summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Update ChromiumAllan Sandfeld Jensen2018-11-201-0/+0
| | | | | | | | | | Changes: 9f4aba1869 FIXUP: Building with plugins but webrtc disabled 37195be7fc [Backport] Fix for CVE-2018-17478 2095a35f30 FIXUP: Building with plugins but webrtc disabled Change-Id: I2a95bb45c8e580246b4c00620045a45aafc635cd Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichael Brüning2018-11-091-0/+0
| | | | | | | | | | | | | Changes: 33fd7a21ed - [Backport] Fix for CVE-2018-17466 4a6c45c124 - [Backport] Second fix for CVE-2018-12371 cf0481a4fb - [Backport] Fix for security issue 875494 f428bbce2a - [Backport] Fix for security issue 888678 5d514fa9ba - [Backport][Blink/SPv175+] Change DCHECK(chunk clip escaped layer clip) to a DLOG Fixes: QTBUG-71203 Change-Id: I20449b1e688e09313cb96e111f9e356120ba7088 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichael Brüning2018-11-061-0/+0
| | | | | | | | | | | | | | | | | | | | Changes: 1b6fc616ee - [Backport] Fix for CVE-2018-17462 567960cec4 - [Backport] Update LCMS 39ae61b30a - [Backport] Fix for CVE-2018-17468 ddd25ab971 - [Backport] Fix for CVE-2018-17469 37b5fe3597 - [Backport] Fix for CVE-2018-17470 e467d56363 - [Backport] Fix for CVE-2018-17471 2dcf2c6d0c - [Backport] Fix for CVE-2018-17474 976446bcc0 - [Backport] Fix for CVE-2018-17473 cb98d8cc57 - Build fix for [Backport] Fix for CVE-2018-17470 bc188914f3 - Fixup for fix for CVE-2018-17469 ccb8f3ea6e - Fixup for Fix for CVE-2018-17468 8a39f81276 - [Backport] Fix for CVE-2018-17476 Task-number: QTBUG-71203 Change-Id: I6b698e77272cd762ca40f73c94fa31ce746bd8ff Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Fix thirdParty setting for first party requestAllan Sandfeld Jensen2018-10-301-1/+2
| | | | | | | | | Some first party requests has no site_for_cookies yet, and thus returns an empty string. The logic matches that of StaticCookiePolicy. Change-Id: I10caf978dc410639cd21fc2aa01eb2bf6dc67c1f Fixes: QTBUG-71393 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Trigger disabling offline renderers on late 2013 Mac ProsMichael Brüning2018-10-231-1/+26
| | | | | | | | | | | This reads the hw.model string through sysctlbyname and sets the environment variable QT_MAC_PRO_WEBENGINE_WORKAROUND to tell the Cocoa platform plugin to not enable offline renderers upon creation of the platform OpenGL context. Task-number: QTBUG-70062 Change-Id: I986d9d76a80f96a215f3fcd08b3d47e546682e35 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Add proxy resolver serviceMichal Klocek2018-10-189-1/+136
| | | | | | | | | This adds proxy resolver service as a part of content utility process and pulls in the corresponding change in Chromium. Fixes: QTBUG-69281 Change-Id: Icb2b67e1e506a5b511531322a8c13d7df0e11f9f Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix race condition in ResourceDispatcherHostLoginDelegateQtMichal Klocek2018-10-182-3/+5
| | | | | | | | | Do no access m_request from ui thread. The auth request can get cancelled, this can happen for example when a new navigation interrupts the current one. Fixes: QTBUG-71128 Change-Id: I140b1a164294342bad13a76342c1f642ba0960c8 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Add content_browser manifest handlingMichal Klocek2018-10-131-0/+2
| | | | | | | Task-number: QTBUG-69281 Change-Id: If48d1a7ad723b18d4577d675b11c0cdc5e22f758 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Update ChromiumMichael Brüning2018-10-081-0/+0
| | | | | | | | Pull in fix for build failure on macOS with 10.14 Fixes: QTBUG-70981 Change-Id: Ie302e3b7f21edfe4390248c4953dbcce6525715a Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* Do not bind resolve proxy factory on ui threadMichal Klocek2018-09-282-3/+5
| | | | | | | | Pass interface to io thread and bind there. Task-number: QTBUG-69281 Change-Id: Ia8630cb7ff216cecaec5274a0b3da3ef0881fcea Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Update ChromiumAllan Sandfeld Jensen2018-09-251-0/+0
