summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Fix opengl headers inclusion issuesv5.15.2Michal Klocek2020-11-091-12/+2
| | | | | | | | | | | Chromium gl bindings headers get mixed with qt opengl headers. This results in GLDEBUGPROC missing definition errors. Fixes compilation for apalis-imx6 on zeus. Task-number: QTBUG-88219 Change-Id: I0a18ceff3336ab457c2d9f35ef17c28c01bbe035 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumAllan Sandfeld Jensen2020-11-041-0/+0
| | | | | | | | | | | | | | | Including security issue under active exploit. Submodule src/3rdparty 55b3d183..fb6ab5e4: > [Backport] Security bug 1137608 > [Backport] CVE-2020-16011: Heap buffer overflow in UI on Windows. > [Backport] CVE-2020-16009: Inappropriate implementation in V8 > [Backport] CVE-2020-16008: Stack buffer overflow in WebRTC > [Backport] CVE-2020-16005: Insufficient policy enforcement in ANGLE > Fix assert when running tests build with -no-webengine-webrtc Change-Id: Ic9ee45fbd78c999881454e5e0e3091489f637aae Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Do not set audio device for desktop capture if audio loopback is unsupportedPeter Varga2020-11-032-3/+12
| | | | | | | | | | | | | | Desktop audio capture requires loopback device. If creation of the loopback device fails, it aborts the screen capture too. Chromium does not support audio loopback on Linux and macOS: https://crbug.com/223639 This is still the case in Chrome 88. The fix is based on: https://codereview.chromium.org/24153018 Change-Id: Ifb13bce3b79193203c0bf52e1f2a1b3936e017c7 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichael Brüning2020-10-291-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in the changes: 2cad1d38b57 [Backport] CVE-2020-6540: Heap buffer overflow in Skia e1f5ffc2a12 [Backport] CVE-2020-6569: Integer overflow in WebUSB 75b417b86b4 [Backport] CVE-2020-6570: Side-channel information leakage in WebRTC 0785cd83782 [Backport] CVE-2020-6573: Use after free in video 3ddb1e9639a [Backport] CVE-2020-6575: Race in Mojo e967bb155a0 [Backport] CVE-2020-6576: Use after free in offscreen canvas 40cebfb3051 [Backport] CVE-2020-15959: Insufficient policy enforcement in networking 405e7526583 [Backport] CVE-2020-15965: Out of bounds write in V8 295feb590b1 [Backport] CVE-2020-15963 and CVE-2020-15966 43812fd40d4 [Backport] CVE-2020-15961: Insufficient policy enforcement in extensions 08a25bf9dd2 Only upgrade to WebSocket when WebSocket was requested 2f75c909270 [Backport] CVE-2020-15962: Insufficient policy enforcement in serial 06afd03d826 [Backport] CVE-2020-15960: Out of bounds read in storage 9e5518f06ad [Backport] Security bug 1111149 b627f77e859 [Backport] CVE-2020-15964: Insufficient data validation in media bc35c7711ad Fix assert when checking if RendererAppContainer feature is enabled 06b27f95d60 [Backport] CVE-2020-6571: Incorrect security UI in Omnibox 8227b9613d1 CVE-2020-15999: Heap buffer overflow in freetype cc1e87a0d71 [Backport] CVE-2020-15978 Insufficient data validation in navigation 308da5d58b4 [Backport] CVE-2020-15969: Use after free in WebRTC. 9f5fde5b649 [Backport] CVE-2020-15968: Use after free in Blink 97b92535b31 [Backport] CVE-2020-15972: Use after free in audio. 873abc1112c [Backport] CVE-2020-15979: Inappropriate implementation in V8. c0343ceec47 [Backport] CVE-2020-15976: Use after free in WebXR e874d48f9e6 [Backport] CVE-2020-15992 Insufficient policy enforcement in networking 956ce06c56c [Backport] CVE-2020-15974: Integer overflow in Blink 4662223422d [Backport] Security bug 1125199 74e26aab318 [Backport] Security bug 1107824 33e9e655166 [Backport] CVE-2020-15977: Insufficient data validation in dialogs. f6db4999b0e [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (1/2) 466da17a0cd [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (2/2) 027c3d7bae7 [Backport] CVE-2020-15989: Uninitialized Use in PDFium 14e9b6f6d3a [Backport] CVE-2020-16003: Use after free in printing 8527c994fe3 [Backport] CVE-2020-16002: Use after free in PDFium 4f461642a79 [Backport] CVE-2020-16001: Use after free in media. 99877493b32 Fixup: [Backport] CVE-2020-16001: Use after free in media 489d6e637e5 [Backport] CVE-2020-15987: Use after free in WebRTC (1/2) 6ef8f4ed829 [Backport] CVE-2020-15987: Use after free in WebRTC (2/2) 9d173d02d5e [Backport] Security bug 1106091 327474aed0e [Backport] CVE-2020-6557: Inappropriate implementation in networking 55b3d183921 [Backport] CVE-2020-15985: Inappropriate implementation in Blink. Task-number: QTBUG-87967 Change-Id: Ibca52ab97ac407679e4bac5c6b7dc2285f8bcd37 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Handle non-ascii names for pulseaudioAllan Sandfeld Jensen2020-10-202-2/+3
