| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Add the proper compile time guards around the usages of OpenGL specific
methods that were missing them.
Fixes: QTBUG-123058
Change-Id: If9545b7565b69c7a4c5d183754b3750a3c6c1298
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code assumed that the guest view web contents would have a delegate
of type WebContentsDelegateQt (as it does in later versions after some
refactoring) and, due to the lack of RTTI, called a method that does not
exist in GuestViewBase. Fix this for this branch by using the top level
web contents' delegate in this case.
Fixes: QTBUG-117453
Change-Id: I9d32f145bf83ab68f8ee83a5fefa81c800896536
Reviewed-by: Szabolcs David <davidsz@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
| |
Fixes: QTBUG-111697
Change-Id: Ife05645ae96d1e18727d8d79efbbd64f813b8dcd
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 778554ec28039dd5ddaf536be9776ea0f6301501)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously this was disabled unless the
QTWEBENGINE_ENABLE_LINUX_ACCESSIBILITY was set, as the debian packaging
was always enabling accessibility[1] even if a screen reader was not
enabled.
This is not the case anymore since 5 years ago[2] and now accessibility will
only be enabled if a screen reader is detected. Which is the correct
upstream behavior of at-spi2-core.
So now enable accessibility unless
QTWEBENGINE_ENABLE_LINUX_ACCESSIBILITY is set to 0
[1]: https://salsa.debian.org/a11y-team/at-spi2-core/-/commit/2a99b7b40526bbdf091cc574ec08d86c9a46f405
[2]: https://salsa.debian.org/a11y-team/at-spi2-core/-/commit/fde0bbead6aacefd0b5dcf9f6d36f7f50a2c0f3d
Change-Id: Ie5554f8b578dcca87a54dad525ae6a83d6f8f9d8
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 8f06b3e970f768f6a5776845c83090f1fc8b0162)
|
|
|
|
|
|
|
|
|
|
|
|
| |
QQuickWebEngineProfile already initializes totalBytes.
Also fix typo in documentation.
Fixes: QTBUG-104869
Change-Id: I8c4b79c076ddc63180960e22a9488b45ff6c4402
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 496647f7647571ca3cdf81b10ba418de0f06f34d)
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is enabled by default in Chromium for debug build.
See //ipc/features.gni.
Disable it for debug build too because it adds and extra
SetIPCLoggingEnabled mojo message (see
//content/common/child_process.mojom) and it results different mojo
message ids for the debug and release binaries. This is undesirable
when setting QTWEBENGINEPROCESS_PATH environment variable to use release
QtWebEngineProcess with debug browser process or the other way around.
The messages and the corresponding ids can be listed by executing the
following command in the QtWebEngine build directory:
find . -name "*-message-ids.h" | xargs grep -h "constexpr uint32_t"
Task-number: QTBUG-110504
Change-Id: I80f24117ae20d02fb53ea482d04bea7a9dcb38c1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 114c6d0543e1ebe4ec12693b0d462ec05037e3a4)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keeping the GetInProcessGpuShareGroup in content browser client
creates dependency from gpu_child_thread to content browser,
however gn build tree asserts when content/public/gpu depends on
content/public/browser as it breaks intended components dependency.
This worked so far as required headers in content browser client
got generated on time despite of missing dependency.
Fix the dependency tree and move the problematic function into
the content gpu client.
This change moves only code around.
Change-Id: Iedcbc8c3c7d1754d1937e6b2c2a470c0e489a597
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
We failed to support pss, which ended up in handshake failures
Task-number: QTBUG-109273
Change-Id: I12c50d6a5f2dcf32d47708a958e2fe5a18316986
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 2d77e333eff7605a489ec65600b78e1b49df37c7)
|
|
|
|
|
|
|
|
|
|
| |
The previous response head gets moved when redirecting, which lead to
dereferencing a null pointer on the next redirect.