| | | | | | | | | | | | | | | | | | | More security fixes from Chrome 69 Changes: dd94e4234936 [Backport] CVE-2018-16066 9dec1e5d1048 [Backport] CVE-2018-16070 7610166df941 [Backport] Security patch 864932 9ffeaf4caa98 [Backport] CVE-2018-16076 af4500d25e07 [Backport] CVE-2018-16077 02d134e58d36 [Backport] CVE-2018-16083 22a79645f8d3 [Backport] CVE-2018-16085 8ea8f7a2e7ca [Backport] Security issue 867306 3b44cd3d8a9c [Backport] Security issue 867792 13aed800921e [Backport] Security issue 868592 Change-Id: I465915ee61443e8eab2204b56cbf9aca1123aab4 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Doc: Mention that profile storage paths must be set before useLeena Miettinen2018-09-242-8/+37
| | | | | | Task-number: QTBUG-66871 Change-Id: I246d667dfe341a6bfe7a74b24286403bec4dde8b Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Doc: You need to use x64_x86 cross-compiler to compile for 32 bitKai Koehne2018-09-241-0/+6
| | | | | | | Task-number: QTBUG-68462 Change-Id: I6d3358d36bb3df91c05d434275e9c69682c982a9 Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io> Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumAllan Sandfeld Jensen2018-09-211-0/+0
| | | | | | | | | | | | | | | | | | High security fixes from Chrome 69 Changes: c92e99aa5f [Backport] CVE-2018-16067 38b701b44f [Backport] CVE-2018-16068 5adda98099 [Backport] CVE-2018-16071 021e3ee70e [Backport] CVE-2018-16072 cfc13dfc78 [Backport] Correctly handle blob:file:///... URIs in SiteInstance::GetSiteForURL. f1f5e7417e [Backport] Avoid unneeded call to Origin::GetURL from SiteInstance::GetSiteForURL. c952ab2ef5 [Backport] CVE-2018-16074 ae14d10af6 [Backport] CVE-2018-16073 ebbf15c58c Update usrsctp Change-Id: Ia5d1c6622992f855de9d86fb2e99a972012f6fc0 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Set arm_arch as wellAllan Sandfeld Jensen2018-09-131-0/+1
| | | | | | | Either overlooked or added after we make the GN switch. Change-Id: I93bfc27c2e71165901c2046ab2ea902d9dad39d3 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Merge remote-tracking branch 'origin/5.11.2' into 5.11Qt Forward Merge Bot2018-09-096-6/+9
|\ | | | | | | Change-Id: Idee34fa6d4cc54effd84d3b78e3666fa7fcce8db
| * Fix no-opengl builds on windowsv5.11.2Allan Sandfeld Jensen2018-09-041-1/+1
| | | | | | | | | | Change-Id: I134876aa68bd42356c0b897a5d7d5881f27724a4 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
| * Document world ID limitAllan Sandfeld Jensen2018-08-274-5/+8
| | | | | | | | | | | | | | | | | | The max was bumbed from 11 to 256, now document it. Task-number: QTBUG-69904 Change-Id: I6cbf64afe3409c4722d7a903d833124880b32bc0 Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io> Reviewed-by: Kai Koehne <kai.koehne@qt.io>
| * Update ChromiumJüri Valdmann2018-08-271-0/+0
| | | | | | | | | | | | | | | | | | This pulls in the following changes: * 708511 Fix hunspell::NodeReader::affix_id_for_leaf bounds check Change-Id: I54a3775c171361f227a27bfd3846ab4f5a78e76c Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| * Update ChromiumMichael Brüning2018-08-201-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This pulls in the following changes: * 084a80 [Backport] Security Bug 831117 2/2 * f78390 [Backport] Security Bug 831117 1/2 * d739b9 [Backport] Security Bug 683418 * cf51b5 [Backport] Security Bug 840695 * 009019 [Backport] Security Bug 838886 * 424911 [Backport] CVE-2018-6158 * 6d5f60 Fix compilation issues in introduced previous commits * a6e2ca [Backport] Security fix for Chromium bug 860721 * 3e6d0c [Backport] Security fix for Chromium bug 839197 * f4115a [Backport] additional patch for security fix for Chromium bug 839197 Task-number: QTBUG-69663 Change-Id: I6ad8509efb210972b753d8763e02cc31e90e0f8a Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* | Disable LTCG for Qt WebEngineCoreAllan Sandfeld Jensen2018-09-061-0/+3