| | | | | | | | Uses percentage encoded utf8. Task-number: QTBUG-85363 Change-Id: Idabe6ff9a66897792732b9ebb648f54a84e86bb8 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Warn about QtWebengineProcess launching from network shareTamas Zakor2020-10-092-1/+37
| | | | | | | | | Add error message when trying to launch QtWebEngineProcess from network share if sandbox is enabled. Task-number: QTBUG-84632 Change-Id: Ia7d5df38accf60eafe8fb4d43dab3db4d2d51287 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Optimize WebEngineSettings::testAttributeAllan Sandfeld Jensen2020-10-061-8/+11
| | | | | | | Do not look up fallback values before they are needed. Change-Id: I8bb21e261e8d218c658ac2a08e3cdc30b2cea47d Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Mention node.js build-time dependencyAllan Sandfeld Jensen2020-10-031-1/+2
| | | | | | | Task-number: QTBUG-87129 Change-Id: Id98aa1e8c839c06022fbc633c0b64c7681205349 Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org> Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix typo for static linking with no rsp filesMichal Klocek2020-09-241-1/+1
| | | | | | | | Fix typo which surprisingly gives no errors with archiver, however generated archives are bogus (at lest with lld) Change-Id: Iea1e22c66eb99a720b398c5903b56938b309905f Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* PDF: Load the PDF when jumping to the image otherwise it will failAndy Shaw2020-09-241-1/+1
| | | | | | | | | | If the PDF is not loaded before it jumps to the image then it fails to jump to the specified page and ends up showing the first one. Change-Id: I6061431e1fd9b743afaca3df0aec03dc6a1144bf Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io> (cherry picked from commit e2e249b8bb399ef7bcf6fe3be0b4f2fc9fa18182) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Do not pass a native keycode matching the menu key when it is remappedAllan Sandfeld Jensen2020-09-231-0/+3
| | | | | | | | | Chromium will recreate the original mapping based on the native keycode, breaking any remapping. Fixes: QTBUG-86672 Change-Id: I4b7e6f7434049cdf7250bee1ef759a9df4d4987c Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix favicon engine under device pixel scalingAllan Sandfeld Jensen2020-09-222-4/+42
| | | | | | | | The QIcon::pixmap function does internal scaling messing up our intermediate structures. Change-Id: I727efd58a4cc948fa3e4b23539d97e8ca755d060 Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
* Update ChromiumMichael Brüning2020-09-211-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in the following changes: 8776c7b2c15 [Backport] Security bug 1052492 22d88d240bc [Backport] CVE-2020-6533: Type Confusion in V8. 3c832d33641 [Backport] CVE-2020-6532: Use after free in SCTP 388b838dbb3 [Backport] CVE-2020-6541: Use after free in WebUSB 27fa668c5ee [Backport] Security bug 1102408 d3a76ebde8e [Backport] CVE-2020-6542: Use after free in ANGLE 4694a85f33e [Backport] CVE-2020-6543: Use after free in task scheduling 583f976f9a7 [Backport] CVE-2020-6544: Use after free in media fa97385b501 [Backport] CVE-2020-6548: Heap buffer overflow in Skia 32655453cd7 [Backport] CVE-2020-6549: Use after free in media ddcf711e69e [Backport] CVE-2020-6550: Use after free in IndexedDB 6a0f49a17b0 [Backport] CVE-2020-6551: Use after free in WebXR b385b7bbbe4 [Backport] CVE-2020-6545: Use after free in audio fe23e656183 [Backport] CVE-2020-6559: Use after free in presentation API 4466538c610 [Backport] Security issue 1102137 