Fixes: QTBUG-109357
Change-Id: Iaad1c46b8d4ca9720f1749980a9e06337ca0f3d8
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit c6b2b5d8038b3ec0de6233c1e21df60ade11c81b)
|
|
|
|
|
|
|
|
|
|
|
| |
Correct application/x-extension-html to text/html
Fixes: QTBUG-97392
Fixes: QTBUG-106688
Change-Id: I0d65c6950c5ba1504586cf564268463c5d4cd483
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
(cherry picked from commit 84ebd698597cf7a45b5e0967221547c21b1d67e8)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
| |
The writable watcher will trigger all the time if we use automatic
arming, instead we need to arm it manually when it is needed.
Task-number: QTBUG-106461
Change-Id: Ia381db338adb1b1994d1da9b50c6d6ff542ea3e5
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit b30559565cb91501baddea495362101341a0aa22)
|
|
|
|
|
|
|
|
|
| |
Detected by codechecker.
Change-Id: I8814180ef6bd591ed3e95fc4b4abff3454f10bdf
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit 51faba3af76f4a7c67c769a5ab0be17c9aa54f83)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Earlier fix cf8bc1899a introduced the logic, where all system
synthesized mouse events are ignored. But after c56169f7a1 this is
undesired since for widget with Qt::Popup flag touch input is
ignored by QWidgetWindow, and input is expected to be delivered to
popup as synthesized mouse event (either synthesized by Qt or for
capabable devices by system). So allow system synthesized mouse events
to let through for popup. Synthesis by Qt is suppress automatically
for accepted touch event, it's only system event are still delivered
unconditionally, so still ignore them for widgets impl. Global ignore
in core is not needed, since QQuickWidget ignores system synthesized
events unconditionally.
Fixes: QTBUG-79254
Change-Id: Ie8f55eb8b9c2677d8a98381effb3cb31d9388ac7
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Martin Negyokru <negyokru@inf.u-szeged.hu>
(cherry picked from commit 1f6495af6331f5504de9d3f7e43f5202345c7a8c)
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ammends d236c5a8a3. Zoom level was set as a temporal one, which is
invalidated each time when a renderer process or widget are changed
(on new navigation, for example), so it needs to be reapplied.
Fixes: QTBUG-101030
Change-Id: Iecff9686fbe2b79e99b46f67cab92f66127be085
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit 1e27d42a8071532b6cc30a9bcc5f700edc56952a)
|
|
|
|
|
|
|
|
|
|
| |
For some reason the proxied_loader_receiver can still be bound
in this case.
Pick-to: 5.15.10
Change-Id: If0bbe181eca5de41e82eebaced412361fe12fb40
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit ffb831d9896dcdd3d469fdbeee407d96d631dbda)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ci 'gn' can crash making it hard to integrate, if there
is high load crashes occur more frequently sometimes even
blocking integrations for few days.
Limit number of worker threads for gn as this improves situation
however increases time for generating ninja files from 2s to 7s.
Note this will not prevent crashes however significantly reduces the
issue (when running in loop from 1 per ~10min to 1 per ~3days)
Compilation with address or thread sanitizer does not lead to meaningful
traces. Moreover running gn with sanitizer creates deadlocks for
unknown reason every few runs.
Current assumptions is that macos vms are unstable as crashes also occur
for sscache calls (compiler) and python calls.
Set one thread only for macos, in 6.x series this is ci depended but
in 5.x series would require coin source changes.
Change-Id: I1c488796eb0547eedd20101606f18ed55718e9c2
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
Cache the read extensions as an std::string, since the returned C string
may be not be permanent.
Change-Id: I856b2b784ab4027da25996b2bf741b30cda10e05
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit fd2fc0d2a86f39d563720563555ca6319f8ab223)
|
|
|
|
|
|
|
|
|
| |
They are passed in another part of the DropItem object.
Task-number: QTBUG-102192
Change-Id: If52a88ce2688c25ea0edcc0d1e8f962f2cdd29dd
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
(cherry picked from commit 742e6786aeb500ef9bc850bf84803d5f388e3927)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As 5.15 is in maintenance mode add basic support for
universal build without doing major refactors.
The popper implementation should unify build layout instead
of adding "isUniversal()" hacks.
Add intermediate build files per architecture for Chromium build part
and lipo them before final module linking.
