| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Including security issue under active exploit.
Submodule src/3rdparty 55b3d183..fb6ab5e4:
> [Backport] Security bug 1137608
> [Backport] CVE-2020-16011: Heap buffer overflow in UI on Windows.
> [Backport] CVE-2020-16009: Inappropriate implementation in V8
> [Backport] CVE-2020-16008: Stack buffer overflow in WebRTC
> [Backport] CVE-2020-16005: Insufficient policy enforcement in ANGLE
> Fix assert when running tests build with -no-webengine-webrtc
Change-Id: Ic9ee45fbd78c999881454e5e0e3091489f637aae
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Desktop audio capture requires loopback device. If creation of the
loopback device fails, it aborts the screen capture too.
Chromium does not support audio loopback on Linux and macOS:
https://crbug.com/223639
This is still the case in Chrome 88.
The fix is based on: https://codereview.chromium.org/24153018
Change-Id: Ifb13bce3b79193203c0bf52e1f2a1b3936e017c7
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
2cad1d38b57 [Backport] CVE-2020-6540: Heap buffer overflow in Skia
e1f5ffc2a12 [Backport] CVE-2020-6569: Integer overflow in WebUSB
75b417b86b4 [Backport] CVE-2020-6570: Side-channel information leakage in WebRTC
0785cd83782 [Backport] CVE-2020-6573: Use after free in video
3ddb1e9639a [Backport] CVE-2020-6575: Race in Mojo
e967bb155a0 [Backport] CVE-2020-6576: Use after free in offscreen canvas
40cebfb3051 [Backport] CVE-2020-15959: Insufficient policy enforcement in networking
405e7526583 [Backport] CVE-2020-15965: Out of bounds write in V8
295feb590b1 [Backport] CVE-2020-15963 and CVE-2020-15966
43812fd40d4 [Backport] CVE-2020-15961: Insufficient policy enforcement in extensions
08a25bf9dd2 Only upgrade to WebSocket when WebSocket was requested
2f75c909270 [Backport] CVE-2020-15962: Insufficient policy enforcement in serial
06afd03d826 [Backport] CVE-2020-15960: Out of bounds read in storage
9e5518f06ad [Backport] Security bug 1111149
b627f77e859 [Backport] CVE-2020-15964: Insufficient data validation in media
bc35c7711ad Fix assert when checking if RendererAppContainer feature is enabled
06b27f95d60 [Backport] CVE-2020-6571: Incorrect security UI in Omnibox
8227b9613d1 CVE-2020-15999: Heap buffer overflow in freetype
cc1e87a0d71 [Backport] CVE-2020-15978 Insufficient data validation in navigation
308da5d58b4 [Backport] CVE-2020-15969: Use after free in WebRTC.
9f5fde5b649 [Backport] CVE-2020-15968: Use after free in Blink
97b92535b31 [Backport] CVE-2020-15972: Use after free in audio.
873abc1112c [Backport] CVE-2020-15979: Inappropriate implementation in V8.
c0343ceec47 [Backport] CVE-2020-15976: Use after free in WebXR
e874d48f9e6 [Backport] CVE-2020-15992 Insufficient policy enforcement in networking
956ce06c56c [Backport] CVE-2020-15974: Integer overflow in Blink
4662223422d [Backport] Security bug 1125199
74e26aab318 [Backport] Security bug 1107824
33e9e655166 [Backport] CVE-2020-15977: Insufficient data validation in dialogs.
f6db4999b0e [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (1/2)
466da17a0cd [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (2/2)
027c3d7bae7 [Backport] CVE-2020-15989: Uninitialized Use in PDFium
14e9b6f6d3a [Backport] CVE-2020-16003: Use after free in printing
8527c994fe3 [Backport] CVE-2020-16002: Use after free in PDFium
4f461642a79 [Backport] CVE-2020-16001: Use after free in media.
99877493b32 Fixup: [Backport] CVE-2020-16001: Use after free in media
489d6e637e5 [Backport] CVE-2020-15987: Use after free in WebRTC (1/2)
6ef8f4ed829 [Backport] CVE-2020-15987: Use after free in WebRTC (2/2)
9d173d02d5e [Backport] Security bug 1106091
327474aed0e [Backport] CVE-2020-6557: Inappropriate implementation in networking
55b3d183921 [Backport] CVE-2020-15985: Inappropriate implementation in Blink.