c3d07802d40 [Backport] Security issue 1108639 b1c7638148b [Backport] Security issue 1098860 011af517d81 [Backport] CVE-2020-6555: Out of bounds read in WebGL 273005ea959 [Backport] Security bugs 1087629 and 1029569 bdb438eff33 [Backport] Dependency for CVE-2020-6561 (1/2) c223f423808 [Backport] Dependency for CVE-2020-6561 (2/2) 607bff335b1 [Backport] CVE-2020-6561: Inappropriate implementation in Content Security Policy ed4b6792e13 [Backport] CVE-2020-6562: Insufficient policy enforcement in Blink c5637fa9071 [Revert] [build] Remove jumbo build configs Task-number: QTBUG-86342 Change-Id: I7ad617e1c617ef405a608e05cdafbfae5ad412fa Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* FIXUP: Fix swap condition in DisplayGLOutputSurface::updatePaintNodeKirill Burtsev2020-09-183-1/+4
| | | | | | | | | | | | | Amends commit 99a668c324. Task 'swapBuffersOnVizThread' is supposed to be scheduled only when m_middleBuffer is ready after swap on gpu thread. Checking for m_taskRunner is not enough to verify this. Call to updatePaintNode may come from SG backend on expose event, thus breaking expected sequence of buffers swaps. Task-number: QTBUG-85817 Fixes: QTBUG-86599 Change-Id: Ia97a7a24b5672a2979b514d3cb4879e7630941eb Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix PDF viewer pluginSzabolcs David2020-09-172-0/+6
| | | | | | | | Add the missing implementation of ContentRendererClient::IsOriginIsolatedPepperPlugin(). Change-Id: Ic4157da6b373450e620ff46faedad213a69adfec Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Add a version number for the QtWebEngineProcess executableAndy Shaw2020-09-161-0/+3
| | | | | | | Change-Id: I81111633fb0050f75e49c8bee0354436ecec533a Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit 17cab42bf68ee70f641718a144f864eb04042aa4) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Avoid to reject a certificate error twice in QuickPeter Varga2020-09-161-0/+6
| | | | | | | | Widget API already ignores these cases. This would cause a crash for fatal certificate errors after 83-based. Change-Id: I3e80bb12f023f22e330218a5b20f3e267bb237dc Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix assert in WebContentsAdapter::devToolsFrontendDestroyedJüri Valdmann2020-09-162-5/+9
| | | | | | | | | | | | | | | | | | | | | Can be reproduced with quicknanobrowser by 1. Open devtools 2. Switch to OTR mode During the switch to OTR mode, the inspected WebContentsAdapter is destroyed and recreated. DevToolsFrontendQt is supposed to call devToolsFrontendDestroyed on the old WebContentsAdapter, but it accesses this adapter through QQuickWebEngineViewPrivate's webContentsAdapter() which has already been changed to the new value, so devToolsFrontendDestroyed is actually called on the wrong object. Fix by remembering the WebContentsAdapter pointer in the DevToolsFrontendQt constructor. Change-Id: I17004ebb1a392399ef3e189c433d3f4b3f05bfd3 Reviewed-by: Tamas Zakor <ztamas@inf.u-szeged.hu> Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Add certificate error message for ERR_SSL_OBSOLETE_VERSIONAllan Sandfeld Jensen2020-09-151-1/+3
| | | | | | | And update another error that is now better in its other description. Change-Id: I1b35db2196d05bb35d4c2e1e702fadb430e784c1 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Update ChromiumMichael Brüning2020-09-141-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in the changes: b1c7f4dd221 [Backport] CVE-2020-6510: Heap buffer overflow in background fetch 9a1f5aa55bf [Backport] CVE-2020-6511: Side-channel information leakage in CSP (1/2) 65a41d539be [Backport] CVE-2020-6511: Side-channel information leakage in CSP (2/2) c7659e61424 [Backport] CVE-2020-6512: Type Confusion in V8 (1/2) c3dda9b1ba0 [Backport] CVE-2020-6512: Type Confusion in V8 (2/2) b6707b23089 [Backport] CVE-2020-6512: Type Confusion in V8 (3/3) 0ea2066f022 [Backport] CVE-2020-6514: Inappropriate implementation in WebRTC 9c0fcb08ccc [Backport] CVE-2020-6518: Use after free in developer tools cf40f91b1a1 [Backport] CVE-2020-6523: Out of bounds write in Skia ed4112559e3 [Backport] CVE-2020-6513: Heap buffer overflow