summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Update ChromiumAllan Sandfeld Jensen2018-10-011-0/+0
| | | | | | | | | | | | Pulls in the two last security patches from Chrome 69 Changes: 217e91816860 [Backport] CVE-2018-16077 13704549b84a [Backport] Security issue 868592 Task-number: QTBUG-70480 Change-Id: I78225cb182a659400f1b6cf77ebb79c94188e147 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumAllan Sandfeld Jensen2018-09-271-0/+0
| | | | | | | | | | | | | | | | | | | Pulls in security patches from Chrome 69 Changes: 0551b452696f [Backport] Security fix for Chromium bug 854887 d0c78ff5e1ec [Backport] additional patch for security fix for Chromium bug 839197 91e04d13ea71 [Backport] Security fix for Chromium bug 839197 d8b71bac52ac [Backport] Various build fixes for Xcode 10. d992e300f3ab [Backport] CVE-2018-16067 ec4988c5a74c [Backport] CVE-2018-16068 7346befc0278 [Backport] CVE-2018-16066 38e4577ecf0d [Backport] CVE-2018-16076 a8ec3b3bd5f8 [Backport] Security issue 867306 546de66f7368 [Backport] Security issue 867792 Change-Id: I66214f9b31cb8f9b1273dbf0cd1d28658db52974 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichael Brüning2018-09-111-0/+0
| | | | | | | | | | | Pulls in security patches * CVE-2018-4117 * CVE-2018-6129 Task-number: QTBUG-70157 Change-Id: Ibb6911c1ba216c4cc45bd7576a6dbf98f01d4431 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-09-111-0/+0
| | | | | | | | | | | | | Pulls in security patches * CVE-2018-6145 * Security Bug 840695 * CVE-2018-6161 * CVE-2018-6159 Task-number: QTBUG-70157 Change-Id: Ia5cf0d499b257494de52ab924ecc9153d1037766 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichal Klocek2018-09-111-0/+0
| | | | | | | | | | | | | Pulls in security patches * CVE-2018-6162 * CVE-2018-6165 * CVE-2018-6156 * CVE-2018-6155 Task-number: QTBUG-70157 Change-Id: Ic07d6af0b02a985fc6f1dacbebc920890934655e Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichal Klocek2018-09-111-0/+0
| | | | | | | | | | | | | Pulls in security patches * CVE-2018-6155 * CVE-2018-6154 2/2 * CVE-2018-6154 1/2 * CVE-2018-6153 Task-number: QTBUG-70157 Change-Id: I3b00b117f0f18e0481a9b14d91a044410dee1849 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichal Klocek2018-09-111-0/+0
| | | | | | | | | | | | | Pulls in security patches * Security Bug 835184 * Security Bug 823864 * Security Bug 825524 * CVE-2018-6124 Task-number: QTBUG-70157 Change-Id: Ic78d690f8bd8b693e09c3224c6dbd724db59f6e2 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichal Klocek2018-09-111-0/+0
| | | | | | | | | | | | | Pulls in security patches * CVE-2018-6130 * CVE-2018-6132 * CVE-2018-6135 * CVE-2018-6144 Task-number: QTBUG-70157 Change-Id: I321b9d9273ddf60f4471d51096ecfa6949ca2caa Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichael Brüning2018-09-061-0/+0
| | | | | | | | Pulls in build fix for building with XCode version >= 9.13 Task-number: QTBUG-70380 Change-Id: Ib0bf08324bccec92dfb9c4037165d5843fbbe19b Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumKai Koehne2018-07-231-0/+0
| | | | | | | | | | Pulls in following commits: * 5465e47792 Unbreak compilation with MSVC 2015 * 844aec5c70 Workaround internal compiler error with MSVC 2017 v15.7.4 Task-number: QTBUG-69139 Change-Id: Ia5d5e128b4666321b4dc39452d7025d10284fdbf Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-05-311-0/+0
| | | | | | | | | | | Pulls in security patches: * CVE-2018-6120 * Security Bug 831984 * Security Bug 816768 * Security Bug 797298 Change-Id: Iaced3c596f231b54db196a659a879317e421cfd2 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Update ChromiumMichal Klocek2018-05-281-0/+0
| | | | | | | | | | | Pulls in security patches: * CVE-2018-6115 * CVE-2018-6114 * CVE-2018-6118 * CVE-2018-6103 Change-Id: Id587c97d7618f97934bc7315c128d89ed459ea2f Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Update ChromiumMichal Klocek2018-05-281-0/+0