Task-number: QTBUG-87967
Change-Id: Ibca52ab97ac407679e4bac5c6b7dc2285f8bcd37
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
Add QTest::qWaitForWindowExposed() to make sure that
the window is visible before the input event is sent.
Change-Id: I72b02abaaf5970a1533f1d6f6dae59e47e891548
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Pick-to: dev 5.15
Change-Id: If1c29cc043736619513620120f96133575bf28d5
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
Uses percentage encoded utf8.
Task-number: QTBUG-85363
Change-Id: Idabe6ff9a66897792732b9ebb648f54a84e86bb8
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
| |
Change-Id: Id180c2ea2fefed919b4c623d20da392ad5db27d1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 78b44a26b256fdaa70832455d8d4711bbe7fa17a)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
| |
Add missing ',' to fix a crash in release export tool
Change-Id: I163c85641a3dfbfd7827d70483de3273dbf03442
Reviewed-by: Antti Kokko <antti.kokko@qt.io>
|
|
|
|
|
|
|
|
|
| |
Add error message when trying to launch QtWebEngineProcess
from network share if sandbox is enabled.
Task-number: QTBUG-84632
Change-Id: Ia7d5df38accf60eafe8fb4d43dab3db4d2d51287
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
Speculative fix.
Task-number: QTBUG-87113
Change-Id: Id72af6cc963e769e87dd043f49ca0010c7e27902
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
|
|
|
|
|
|
|
|
| |
Speculative fix.
Task-number: QTBUG-86972
Change-Id: Idc69b472439e602dc6db5dfa8fc67606b9abde08
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
|
|
|
|
|
|
|
|
| |
Fix typo in examples.pro and update related pro files.
Drop dependency on widgets in qml examples.
Change-Id: I571069e5b42cc0d0d94d54ce157a6e8636275cae
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
| |
Do not look up fallback values before they are needed.
Change-Id: I8bb21e261e8d218c658ac2a08e3cdc30b2cea47d
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-87129
Change-Id: Id98aa1e8c839c06022fbc633c0b64c7681205349
Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-65223
Change-Id: Ia8183759e23d93c5561fceb8d562b74add474b21
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
| |
Make QWebEngineView a member of tst_LoadSignals. Also stop recreating
it for every test.
Task-number: QTBUG-65223
Change-Id: I2ed7c12559e56e23302813eb6f33c1e26a9d8748
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
| |
No more downloadable.tar.gz in the downloads directory for every run...
Task-number: QTBUG-65223
Change-Id: I010bfc7785afca537734298a1618cd7ce05d50cf
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
| |
Change-Id: I5dfb1db3a7d4ba825cf66c155af89252b60e6cdf
|
|
|
|
|
|
|
|
| |
Fix typo which surprisingly gives no errors with archiver,
however generated archives are bogus (at lest with lld)
Change-Id: Iea1e22c66eb99a720b398c5903b56938b309905f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
If the PDF is not loaded before it jumps to the image then it fails
to jump to the specified page and ends up showing the first one.
Change-Id: I6061431e1fd9b743afaca3df0aec03dc6a1144bf
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
(cherry picked from commit e2e249b8bb399ef7bcf6fe3be0b4f2fc9fa18182)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
| |
Chromium will recreate the original mapping based on the native keycode,
breaking any remapping.
Fixes: QTBUG-86672
Change-Id: I4b7e6f7434049cdf7250bee1ef759a9df4d4987c
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
| |
The QIcon::pixmap function does internal scaling messing up our
intermediate structures.
Change-Id: I727efd58a4cc948fa3e4b23539d97e8ca755d060
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
8776c7b2c15 [Backport] Security bug 1052492
22d88d240bc [Backport] CVE-2020-6533: Type Confusion in V8.