in PDFium 6f57596692e [Backport] CVE-2020-6524: Heap buffer overflow in WebAudio 33ea34381ce [Backport] CVE-2020-6526: Inappropriate implementation in iframe sandbox 49583b1502a [Backport] CVE-2020-6529: Inappropriate implementation in WebRTC d4576fb0757 [Backport] CVE-2020-6535: Insufficient data validation in WebUI 0998aa1143f [Backport] Security bug 1090543 98883838595 [Backport] CVE-2020-6530: Out of bounds memory access in developer tools 1be41cad096 [Backport] CVE-2020-6531: Side-channel information leakage in scroll to text 71896380867 [Backport] Security bug 1065731 3f13f72f337 [Backport] Security bug 1065122 c8109013cc7 [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC Change-Id: Idd5bf0023c013bf94ebae552b27932a14ddb86d2 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Remove duplicate includesAllan Sandfeld Jensen2020-09-121-10/+5
| | | | | | | Most of the includes were included twice Change-Id: Ie2967e9d8ef4799c28a856ade7318d24bac391c6 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Adaptations for Chromium 83Allan Sandfeld Jensen2020-09-0943-221/+254
| | | | | Change-Id: I63ed851426b18623d549ceaf87f1b6eeec527966 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Chromium 81-based adaptationsAllan Sandfeld Jensen2020-09-0961-291/+445
| | | | | Change-Id: Ie422b327025da084bc8038c7a0aadee2db801f29 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Delete old compositor and remove --disable-viz-display-compositorJüri Valdmann2020-09-0921-3444/+75
| | | | | | | Change-Id: I1b056a61e2b56b19441f559e97f785c87df61a0c Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit b00af13974b2c72ae4d397fbdf5925181e7cc1bf) Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Merge remote-tracking branch 'origin/5.15.1' into 5.15Allan Sandfeld Jensen2020-09-073-4/+7
|\ | | | | | | Change-Id: Ieb546ccd35db06e8ad6358b11e3139a839c9b4cf
| * Update ChromiumAllan Sandfeld Jensen2020-09-011-0/+0
| | | | | | | | | | | | | | | | | | | | | | Submodule src/3rdparty 4e0b66a6..62bc4758: > [Backport] Security issue 1098860 > [Backport] Security issue 1108639 > [Backport] Security issue 1102137 > [Backport] CVE-2020-6559: Use after free in presentation API Change-Id: Ifa6ba52fa2d760b20e3b36abb10adaca0fc79cf8 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
| * Do not call deprecated profile interceptor on ui threadKirill Burtsev2020-09-011-1/+1
| | | | | | | | | | | | | | | | | | | | Otherwise unchanged intercepted request leads to second call in the same interceptor but on ui thread after io thread. Ammends a05bb73747. Fixes: QTBUG-86267 Change-Id: I4e7c662d24a58be5445f5c8b6d0bf3751f40cc05 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| * Update ChromiumMichal Klocek2020-08-311-0/+0
| | | | | | | | | | | | | | * e31cc67a44d Fix neon support in libpng Change-Id: Ib06498f303106d113cc3b4c5b70d20685c9e6b9f Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| * Do not use rsp file when static linkingMichal Klocek2020-08-311-3/+6
| | | | | | | | | | | | | | | | | | This supposed to be covered by ff50fbf but got lost in following patchsets and static ios build did not complain about it. Change-Id: Ie4e34dc12d942442824ba1f0e3483bed682b3157 Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
* | Don't send duplicate load progress valuesKirill Burtsev2020-08-311-4/+8
| | | | | | | | | | | | | | | | | | Suppress duplicated progress values coming from chromium. Verify this behavior reliably (and not only 0 and 100 value) by loading html with subresources with minor delay through test http server. Change-Id: Id034dda9012212d54d12fc95d5939ba301577c1c Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* | Fix ScopedGLContextChecker with QTWEBENGINE_DISABLE_GPU_THREAD=1Jüri Valdmann2020-08-264-15/+18
| | | | | | | | | | | | | | | | | | | | | | | | The ScopedGLContextChecker, which deactivates the current QOpenGLContext when executing Chromium tasks, is currently enabled only if QOpenGLContext::supportsThreadedOpenGL() is false. But the gpu thread can nowadays be disabled also with an environment variable and ScopedGLContextChecker needs to take this into account. Change-Id: I012524538b49b033ed053dbc41ed4350db916542 Reviewed-by: Michal Klocek <michal.klocek@qt.io> (cherry picked from commit 5988cec1a1b59aa163042a419c4c2e978bb814bb)