|/ | | | | | | | We do not have it working together with the building of Chromium. Task-number: QTBUG-66571 Change-Id: Ib000a4102b02902f2ac257347e406297fe1608cf Reviewed-by: Samuli Piippo <samuli.piippo@qt.io>
* Update ChromiumMichael Brüning2018-08-161-0/+0
| | | | | | | | | | | | | | | | | | | | | This pulls in the following changes : * 827405 [Backport] Security fix for Chromium bug 854887 * e79b92 [Backport] Security fix for Chromium bug 861571 * d845af [Backport] CVE-2018-6161 * 3cdf31 [Backport] CVE-2018-6159 * 625870 [Backport] CVE-2018-6162 * 2b111a [Backport] CVE-2018-6164 * eb5360 [Backport] blink: disable XML catalogs at runtime * 273272 Bump maximum number of custom isolated world ids * 8f53e0 [Backport] CVE-2018-6167 * 07c34e [Backport] CVE-2018-6172 CVE-2018-6163 * 5d8596 [Backport] CVE-2018-6165 * e8b9ae [Backport] CVE-2018-6177 CVE-2018-6168 * 0cce34 [Backport] CVE-2018-4117 Task-number: QTBUG-69663 Change-Id: Ied119f9d0b28ccba4954c087ab7bcf129969d52a Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix --enable-webgl-software-rendering with drivers that don't support OpenGLKai Koehne2018-08-161-1/+3
| | | | | | | | | | | | | --enable-webgl-software-rendering is supposed to be used together with mesa llvmpipe / opengl32sw.dll. However, Chromium did still use the built-in GPU blacklist to disable features based on the hardware GPU driver. Avoid this by always passing --ignore-gpu-blacklist for this mode. Task-number: QTBUG-69236 Change-Id: I430d101f6eac64478585de54f705e76859c80597 Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* Update ChromiumMichal Klocek2018-08-151-0/+0
| | | | | | | | | | | | This commit pulls in security patches: * CVE-2018-6150 * CVE-2018-6152 * CVE-2018-6175 * CVE-2018-6155 Task-number: QTBUG-69663 Change-Id: If70e7817f4f9aa1fa482559b734085e6cdff89ed Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* MediaCaptureDevicesDispatcher: Disable getDefaultScreenId on X11Jüri Valdmann2018-08-081-1/+10
| | | | | | | | Not needed and triggers race condition. Task-number: QTBUG-69007 Change-Id: Id57ba527387e5dbe44a8dd6c5a49e7278403ce64 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumAllan Sandfeld Jensen2018-08-031-0/+0
| | | | | | | | | | | | | | Changes: 2d61f0a269 Work around MSVC2017 optimizer bug when printing a page usind Pdfium 6d6103fe51 [Backport] flush to zero tiny radii edf63ed29d [Backport] use double to compute root to avoid overflow 7777b6ac95 [Backport] Generate GL errors more strictly in StrictIdHandler. 0c00f4a924 [Backport] Validate all incoming WebGLObjects. a6a96845cc [Backport] Prevent potential buffer overflow in UlpfecReceiver a3d55fb8e4 [Backport] Check number of nalus in packet before checking nalu types. Change-Id: Icd501a956ce396a38098272848bc25065ad92748 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Clarify how key / mouse QEvents are propagated to a popup RWHVQD objectAlexandru Croitor2018-07-311-0/+6
| | | | | | Change-Id: I74f6a607d96733fa379526be40c6a13c31203d4e Reviewed-by: Michal Klocek <michal.klocek@qt.io> Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
* Fix bougs documentation for QWebEngineUrlRequestJob::replyMichal Klocek2018-07-301-2/+3
| | | | | | | | | | | IODevice::close and therefore aboutToClose is called by io thread, connecting it to deleteLater will register deferred delete on event loop of IODevice instance, which is on ui thread. This could be racy since deletion on ui thread can happen before job is done. Change-Id: I895e6a71649ba65944d069f254d119cc60aada6c Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Close popups when parent window is movedAlexandru Croitor2018-07-275-10/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When an HTML select box was clicked inside of a QWebEngineView and the parent QWebEngineView window was moved using the mouse (via window decoration toolbar for example) the popup window would stay around instead of being closed. This happened because of the usage of the Qt:Tool window flag for the popup window, which implies a tool that floats near its parent window. The fix is threefold: 1) Use Qt::Popup instead, similarly to how QMenu does it. Whenever the parent window is moved, the popup will now get a CloseEvent. 