Task-number: QTBUG-85279
Change-Id: Iebfd7a277b23c1b10c8719041c5959fd9d5e2f06
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For certain types of redirect navigations (for example, with a non-default
useragent set) 'IsLoadingToDifferentDocument()' can be unexpectedly false.
In such cases 'navigation_handle->IsSameDocument()' also returns false.
Fixes: QTBUG-94924
Change-Id: Ie2c17127e1a00ffc515829526320ba2f71d45af5
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
(cherry picked from commit 8b5e3a46f253cd82dc48bc20c4233f1bf79fcb87)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Delegate printing task down to the guest WebContents if any is present.
Also update PrintWebViewHelperDelegateQt to find the plugin element
properly for printing.
Task-number: QTBUG-98941
Change-Id: I81004a2275e0870a17565af527b1450472afb24b
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
(cherry picked from commit 455efe7ef204c6cd8de72b9b1f922f1681f58589)
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
We used to have this, but it got dropped at some point in an adaptions.
Fixes: QTBUG-99263
Change-Id: I3bf86a1b42edca0cd792723c85d7dcb7877fea37
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit fbaab46becbf5ea063a8b4a01abf8cd1d4a1725d)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
| |
Chromium defaults to using it now
Change-Id: I24f711ad0a7811b6ab644cef78a1ae0fac7b3d42
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems accessing accessibility from qt post routines ends
badly since caches are gone already.
Add closingDown() function to web context, which is similar to
QCoreApplication::closingDown(), however return true on
post routine.
Guard delete accessibility calls.
Note the widget part is not necessary, but added for completeness,
since only qml can release profiles due to garbage collection.
Fixes: QTBUG-90904
Change-Id: Ic0e7115cd17eb58f3d58f70fefbc197dfb7a6493
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
(cherry picked from commit 89bb3c97eee9cd4bf9fb536f024715e606e49ae0)
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
The network-service isn't sandboxed anyway, so there is no added
security by the process separation.
Fixes: QTBUG-84105
Change-Id: Ie3fbda26f0cf8f31166b37a8537b7e1b6d11b560
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
(cherry picked from commit bc175fb62a1d2aba9c98ba761d5e21d3d7426678)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pinch gesture on a touchpad is expected to zoom-in and zoom-out. It has
been broken since the pinch gestures are routed because for routing the
event target has to be found. The event target is only tried to be found
on a pinch begin gesture.
As a fix, handle Qt::BeginNativeGesture and Qt::EndNativeGesture events
too.
Fixes: QTBUG-96930
Change-Id: Ic8fe5bee933b5e0fbc8f5ba6234363a0a625648d
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit ff54ccc82fdba26cf16b9a64b387e3b428fb3038)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Struct _XkbRF_VarDefs for XkbRF_GetNamesProp needs special cleanup
logic, but it's currently missing from API:
https://gitlab.freedesktop.org/xorg/lib/libxkbfile/-/issues/6
Workaround it with manual deinitialization.
Change-Id: I3ebe20f58199277521b31b2cd8034c92fd1f2b7f
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit acf9d9de2bb3ac195adc257f4a307e447e171614)
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
| |
XRRMonitorInfo struct is supposed to be cleaned-up after getMonitors
with a separate call to freeMonitors.
Change-Id: Iacc296d1f5e434a1d52798fe09d57833660b7952
(cherry picked from commit b868f2893b3ba2fb02d9c7212de7e01b3f9e498a)
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-96849
Change-Id: I0e0a1530b8b31341c632a1fd00abd339b5152da0
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
(cherry picked from commit f6f8f258be09fef90585b0228bd82a9708ef34a6)
|
|
|
|
|
|
|
|
|
|
|
| |
We invalidate the weak pointer factory before waiting on the error
callback, meaning it will never come.