* | Ignore QQuickWebEngineNewViewRequest if it is unhandledTamas Zakor2020-08-253-0/+6
|/ | | | | | | | | | | | This is the case when the WebEngineNewViewRequest.openIn() is not called on newViewRequested(). For example, when opening the view source from context menu in quick minimal example. Fixes: QTBUG-85494 Change-Id: I7c1ae53684361de459b2f268e471904e632821b0 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Do not let Blink advertise web speech apiAllan Sandfeld Jensen2020-08-191-0/+3
| | | | | | | At least turns our support off on html5test.com Change-Id: Ic82800b0efb70bb5589f7544b851ebcd64000105 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Enable H264 for WebRTC when using proprietary codecsAllan Sandfeld Jensen2020-08-181-0/+3
| | | | | | | | | Was enabled for all platforms except windows using MSVC, but compiles just fine for us. Fixes: QTBUG-86092 Change-Id: Ib15d94c36b8a411dd5eab01843db1a3666ac370f Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumAllan Sandfeld Jensen2020-08-181-0/+0
| | | | | | | | | | Submodule src/3rdparty c153fafb..4e0b66a6: > Remove blocking of proper fixes > Fix bison 3.7 Fixes: QTBUG-85835 Change-Id: If3b77c7db6203ccd0137ea381c927bd09cede505 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Fix suggest-override warningsAllan Sandfeld Jensen2020-08-186-10/+10
| | | | | | | Also violates modern Qt code style Change-Id: Ibb12b6db18bbd2669377abe1d25034ed69a86389 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Update ChromiumJüri Valdmann2020-08-141-0/+0
| | | | | | | | | | This pulls in the following changes: c153fafb306 Fix invalid dbus bus name error in MPRIS Fixes: QTBUG-85626 Change-Id: I7913a1caede7041632b1c070152f54a848c063ab Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Fix swap condition in DisplayGLOutputSurface::updatePaintNodeJüri Valdmann2020-08-141-1/+1
| | | | | | | | | | | | | | | | | | | The buffer pointers m_middleBuffer and m_frontBuffer are swapped in updatePaintNode on the condition that m_middleBuffer is non-null and it's serviceId non-zero. But neither m_middleBuffer nor it's serviceId is immediately cleared, leaving the possibility that a subsequent call to updatePaintNode could swap the buffer pointers again if this call occurs before m_middleBuffer is cleared in swapBuffersOnVizThread. The m_taskRunner pointer is however cleared immediately and therefore the subsequent call to updatePaintNode will trigger a segmentation fault. Since m_taskRunner precisely tracks the condition when we should or should not swap, change the swap condition to simply require that m_taskRunner is non-null. Fixes: QTBUG-85817 Change-Id: Iad89bb0f4de7c0c151d5c5bd63ac74ab6cdd9087 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichael Brüning2020-08-121-0/+0
| | | | | | | | | | | | | | | | | | | Pulls in the changes: 6b7ceb6afd9 Fix debug-info in MSVC developer-builds 563e0a1cd4f [Backport] CVE-2020-6542: Use after free in ANGLE c16701ae892 [Backport] CVE-2020-6543: Use after free in task scheduling 10efe0032f2 [Backport] CVE-2020-6544: Use after free in media 69a85eaabf2 [Backport] CVE-2020-6548: Heap buffer overflow in Skia d2f5e4d3a25 [Backport] CVE-2020-6549: Use after free in media 0eed9609606 [Backport] CVE-2020-6550: Use after free in IndexedDB f7859651865 [Backport] CVE-2020-6551: Use after free in WebXR 3cebf422618 [Backport] CVE-2020-6555: Out of bounds read in WebGL 30a0c954b97 [Backport] CVE-2020-6545: Use after free in audio Task-number: QTBUG-85606 Change-Id: I1f591d722380fbcfb91565b90a6f4cbb7227b266 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Disable WebComponentsV0Allan Sandfeld Jensen2020-08-101-3/+1
| | | | | | | | It appears we are no longer presented with pages using these, so match Chrome and Chromium 80 defaults. Change-Id: Ie270c2bee9b81f898c7dab9e6d4dad02636c17cc Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Detect the combination of audio and video from getDisplayMedia APIAllan Sandfeld Jensen2020-08-071-0/+4