2) Handle the CloseEvent by telling Chromium to close and destroy the popup. 3) On Windows the OS might send mouse move events to the popup RWHVQD instance after its parent QWebEngineView, RWHVQD, QWebEnginePagePrivate (client adapter) is destroyed. We need to guard the mouse forwarding code not to access the client adapter if it has already been destroyed. The second point is done by telling Chromium that its popup lost focus which it interprets as a sign to hide it, and automatically destroy it. This will destroy the underlying RWHVQtDelegateWidget and RWHVQt instances. Task-number: QTBUG-59891 Change-Id: I47f94a93c495a6caa5de92a6022eaca154994eda Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Use net::TransportSecurityPersister to persist HSTS stateJüri Valdmann2018-07-252-1/+20
| | | | | | Task-number: QTBUG-69605 Change-Id: I863db484ff2bcf558585f75c73963097fb43148a Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumKai Koehne2018-07-231-0/+0
| | | | | | | | | | | | | | | Include following patches: c020786f57 Fix compilation failure in time_win.cc eea22d3cac [Backport] media: Increase DecoderBuffer::kPaddingSize to 64 91d24cdd6f Reduce severity level of messages when kDisableGpu switch is used 298fb05460 Fix --single-process --disable-gpu combination not to hit asserts db81dc68a8 Remove incomplete logic to detect AMD K2 CPU's b11fd882e8 Do not write <protocol>.json to source directory Change-Id: I4e3c0c2f3908f358b43ae4af8baebc2012c9830b Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* Fix minimum GCC version in documentationJüri Valdmann2018-07-231-1/+1
| | | | | | | | | The documentation says we require 4.7 or later but actually already since the 5.10.0 release our qmake config has been checking for version 5 or later. Task-number: QTBUG-69535 Change-Id: Ia2f74b35570a9ba6fd1423b9507fe636d850db76 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Add threading and security note for print()Michal Klocek2018-07-201-0/+5
| | | | | | | | | Adds note for QWebEnginePage::print(...) function. Change-Id: I52ec78ccfc5c4eeb98ee69f9aaab01b380f97a81 Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io> Reviewed-by: Szabolcs David <davidsz@inf.u-szeged.hu> Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* QWebEngineUrlRequestJob: QUrl("null") for unique initiator originsJüri Valdmann2018-07-202-4/+19
| | | | | | | | | | | | The empty URL is used both for representing a missing origin (browser-initiated navigation request) and a unique/opaque origin. This is problematic since the security implications are very different in these two cases: browser-initiated requests usually should have high security clearance, while requests from unique origins should be restricted. Task-number: QTBUG-69372 Change-Id: Iff73fd1c9a29f1c5c281a8945536333081ff2d6b Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix segfault in devtools openInNewTab handlingJüri Valdmann2018-07-161-1/+10
| | | | | | | | | | - Use OpenURL on the devtools WebContents. - Guard against self-destruction (otherwise quicknanobrowser crashes). - Change quicknanobrowser to open links in new tabs. Task-number: QTBUG-69359 Change-Id: I4db379731c6fa855124d38c5066b0aad622861d2 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix enum mismatch in WebContentsAdapter::enterDragJüri Valdmann2018-07-131-18/+18
| | | | | | | | | | | DragTargetDragEnter expects the 'int key_modifiers' parameter to have values from the enum blink::WebInputEvent::Modifiers and not ui::EventFlags. Also, contrary to the name, mouse modifiers are also expected. Task-number: QTBUG-69231 Change-Id: I2369609775243fded563dde7675c4bc2dfc81021 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Forward mouse and keyboard modifiers from QDropEventJüri Valdmann2018-07-134-6/+8
