb919722f0baad4d0826e566b9a63f7fc7488
Task-number: QTBUG-66527
Change-Id: I1571c918034d84bd969ca0d401d4cfb17a10fd68
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--enable-webgl-software-rendering is supposed to be used together
with mesa llvmpipe / opengl32sw.dll. However, Chromium did still use
the built-in GPU blacklist to disable features based on the hardware
GPU driver.
Avoid this by always passing --ignore-gpu-blacklist for this mode.
Task-number: QTBUG-69236
Change-Id: I430d101f6eac64478585de54f705e76859c80597
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit pulls in security patches:
* CVE-2018-6150
* CVE-2018-6152
* CVE-2018-6175
* CVE-2018-6155
Task-number: QTBUG-69663
Change-Id: If70e7817f4f9aa1fa482559b734085e6cdff89ed
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
| |
Not needed and triggers race condition.
Task-number: QTBUG-69007
Change-Id: Id57ba527387e5dbe44a8dd6c5a49e7278403ce64
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
2d61f0a269 Work around MSVC2017 optimizer bug when printing a page usind Pdfium
6d6103fe51 [Backport] flush to zero tiny radii
edf63ed29d [Backport] use double to compute root to avoid overflow
7777b6ac95 [Backport] Generate GL errors more strictly in StrictIdHandler.
0c00f4a924 [Backport] Validate all incoming WebGLObjects.
a6a96845cc [Backport] Prevent potential buffer overflow in UlpfecReceiver
a3d55fb8e4 [Backport] Check number of nalus in packet before checking nalu types.
Change-Id: Icd501a956ce396a38098272848bc25065ad92748
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
The view did not get all the movement events if the mouse was moved
onto the view after it had loaded the page. Fix this by placing the
mouse onto the view before setting the html content.
Task-number: QTBUG-66527
Change-Id: I6d6847d5215005fe9490250b5b4f0c01ce317c23
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
| |
Change-Id: I74f6a607d96733fa379526be40c6a13c31203d4e
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
|
|
|
| |
Change-Id: Ic2f6a39e5e87c3cd606e161abac0bc6294c708d6
|
|
|
|
|
|
|
|
|
|
|
| |
IODevice::close and therefore aboutToClose is called by io thread,
connecting it to deleteLater will register deferred delete
on event loop of IODevice instance, which is on ui thread.
This could be racy since deletion on ui thread can happen before job
is done.
Change-Id: I895e6a71649ba65944d069f254d119cc60aada6c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an HTML select box was clicked inside of a QWebEngineView and
the parent QWebEngineView window was moved using the mouse
(via window decoration toolbar for example) the popup window
would stay around instead of being closed.
This happened because of the usage of the Qt:Tool window flag for the
popup window, which implies a tool that floats near its parent window.
The fix is threefold:
1) Use Qt::Popup instead, similarly to how QMenu does it.
Whenever the parent window is moved, the popup will now get a
CloseEvent.
2) Handle the CloseEvent by telling Chromium to close and destroy
the popup.
3) On Windows the OS might send mouse move events to the popup RWHVQD
instance after its parent QWebEngineView, RWHVQD,
QWebEnginePagePrivate (client adapter) is destroyed. We need to
guard the mouse forwarding code not to access the client adapter
if it has already been destroyed.
The second point is done by telling Chromium that its popup lost focus
which it interprets as a sign to hide it, and automatically destroy
it. This will destroy the underlying RWHVQtDelegateWidget and
RWHVQt instances.
Task-number: QTBUG-59891
Change-Id: I47f94a93c495a6caa5de92a6022eaca154994eda
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-69605
Change-Id: I863db484ff2bcf558585f75c73963097fb43148a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Include following patches:
c020786f57 Fix compilation failure in time_win.cc
eea22d3cac [Backport] media: Increase DecoderBuffer::kPaddingSize to 64
91d24cdd6f Reduce severity level of messages when kDisableGpu switch is
used
298fb05460 Fix --single-process --disable-gpu combination not to hit
asserts
db81dc68a8 Remove incomplete logic to detect AMD K2 CPU's
b11fd882e8 Do not write <protocol>.json to source directory
Change-Id: I4e3c0c2f3908f358b43ae4af8baebc2012c9830b
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We used lessThan for the Xcode version check, which started to fail
when comparing Xcode 10 with Xcode 7.3, because lessThan first tries
to convert the arguments to ints and if that fails, it does string
comparison instead.
Rewrite the code to be similar to the SDK checks.
We can't use the qmake versionAtLeast function because it was added
in Qt 5.10, and we still need to be able to build against Qt 5.9.
Task-number: QTBUG-69476
Change-Id: I831a683ee676838a4d531a4d6e715182e9e4193d
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
The documentation says we require 4.7 or later but actually already since the
5.10.0 release our qmake config has been checking for version 5 or later.
Task-number: QTBUG-69535
Change-Id: Ia2f74b35570a9ba6fd1423b9507fe636d850db76
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
| |
Adds note for QWebEnginePage::print(...) function.
Change-Id: I52ec78ccfc5c4eeb98ee69f9aaab01b380f97a81
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Szabolcs David <davidsz@inf.u-szeged.hu>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The empty URL is used both for representing a missing origin (browser-initiated
navigation request) and a unique/opaque origin. This is problematic since the
security implications are very different in these two cases: browser-initiated
requests usually should have high security clearance, while requests from unique
origins should be restricted.
Task-number: QTBUG-69372
Change-Id: Iff73fd1c9a29f1c5c281a8945536333081ff2d6b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|