3c832d33641 [Backport] CVE-2020-6532: Use after free in SCTP
388b838dbb3 [Backport] CVE-2020-6541: Use after free in WebUSB
27fa668c5ee [Backport] Security bug 1102408
d3a76ebde8e [Backport] CVE-2020-6542: Use after free in ANGLE
4694a85f33e [Backport] CVE-2020-6543: Use after free in task scheduling
583f976f9a7 [Backport] CVE-2020-6544: Use after free in media
fa97385b501 [Backport] CVE-2020-6548: Heap buffer overflow in Skia
32655453cd7 [Backport] CVE-2020-6549: Use after free in media
ddcf711e69e [Backport] CVE-2020-6550: Use after free in IndexedDB
6a0f49a17b0 [Backport] CVE-2020-6551: Use after free in WebXR
b385b7bbbe4 [Backport] CVE-2020-6545: Use after free in audio
fe23e656183 [Backport] CVE-2020-6559: Use after free in presentation API
4466538c610 [Backport] Security issue 1102137
c3d07802d40 [Backport] Security issue 1108639
b1c7638148b [Backport] Security issue 1098860
011af517d81 [Backport] CVE-2020-6555: Out of bounds read in WebGL
273005ea959 [Backport] Security bugs 1087629 and 1029569
bdb438eff33 [Backport] Dependency for CVE-2020-6561 (1/2)
c223f423808 [Backport] Dependency for CVE-2020-6561 (2/2)
607bff335b1 [Backport] CVE-2020-6561: Inappropriate implementation in Content Security Policy
ed4b6792e13 [Backport] CVE-2020-6562: Insufficient policy enforcement in Blink
c5637fa9071 [Revert] [build] Remove jumbo build configs
Task-number: QTBUG-86342
Change-Id: I7ad617e1c617ef405a608e05cdafbfae5ad412fa
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Amends commit 99a668c324. Task 'swapBuffersOnVizThread' is supposed to
be scheduled only when m_middleBuffer is ready after swap on gpu thread.
Checking for m_taskRunner is not enough to verify this. Call to
updatePaintNode may come from SG backend on expose event, thus breaking
expected sequence of buffers swaps.
Task-number: QTBUG-85817
Fixes: QTBUG-86599
Change-Id: Ia97a7a24b5672a2979b514d3cb4879e7630941eb
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
| |
Add the missing implementation of
ContentRendererClient::IsOriginIsolatedPepperPlugin().
Change-Id: Ic4157da6b373450e620ff46faedad213a69adfec
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Change-Id: I81111633fb0050f75e49c8bee0354436ecec533a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 17cab42bf68ee70f641718a144f864eb04042aa4)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
| |
Widget API already ignores these cases.
This would cause a crash for fatal certificate errors after 83-based.
Change-Id: I3e80bb12f023f22e330218a5b20f3e267bb237dc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Can be reproduced with quicknanobrowser by
1. Open devtools
2. Switch to OTR mode
During the switch to OTR mode, the inspected WebContentsAdapter is
destroyed and recreated. DevToolsFrontendQt is supposed to call
devToolsFrontendDestroyed on the old WebContentsAdapter, but it
accesses this adapter through QQuickWebEngineViewPrivate's
webContentsAdapter() which has already been changed to the new value,
so devToolsFrontendDestroyed is actually called on the wrong object.
Fix by remembering the WebContentsAdapter pointer in the
DevToolsFrontendQt constructor.
Change-Id: I17004ebb1a392399ef3e189c433d3f4b3f05bfd3
Reviewed-by: Tamas Zakor <ztamas@inf.u-szeged.hu>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
And update another error that is now better in its other description.
