| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QWebEngineCookieStore::setCookie was incorrectly validating cookies
after an API change in chromium; this would lead to cookies being
considered always valid which could crash if validation failed.
This commit updates the API call and adds a test to check that
invalid cookies are no longer added.
Pick-to: 6.7 6.6
Change-Id: I6fc4268a483c9495c19843f3a7b16b4f234633b4
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-117983
Change-Id: I3f5b90c0d43071a5c8ebc4096995ce5e1e65aebb
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: Ida26b8ce703db970a6baf1c6aad305d64c9749e0
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.7 6.6
Change-Id: I79ef6363772c484989dadda76ce18fb285a6ea64
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: I8eea99a472cc597ff9864b570c90b28b79b3751e
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
| |
Change-Id: Ie297e6ddef21cda8d71ef3daeaa4bcb82e806911
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
| |
Change-Id: I1131b2873f82d954ca47bf90bc82200d5f4cd751
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a QWebEngineUrlRequestInterceptor has added extra headers to
the request on profile level, later the request was not processed
by the page interceptor. Relax this rule and only prevent the
interception of blocked or redirected requests.
Add auto test and extend documentation.
Pick-to: 6.6
Task-number: QTBUG-117752
Change-Id: I503bfc256a5e874a678be64c597c74e04e7ce966
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All these TUs relied on transitive includes of qpointer.h, maybe to a
large extent via qevent.h, though, given that qevent.h is more or less
the only public QtBase header that includes qpointer.h, something else
seems to be at play here.
Said qevent.h actually needs QPointer in-name-only, so a forward
declaration would suffice. Prepare for qevent.h dropping the include.
The algorithm I used was:
If the TU mentions 'passiveGrabbers', the name of the QEvent function
that returns QPointers, and the TU doesn't have qpointer.h included
explicitly, include it. That may produce False Positives, but better
safe than sorry. Otherwise, in src/, add an include to all source and
header files which mention QPointer. Exception: if foo.h of a foo.cpp
already includes it, don't include again.
Task-number: QTBUG-117670
Change-Id: I7c18d8cfea4eb65eb7b518b03eedf3750dd45916
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Change-Id: I51e6e52ebb36b57c18537b054db6f3d25f75a4fc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The API was deprecated in Qt 6.0, so use std::unique_ptr instead.
The QWebEngineUrlRequestInfo's destructor is private, so create
a custom deleter struct which properly deletes the object.
This works, because InterceptedRequest is a friend of
QWebEngineUrlRequestInfo.
Pick-to: 6.6 6.5
Change-Id: I69e1b31360ec5ae4b32b6e7f0416b39aecb2f5f9
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Do comments from api review:
* use static setDnsMode
* use struct for mode and server templates
* remove QObject
* do not use QScopedPointer
* use the namespace instead of the class
Pick-to: 6.6
Change-Id: I766626330e4cc190a170fcd6b5e32b1f60ad675c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
| |
For consistency with other response headers, even if it is going
to be inconsistent with existing request headers.
Pick-to: 6.6
Change-Id: I9e9c36ac20982d9c833486171fa9944c9059f471
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It has been found to not have any real effect, therefore, we remove it
again to not release a non-functional API and create false expectations
in users.
This reverts commits
3f5de5fab74e6c152cdf5d04f3d893feaa31790b
ab21f39c6a54be331dd8a155d3374bfe790e0274 (parts)
082eef1916a86d6d5e0c751d271c7c8a1a5e457d
5e257fb57a211f95556ec387fe6f262a60cbb6fe
Pick-to: 6.6
Task-number: QTBUG-61071
Change-Id: Ifb33e32128e77dfffed863a1a7501ba21796692d
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
This API was deprecated in Qt 6.0. Use std::unique_ptr instead.
Pick-to: 6.6 6.5
Change-Id: I6bdb4db129b6a669eeb3fac6b4c0b097087ec082
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We kept urls in examples to point to company website.
However this site is heavy to load and moreover it changes
overtime leaving example screenshots obsolete.