| | | | | | | Task-number: QTBUG-69231 Change-Id: I35b503dae7e2d90b26b6e61a4c7c260e45df2b62 Reviewed-by: Filipe Azevedo <filipe.azevedo@kdab.com> Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Enforce Visual Studio check in windows.priKai Koehne2018-07-061-2/+2
| | | | | | | | | | Because windows.pri is included from a replace function gnArgs, fatal does not work: src/core/config/windows.pri:60: 'fatal' is not a recognized test function. Change-Id: Ib831e1ffa7e8e345477692d453bbcc568864b98c Reviewed-by: Andy Shaw <andy.shaw@qt.io>
* Doc: Mark \snippet entries with .pro filesVenugopal Shivashankar2018-07-033-0/+6
| | | | | | | | This should enable excluding such snippets from documentation in some cases. Change-Id: I46854412546e3774889e09831254828d18362f29 Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
* Compile with -no-feature-tableteventAndy Shaw2018-06-294-0/+16
| | | | | Change-Id: I7e03d6e3347ee9b81a7414574098827b5773b7b4 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix mismatch of updated scenegraphs when clippingAllan Sandfeld Jensen2018-06-221-0/+10
| | | | | | | | | Regenerate the tree when different nodes are clipped. Task-number: QTBUG-68699 Change-Id: Ib59a0b92463c47f89b7a6c662abe532fb4130c3c Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org> Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* Doc: Add missing dots (qtwebengine)Paul Wicking2018-06-223-3/+3
| | | | | | Task-number: QTBUG-68933 Change-Id: I395157a9931a0e0789b3791cc9b4d55dbcf8a4c2 Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
* Merge remote-tracking branch 'origin/5.11.1' into 5.11Qt Forward Merge Bot2018-06-191-0/+0
|\ | | | | | | Change-Id: Ia68ebcab9d04914cf65bff3548396f081485ce6a
| * Update Chromium and changelogv5.11.1Michal Klocek2018-06-151-0/+0
| | | | | | | | | | | | | | | | | | | | | | Pulls in following commits: * bad02200 [Backport] CVE-2018-6149 * 8cc9828a Workaround long path issue on Window * b42eb615 [Backport] gpu: Address piman's nits from crrev.com/c/969639 Change-Id: I3077df475503db990988ff0ab42724d11341db25 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
| * Update ChromiumMichal Klocek2018-06-071-0/+0
| | | | | | | | | | | | | | | | | | Pulls in security patches: * CVE-2018-6148 * Security Bug 835371 Change-Id: I00ac63f834082217b7290c90deb261dae0c99746 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* | Add fallback lookup for eglGetProcAddressSamuli Piippo2018-06-133-0/+16
|/ | | | | | | | Use the GLContext to find address for eglGetProcAddress symbol, if it's not found with dlopen. Change-Id: I3f5330c21ecc9b66e5e376d50d3fc6965b227f85 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Fix crash with non-integer Qt scalingAllan Sandfeld Jensen2018-06-061-1/+2
| | | | | | | | | We could end up dropping visible blocks during scrolling if only one pixel line was left and the viewport got rounding one line too small. Task-number: QTBUG-68699 Change-Id: I1ab646f23d8dd4911b32d02df68c80d6a8d78651 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichal Klocek2018-06-061-0/+0
| | | | | | | | | | | Pulls in following security patches: * Security Bug 836511 * Security Bug 835184 * Security Bug 823864 Change-Id: I479a12be518a288db4aed88447d5a8cc33f41822 Reviewed-by: Kai Koehne <kai.koehne@qt.io> Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-06-061-0/+0
| | | | | | | | | | | Pulls in following security patches: * Security Bug 826946 * Security Bug 826193 * Security Bug 825524 * CVE-2018-6145 Change-Id: Iae4ada1157df1793cb1c5a06be55835d696df3d5 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-06-061-0/+0
| | | | | | | | | | | Pulls in following security patches: * CVE-2018-6144 * CVE-2018-6143 * CVE-2018-6142 * CVE-2018-6137 Change-Id: I878529f2061e3da2397756ac5adf8ee0139e7602 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 20:52:13 +0000