Change-Id: I1b35db2196d05bb35d4c2e1e702fadb430e784c1
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
b1c7f4dd221 [Backport] CVE-2020-6510: Heap buffer overflow in background fetch
9a1f5aa55bf [Backport] CVE-2020-6511: Side-channel information leakage in CSP (1/2)
65a41d539be [Backport] CVE-2020-6511: Side-channel information leakage in CSP (2/2)
c7659e61424 [Backport] CVE-2020-6512: Type Confusion in V8 (1/2)
c3dda9b1ba0 [Backport] CVE-2020-6512: Type Confusion in V8 (2/2)
b6707b23089 [Backport] CVE-2020-6512: Type Confusion in V8 (3/3)
0ea2066f022 [Backport] CVE-2020-6514: Inappropriate implementation in WebRTC
9c0fcb08ccc [Backport] CVE-2020-6518: Use after free in developer tools
cf40f91b1a1 [Backport] CVE-2020-6523: Out of bounds write in Skia
ed4112559e3 [Backport] CVE-2020-6513: Heap buffer overflow in PDFium
6f57596692e [Backport] CVE-2020-6524: Heap buffer overflow in WebAudio
33ea34381ce [Backport] CVE-2020-6526: Inappropriate implementation in iframe sandbox
49583b1502a [Backport] CVE-2020-6529: Inappropriate implementation in WebRTC
d4576fb0757 [Backport] CVE-2020-6535: Insufficient data validation in WebUI
0998aa1143f [Backport] Security bug 1090543
98883838595 [Backport] CVE-2020-6530: Out of bounds memory access in developer tools
1be41cad096 [Backport] CVE-2020-6531: Side-channel information leakage in scroll to text
71896380867 [Backport] Security bug 1065731
3f13f72f337 [Backport] Security bug 1065122
c8109013cc7 [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC
Change-Id: Idd5bf0023c013bf94ebae552b27932a14ddb86d2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Most of the includes were included twice
Change-Id: Ie2967e9d8ef4799c28a856ade7318d24bac391c6
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: I63ed851426b18623d549ceaf87f1b6eeec527966
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
| |
Change-Id: Ie422b327025da084bc8038c7a0aadee2db801f29
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
| |
Change-Id: I1b056a61e2b56b19441f559e97f785c87df61a0c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit b00af13974b2c72ae4d397fbdf5925181e7cc1bf)
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|\
| |
| |
| | |
Change-Id: Ieb546ccd35db06e8ad6358b11e3139a839c9b4cf
|
| |
| |
| |
| |
| | |
Change-Id: Ic62389b2253f2ee4982c34e33111f84f44ed6bc5
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Submodule src/3rdparty 4e0b66a6..62bc4758:
> [Backport] Security issue 1098860
> [Backport] Security issue 1108639
> [Backport] Security issue 1102137
> [Backport] CVE-2020-6559: Use after free in presentation API
Change-Id: Ifa6ba52fa2d760b20e3b36abb10adaca0fc79cf8
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Otherwise unchanged intercepted request leads to second call
in the same interceptor but on ui thread after io thread.
Ammends a05bb73747.
Fixes: QTBUG-86267
Change-Id: I4e7c662d24a58be5445f5c8b6d0bf3751f40cc05
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
* e31cc67a44d Fix neon support in libpng
Change-Id: Ib06498f303106d113cc3b4c5b70d20685c9e6b9f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This supposed to be covered by ff50fbf but got lost in
following patchsets and static ios build did not complain
about it.
Change-Id: Ie4e34dc12d942442824ba1f0e3483bed682b3157
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
Add qml test and check for widgets context menu item
Change-Id: I96ad15dd28f4b6bd9a7af1ed7f8ca1fda568ac81
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Suppress duplicated progress values coming from chromium.
Verify this behavior reliably (and not only 0 and 100 value) by loading html
with subresources with minor delay through test http server.
Change-Id: Id034dda9012212d54d12fc95d5939ba301577c1c
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| | |
Change-Id: I2e15dff77c8f18af60a565cb74558f57c3527db8
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since reply with 404 for unknown resources is a common pattern in tests,
reply with it automatically for unhandled requests
Change-Id: Ifd184cf474f1ec311c8654dfbacdd735e33d7c97
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Wait for favicon request, otherwise, since the profile is shared
between tests, the request might happen during the next test.
Change-Id: I065e54ff6af4985e493a8cea10084e67293a5f0e
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The ScopedGLContextChecker, which deactivates the current
QOpenGLContext when executing Chromium tasks, is currently enabled
only if QOpenGLContext::supportsThreadedOpenGL() is false. But the gpu
thread can nowadays be disabled also with an environment variable and
ScopedGLContextChecker needs to take this into account.
Change-Id: I012524538b49b033ed053dbc41ed4350db916542
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit 5988cec1a1b59aa163042a419c4c2e978bb814bb)
|
|/
|
|
|
|
|
|
|
|
|
|
| |
This is the case when the WebEngineNewViewRequest.openIn()
is not called on newViewRequested().
For example, when opening the view source from context
menu in quick minimal example.
Fixes: QTBUG-85494
Change-Id: I7c1ae53684361de459b2f268e471904e632821b0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: I9fd76405eb615db6cef1df2990d732823febdb70
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
| |
At least turns our support off on html5test.com
Change-Id: Ic82800b0efb70bb5589f7544b851ebcd64000105
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
Was enabled for all platforms except windows using MSVC, but
compiles just fine for us.
Fixes: QTBUG-86092
Change-Id: Ib15d94c36b8a411dd5eab01843db1a3666ac370f
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|