Task-number: QTBUG-96928
Change-Id: Ia5091f7398e79f835ce34dfd48f3c36859382b53
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
(cherry picked from commit 7c35fa991f0e523e6d0901109caceed5aaac3658)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 24fe4f70..c8087cb6:
> [Backport] CVE-2021-30566: Stack buffer overflow in Printing
> [Backport] CVE-2021-30585: Use after free in sensor handling
> Bump V8_PATCH_LEVEL
> [Backport] Security bug 1228036
> [Backport] CVE-2021-30604: Use after free in ANGLE
> [Backport] CVE-2021-30603: Race in WebAudio
> [Backport] CVE-2021-30602: Use after free in WebRTC
> [Backport] CVE-2021-30599: Type Confusion in V8
> [Backport] CVE-2021-30598: Type Confusion in V8
> [Backport] Security bug 1227933
> [Backport] Security bug 1205059
> [Backport] Security bug 1184294
> [Backport] Security bug 1198385
> [Backport] CVE-2021-30588: Type Confusion in V8
> [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows
> [Backport] CVE-2021-30573: Use after free in GPU
> [Backport] CVE-2021-30569, security bugs 1198216 and 1204814
> [Backport] CVE-2021-30568: Heap buffer overflow in WebGL
> [Backport] CVE-2021-30541: Use after free in V8
> [Backport] Security bugs 1197786 and 1194330
Task-number: QTBUG-94103
Task-number: QTBUG-95581
Change-Id: I1900426d64727fc065d438a0e4b3b9e916d537c0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 1b9897bbe11c6ed6b27fe45b6faa20f300149b99)
|
|
|
|
|
|
|
|
|
| |
Do not try to use WebContentsDelegate of a guest WebContents.
Pick-to: dev 6.2
Task-number: QTBUG-95269
Change-Id: If7bbd25bcac26c30a4ff1bee3f732ba01215ec4b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
The input event router does not like MayBegin.
Fixes: QTBUG-93082
Change-Id: I4ac9677d7f69da3d36fc33c17541026f011feb42
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
(cherry picked from commit 588ea0d45f983f70e707a502cb4f3e429bbd3876)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
| |
Speculative fix.
Add custom qtwebengine mojo_bindings as a dependency for compiling
chrome sources.
Change-Id: I930a8c94b8ffe02188659169fd9f27c99f42fb0b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Fixes: QTBUG-93304
Change-Id: If2f30aab1c6a6eb81cfbad51318ec31adf5e96b6
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: If2445171232864cb4ac51888ccc93bc00cb099a2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
Submodule src/3rdparty 6c7b4ffb..1d3b13e9
> 1d3b13e9634 Make clang to inline load/store atomic calls for YieldSortKey struct
> f6730fe81a0 Enable XkbKeyboardLayoutEngine::SetCurrentLayoutByName for Qt
Fixes: QTBUG-92971
Change-Id: I0c0cddfe4d3e25fd6d3f7e0764b302c300303172
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
If they use NORMAL, then we should too.
Change-Id: I252b4606c692ba483434c126fcda3a7484f399e2
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was added to suppress progress notification for error page load
after failure, but since error page load is reported as a new navigation
(which clears list of tracked frames), it was actually doing the
opposite thing. The only situation where it suppresses progress is when
navigation was not finished (due to invalid domain or network error),
but in this case it was real progress change for whole load which should
propagate further.
Change-Id: Ifd1d681fb5c6495fb3afdc4247364afb4472c959
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change tries to match how chromium treats one single load. Before
the pair of loadStarted/loadFinished methods for api classes was called
on delegate's DidStartNavigation/DidFinishNavigation, which might be many
within one single logical load. This is true for multiple usecases (like
multiple redirects on load, immediate form submit on DOM load, page's
subresource load, or just an error page load on failure). Tracking these
methods and deciding when to emit signals based on states are error-prone
and complicates logic for no benefits. Also it somewhat lies about when
real load is done, which is only started and finished on outer methods
DidStartLoading/DidStopLoading, which are conveniently called only once
for all mentioned usecases. So, this change uses these methods to issue
signals for load start/finish, and only makes exception for error page,
which is needed for quick's private test support.
Fixes: QTBUG-65223
Fixes: QTBUG-76802
Fixes: QTBUG-87089
Fixes: QTBUG-90342
Fixes: QTBUG-91773
Fixes: QTBUG-92063
Change-Id: I9cc99b639030fedd8cf6a9dc04d0869d6be6357d
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
| |
This form of OCSP is not good, so try to at least allow it to be
disabled, until we remove it.