| | | | | | | | | We were missing the combined test after Chromium introduced the new enums. Fixes: QTBUG-85890 Change-Id: Id7bb7f05635c64c271e12a12f2409eedc22a9605 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Update ChromiumAllan Sandfeld Jensen2020-08-051-0/+0
| | | | | | | | | | | | | Submodule src/3rdparty 8a0c6063..84f63010: > [Backport] CVE-2020-6540: Heap buffer overflow in Skia > Fix webrtc build with GCC 10 > FIXUP: [Backport] CVE-2020-6493: Use after free in WebAuthentication > [Backport] Handle invalid type mixing in CSS clamp() > [Backport] CVE-2020-6493: Use after free in WebAuthentication > [Backport] Security bug 1087158 Change-Id: I1289579cbe81cd4bee9cf49103dc384f81913888 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Re-enable client certificate handling when Qt is build without SSLAllan Sandfeld Jensen2020-08-041-1/+1
| | | | | | | | We only need the QSslCertificate which is always available. Task-number: QTBUG-85117 Change-Id: I32e2034060e610ac049d8e3b2a03660e9bf7e7a4 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichael Brüning2020-08-031-0/+0
| | | | | | | | | | | | | | Pulls in the changes: cc32214f8dc [Backport] Security bugs 1087629 and 1029569 1cf3807d934 [Backport] Security bug 1052492 a5e8bd5e8c9 [Backport] CVE-2020-6533: Type Confusion in V8. da24a7f8bcb [Backport] CVE-2020-6532: Use after free in SCTP e402452015f [Backport] CVE-2020-6541: Use after free in WebUSB 8a0c6063c5b [Backport] Security bug 1102408 Task-number: QTBUG-85606 Change-Id: I7a17702c7290e135bcdc3074c27e8fc89a6ac4c9 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Do not turn web auth offAllan Sandfeld Jensen2020-07-303-3/+1
| | | | | | | | | | | | Submodule src/3rdparty 0a4240a9..4a996760: > Fix building FIDO with gcc5 > [Backport] CVE-2020-6512: Type Confusion in V8 (3/3) Fixes: QTBUG-85117 Task-number: QTBUG-54720 Change-Id: I074831454b469c17a71f2ca75a075ee48157970d Reviewed-by: Tamas Zakor <ztamas@inf.u-szeged.hu> Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Do not evaluate NINJA_TARGETDEPSMichal Klocek2020-07-272-3/+2
| | | | | | | It is just a file path. Fixes qmake linking when chromium changes. Change-Id: Ib2f0976a6dc3c90c415b69e1876706bc2397d134 Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
* Update ChromiumMichael Brüning2020-07-271-0/+0
| | | | | | | | | | | | | | | | | Pulls in the changes: 7e405525e92 [Backport] CVE-2020-6530: Out of bounds memory access in developer tools 99fe8bdb44a [Backport] CVE-2020-6531: Side-channel information leakage in scroll to text 52367e8e753 [Backport] Security bug 1065731 d61a4348c47 Fix WebAuth build 9222c8b73ab [Backport] Security bug 1054229 c3d5696193a [Backport] Security bug 1065122 9b27a193c63 [Backport] Dependency for CVE-2020-6534 0b8e0d451a3 [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC 0a4240a9c42 FIXUP: Fix WebAuth build Task-number: QTBUG-85606 Change-Id: I2995f9c3ea4b63fc8af1699a377c2d74359c67a8 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Convert native scancode on Windows to what Chromium expectsAllan Sandfeld Jensen2020-07-231-1/+8
| | | | | | Fixes: QTBUG-85661 Change-Id: I7cd8ed534d94d6be06f77b9b2d1779905655e772 Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
* Cleanup linking param order and prl generationMichal Klocek2020-07-231-4/+26
| | | | | | | | | | | | | | When doing builds we use rsp files also for archives. For static builds this would require to install rsp file. Since static builds are possible only for qtpdf with small amount of archives simply do not use rsp files for archives. Cleanup linker parameters so prl files do not point object rsp files (do not use LIBS_PRIVATE in that case). Task-number: QTBUG-85616 Change-Id: I165610e418f162c16fcfa7056af3344b80f60c05 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Share linking config between webenginecore and pdfMichal Klocek2020-07-233-81/+58
| | | | | Change-Id: Ib06a0a1ec3372d483008cc0ac0ec211ec8316e0e Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 21:00:04 +0000