Introduce internal qt version web ui page which will
be default page for examples and which displays basic
information and can work offline.
For start show version info and command line options
for chrome://qt
Pick-to: 6.6
Change-Id: I0271ce6e7b152efe4942a6240b0c74ba382d5fcc
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch improves the DNS-over-HTTPS configuration and sets defaults
for the general DNS logic. The following changes are included:
- Insecure Chromium DNS client is always OFF (OFF is the Chromium
default as well)
- Add DnsMode::SystemOnly, which configures Chromium to only use the
system DNS
- The default DNS configuration is DnsMode::SystemOnly
- Rename DnsMode::Secure to DnsMode::SecureOnly and
DnsMode::WithFallback to DnsMode::SecureWithFallback to be clearer
what each enum value does
- Add error handling for invalid URI templates
- Added test cases to handle the new logic
- Some minor refactoring for cleanup purposes with the new defaults and
logic taken into consideration
- Some minor bug fixes
Task-number: QTBUG-98284
Pick-to: 6.6
Change-Id: Ie332166f8b5b83c8939af35e4eb8b69b417abdcf
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Additionally make destructor out of line in
qwebengineurlrequestinterceptor as it mirrors
qwebenigneurlresponeinterceptor.
Pick-to: 6.6
Change-Id: I0cdf7eae9faa671415359368560fb8f6aabf05fe
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.6
Change-Id: I1bb84b20a080d7f615bf0795ac2d97739e99ac1d
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.6
Change-Id: I56e1695ee4fc2b0e12da6580a5673df80bba8b6d
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
| |
Add ResourceRequestBody to QWebEngineUrlRequestJob, thus exposing the
request body to custom URL scheme handlers.
Fixes: QTBUG-67055
Change-Id: I0a31dfdbb4e3353dc1e469234ba452a0cbfd5965
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
| |
This patch implements a QIODevice subclass that gives access to the
request body inside QWebEngineUrlRequestInterceptor::interceptRequest().
Fixes: QTBUG-61320
Change-Id: Ib6010dad908c65e070d63927b619eaed2347e317
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Invalid proxy settings may result in a crash in chromium.
Use chromium's helper function that validates proxy configs
instead of constructing net::ProxyServer manually.
On invalid input, result will be a `SCHEME_INVALID` ProxyServer.
Fixes: QTBUG-113992
Pick-to: 6.5 6.6
Change-Id: I1745ae3c3cd4da40d3d8b92a14f752ac9b3f8d31
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Make the constructor explicit, add explicit external destructor.
Use QMultiMap instead of QHash for request headers, as those can
potentially be repeating.
Pick-to: 6.6
Change-Id: Id1730b015971287e63562ac67cfa964f2abbb7cc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Do not prevent access to files when users navigate by user gesture,
reload, or navigate the main frame back and forward in history.
Task-number: QTBUG-113413
Task-number: QTBUG-113485
Change-Id: I942362f7048618dac7a067c8713285deb4ca06f5
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
- Removed leading and trailing space characters from content-type and character set.
Fixes: QTBUG-112483
Change-Id: I7616ba7aa78e4d76121e8beb17f32f898e3734a6
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement QWebEngineGlobalSettings, a singleton class that contains
global web engine settings (currently only for DoH).
Allow the user to configure the stub host resolver to enable
DNS-over-HTTPS.
Fixes: QTBUG-98284
Change-Id: I1b06737c84e1b8d613aa257f4a891f82cac21013
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the QWebEngineUrlResponseInterceptor abstract class,
which, when implemented, allows a user to intercept response headers and
modify them in any way they like.
A response interceptor can be set via
QWebEngineProfile::setUrlResponseInterceptor(),
QQuickWebEngineProfile::setUrlResponseInterceptor() or
QWebEnginePage::setUrlResponseInterceptor().
Also, the QWebEngineUrlResponseInfo class is implemented, which contains
the request and response data to be used with the response interceptor.
If a response interceptor is set in the profile and page, the one in the
profile takes precedence.