Fixes: QTBUG-91467
Change-Id: Ied9e8c4960e6ea1503dea39ebbced2ad1af08d5d
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|\
| |
| |
| | |
Change-Id: I659eb87245dfd59f014a7ca152c9f261ad400238
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Submodule src/3rdparty 6764c29f..c38ae3ec:
> [Backport] Security bug 1190525
> [Backport] Security bug 1161759
> [Backport] Security bug 1175503
> [Backport] Security bugs 1175522 and 1181276
> [Backport] CVE-2021-21219: Uninitialized Use in PDFium
> [Backport] CVE-2021-21217 and CVE-2021-21218: Uninitialized Use in PDFium
> [Backport] CVE-2021-21214: Use after free in Network API
> [Backport] CVE-2021-21213: Use after free in WebMIDI
> [Backport] CVE-2021-21207: Use after free in IndexedDB
> [Backport] CVE-2021-21221: Insufficient validation of untrusted input in Mojo
> [Backport] CVE-2021-21204: Use after free in Blink.
> [Backport] CVE-2021-21203: Use after free in Blink
> [Backport] CVE-2021-21202: Use after free in extensions.
> [Backport] CVE-2021-21201: Use after free in permissions
Task-number: QTBUG-92895
Change-Id: I7e6f3d443366bb291cab027510f76788c14fc023
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A server redirect might not have been reflected in the navigation type
at this point, so also check the is_redirect value.
Fixes: QTBUG-92819
Change-Id: I711ef041de69552bc3485c9cf3db68c9e6033d6a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
(cherry picked from commit b29b245fcb9db741d14180ea7e8dcb3ad2d4f49a)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Different countries (with the same language) can have different number
formatting and navigator.language should report not only the language,
but also the country. Locale normalization often falls back by cutting
the country off, because we have common .pak files for countries with
the same language.
This patch:
- Uses the locale resolvation only for concatenating .pak file paths
and reports the full locale everywhere else.
- Properly sets default ICU locale for JS number formats and prevents
l10n_util::GetApplicationLocale() to set it sneakily to some resolved
one.
- Fixes the crashing --lang command line argument and always prefers
its value over QLocale.
Task-number: QTBUG-91225
Change-Id: I1c09798abdb523b80f0b7a3d69fa8d7a08c7c09a
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|/
|
|
|
|
|
|
|
|
|
| |
A server redirect might not have been reflected in the navigation type
at this point, so also check the is_redirect value.
Pick-to: 5.15.4
Fixes: QTBUG-92819
Change-Id: I711ef041de69552bc3485c9cf3db68c9e6033d6a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Stop using SiteForCookies::RepresentativeUrl() if it is used to provide
first party url because it returns a truncated URL and our API is expected
to return the full url of the first party.
Fixes: QTBUG-90231
Change-Id: I628f7f31bfbeaf3de976ae9af1a8fa6408b661c5
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cover all cases from https://pdfobject.com/static
- Plugin placeholder is generally broken: displays garbage and crashes
on interaction. Fix it and show when PDFs are included by <embed>
or <object> tags.
- Do not start an automatical download when the disabled PDF plugin
was requested by an iframe. Show a clickable placeholder and let the
end-users start it manually.
- Remove unused class PluginPlaceholderQt
Task-number: QTBUG-76314
Change-Id: I01a0c93ab23f54e4272f5aeb30578de0dcf18932
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current implementation cancels current findText only when new navigation
is accepted (since it may be rejected all together), so it's not guaranteed
that user code will not receive completion callback if it arrives after
explicit load/setContent/setHtml but before acceptNavigationRequest.
For explicit navigation it doesn't make sense to wait until it's
accepted, since it's only exposed there just for consistency, and an
expectation for findText is that it should be canceled on new navigation.
Fixes: QTBUG-61887
Change-Id: Ia2e19df3b5712e6b5426443d1bce6b205e186668
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
| |
Fixes: QTBUG-91695
Change-Id: Ie00b9bb92b62b97c500d427defbf2a4632ddbeda
Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|