Fixes: QTBUG-61071
Change-Id: I484d14373ff597b1d531541c066f0102bae28c72
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
| |
Change-Id: I421948a1be346940c7d87873f56e2944e61ebbd8
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add additional response headers field to URLRequestCustomJobDelegate.
Those fields can be set via
QWebEngineUrlRequestJob::setAdditionalResponseHeaders(
const QMap<QByteArray, QByteArray> &
). They are added to URLRequestCustomJobProxy::m_client when
URLRequestCustomJobProxy::reply(std::string, QIODevice) is called, and
added to the response headers within
CustomURLLoaderFactory::notifyHeadersComplete().
Fixes: QTBUG-106578
Change-Id: Ie0f0af07a5381c6f24ec0a1ee1b5bcb0e8c4fa5f
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
| |
Pick-to: 6.5
Fixes: QTBUG-105147
Change-Id: I0022964903f3443cc97843c62468ab9be8ae2ed8
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
| |
The previous response head gets moved when redirecting, which lead to
dereferencing a null pointer on the next redirect.
Pick-to: 6.4 5.15
Fixes: QTBUG-109357
Change-Id: Iaad1c46b8d4ca9720f1749980a9e06337ca0f3d8
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: I8f0154f7f664a2b438cbe6e06b4638156d04f550
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Change-Id: I2fe91c06ce91dfaace7825a0589b56ee375479b6
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Change-Id: Ieb44b5c98b3342adca38916d8b77c54e8ed8e1d7
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
| |
Change 'Override" in favor of 'Qt' so it matches the rest
of the source base.
Pick-to: 6.4
Change-Id: I0ba614ed3017a8d7e0ba5fc703b3f04c28b5ead7
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the certificate choice return both application and
system certificates.
Add unit test to cover the case on Linux.
Unfortunately it requires adding the user certificate to
the nss data store, which is not not nice, however porting
the certificate manger from Chromium is a bigger task.
Test runs only if the machine has pk12utils installed.
During the test the user certificate is imported into
the nss database with the nickname 'qwebengineclientcertificatestore'.
This can be removed later with:
ninja remove-user-personal-certificate
and verified with:
certutil -d sql:$HOME/.pki/nssdb -L
Pick-to: 6.4
Change-Id: I475fddc68ea56304980f6c835ed4cfed4b093ad4
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
| |
We failed to support pss, which ended up in handshake failures
Pick-to: 6.4
Change-Id: I12c50d6a5f2dcf32d47708a958e2fe5a18316986
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check for expired certificate, they will most likely
fail during authentication, so no point of selecting them.
According to rfc5246 certificate authorities list in certificate
request can be empty.
"If the certificate_authorities list is empty, then the client MAY
send any certificate of the appropriat ClientCertificateType,
unless there is some external arrangement to the contrary."
https://datatracker.ietf.org/doc/html/rfc5246#section-7.4.4
Support empty CA list.
Pick-to: 6.4
Change-Id: I0ae3cbd7b0cd13ef943b431c81c3edea5ae9162d
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Use Chrome's DevToolsFileHelper implementation.
Enable downloading contents from devtools.
Enable editing and saving files with devtools workspace.
Task-number: QTBUG-85171
Change-Id: I987c667a59c12792c35a802326596e5799f42290
Reviewed-by: Szabolcs David <davidsz@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far we supported v8 proxy resolver and 'older'
WinHttp based proxy resolver, which involves pulling
(directly) WinHttpGetIEProxyConfigForCurrentUser and does
not support (according to Chromium authors) Name Resolution
Proxy Table.
With 102 we are able to use windows system proxy resolver in
form of 'modern' service using also WinHTTP APIs.
This is going to replace later default old implementation.
Add same switches as Chromium supports:
* --winhttp-system-proxy-resolver
to use older WinHttp resolver instead of v8 resolver
(note v8 resolver does not work in single-process)
* --use-system-proxy-resolver
to use 'new' proxy system resolver service
Note as new service requires minimum windows 10 1604 or later build,
application needs correct manifest, otherwise it will
silently fallback to older 'direct' WinHttp resolver.
Note to test the 'new' proxy resolver, following pac file can
be served to windows proxy configuration to prove that pac
script is actually resolved:
function FindProxyForURL(url,host) {
if (dnsDomainIs(host, "qt.io"))
return "DIRECT"
return "PROXY localhost:6666"
}
Task-number: QTBUG-104436
Change-Id: Ib2625c5ab5e618c8fdebd1bdc1cda928639a5dd5
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Correct application/x-extension-html to text/html
Fixes: QTBUG-97392
Fixes: QTBUG-106688
Pick-to: 6.4 6.3 5.15
Change-Id: I0d65c6950c5ba1504586cf564268463c5d4cd483
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
| |
The system certificate store was never generated after the define
switched to being a BUILDFLAG
Pick-to: 6.4 6.3
Change-Id: I2efa54bd397e2dde55c249747f73a9ffb08e80ea
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
| |
This parts were never compiled on windows.
This amends 0ca4eba961.
Change-Id: I683badfaf6e8be1cec808f3340e3980e167fbcdb
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sequential QIODevices are allowed to report atEnd() when they have no
data to read, but add more data later.
To avoid a regression with our own tests, treat a read error from a
sequential device at end, as end-of-data.
Pick-to: 6.4 6.4.0 6.3
Fixes: QTBUG-106461
Change-Id: Iac1233e6daa978c827c37a7fd3131e2fce764111
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use Chrome's implementation of PushMessagingService. This feature
relies on notification permissions, so it is not different from
Web Notification from end-users perspective.
We don't persist push subscriptions, because it seems these have
to be consistent with persisting notification permissions.
Make address of push service configurable by a profile setting.
It is empty by default - which means the feature is disabled until
the user sets the address of a push service.
Task-number: QTBUG-98904
Task-number: QTBUG-53457
Change-Id: If44f459fecf2da482c28fee5562f62fe40de103e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
The writable watcher will trigger all the time if we use automatic
arming, instead we need to arm it manually when it is needed.
Pick-to: 6.4 6.4.0 6.3
Task-number: QTBUG-106461
Change-Id: Ia381db338adb1b1994d1da9b50c6d6ff542ea3e5
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Fixes: QTBUG-105399
Change-Id: I6bc64d7f0b5e80b8645d7dbccb224262ff17c1a4
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was broken after 102-based merge
Submodule src/3rdparty c57592220..8496e1340:
> Revert "Jumbo build mojom files"
> FIXUP: Fix building with optimize_webui=false
> Revert "Add remove_v8base_debug_symbols to GN"
> FIXUP: Fix crashes and asserts
> Add missing node modules for PDF support
> [Backport] CVE-2022-2614: Use after free in Sign-In Flow
> [Backport] CVE-2022-2618: Insufficient validation of untrusted input in Internals
> [Backport] CVE-2022-2612: Side-channel information leakage in Keyboard input
> [Backport] CVE-2022-2613: Use after free in Input
> [Backport] CVE-2022-2624: Heap buffer overflow in PDF
> [Backport] CVE-2022-2610: Insufficient policy enforcement in Background Fetch
> [Backport] CVE-2022-2615: Insufficient policy enforcement in Cookies
> [Backport] CVE-2022-2294: Heap buffer overflow in WebRTC
> [Backport] CVE-2022-2478 : Use after free in PDF
> Jumbo build mojom files
Pick-to: 6.4
Change-Id: I4fc608c21ab8aaa508329e708446b57cccbddf76
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using proxy v8 resolver ends up in race condition
when render thread tries to evaluate extension handle
and v8 proxy resolver evaluates proxy pac script.
Disable v8 proxy resolver for single process mode.
Issue tracked upstream http://crbug.com/474654
Modify the unit test to catch the crash case, the test
loads now network resource but it does not matter
as we do not check for failure or success.
Fixes: QTBUG-104436
Pick-to: 6.4 6.3
Change-Id: Id3221d1b8b3896f0ced3d0cd7cb9d9eceeb929cc
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|