| | | | | | | | | | | Pulls in following commits: * d2d69ca7 [Backport] CVE-2018-6101 * b22f4f24 [Backport] CVE-2018-6096 * f3987062 Fix compilation with system ICU 60 * 35636b81 Fix build with GCC 8.1.0 Change-Id: Ida2f51fca3966ee7d24748838c9e511f716a2888 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Update ChromiumMichal Klocek2018-05-281-0/+0
| | | | | | | | | | | Pulls in security patches: * CVE-2018-6085 * CVE-2018-6086 * CVE-2018-6088 * CVE-2018-6090 Change-Id: I2f8fdd4c0139d558fc26609d457719cad54ae784 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Only add the first found widevine CDMAllan Sandfeld Jensen2018-05-171-0/+1
| | | | | | | | | | | Otherwise Chromium will pick the last added, meaning we will use the wrong one. Task-number: QTBUG-64071 Change-Id: Id5c939b6a5c70643ed047625c0cbb152dd8c7169 Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io> (cherry picked from commit bd3687d2c5cc78e7571406471689b2d0fafbb1bf) Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumAlexandru Croitor2018-05-021-0/+0
| | | | | | | | Pull in the following changes: a684d354b0 Remove NOTREACHED in ScreenWin::GetNativeWindowFromHWND Change-Id: I4c25ca1b6a6297f1bf36e738f212410595bf75ae Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update Chromiumv5.9.5Kai Koehne2018-04-101-0/+0
| | | | | | | | | | | | Pulls in patches for mitigating issues with Certificate Transparency 4f2e755be2 Import latest log_list.json from Chromium 70b89b1709 [BACKPORT] Certificate Transparency: Generate the known logs list from JSON Task-number: QTBUG-67577 Change-Id: I120eeadb87e7c0a85388809444540d105f2aae4b Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Implement IsMostRecentDownloadItemAtFilePath callMichal Klocek2018-03-162-0/+22
| | | | | | | | | Implement IsMostRecentDownloadItemAtFilePath for download_manager_delegate_qt. This is required for CVE-2018-6033. Change-Id: I9f48dfa159d684f0fda894e68b81ff622aceaae2 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-141-0/+0
| | | | | | | | | | | Pulls in security patches: * [Backport] Security Bug 798410 * [Backport] Security Bug 806122 * [Backport] Security Bug 789764 Change-Id: I87f745606f2ff1269b12803bd44e09fe0f68a218 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-131-0/+0
| | | | | | | | | | | | Pulls in security patches: * [Backport] CVE-2018-6060 * [Backport] CVE-2018-6062 * [Backport] CVE-2018-6064 * [Backport] CVE-2018-6082 Change-Id: I15e425565fa58a74ed30f62531f3a439b216cbe4 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-131-0/+0
| | | | | | | | | | | | Pulls in security patches: * [Backport] CVE-2018-6081 * [Backport] CVE-2018-6079 * [Backport] CVE-2018-6076 * [Backport] CVE-2018-6073 Change-Id: Ibe0db5c9d0abca446b83b41cac93f746487e7b7b Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-121-0/+0
| | | | | | | | | | | | Pulls in security patches: * [Backport] Security Bug 774833 * [Backport] Security Bug 770734 * [Backport] CVE-2018-6071 * [Backport] CVE-2018-6069 Change-Id: I370615bf25f789610592f3b37ab45dbeb6225700 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-121-0/+0
| | | | | | | | | | | | Pulls in security patches: * [Backport] CVE-2017-15429 * [Backport] CVE-2018-6054 * [Backport] CVE-2018-6052 * [Backport] CVE-2018-6040 Change-Id: I95596d78f04b85d013f6c13b3b2521d75549c9c3 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-091-0/+0
| | | | | | | | | | | | Pulls in security patches: * [Backport] CVE-2018-6051 * [Backport] CVE-2018-6048 * [Backport] CVE-2018-6047 * [Backport] CVE-2018-6038 Change-Id: I0d0a4c133dd82e0b57c572db1df756bd34e09f6a Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2018-03-081-0/+0
| | | | | | | | | | | | Pulls in security patches: * [Backport] CVE-2018-6031 * [Backport] CVE-2018-6033 * [Backport] CVE-2018-6034 * [Backport] CVE-2018-6037 Change-Id: I5808afbdd1e0407aafb1b785c3a08d75cd6ea141 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Separate argv for QCoreApplication and Chromium in WebEngineProcessKai Koehne2018-02-261-3/+25
| | | | | | | | | | | | | | | | | On Linux, Chromium manipulates argv, merging all command line arguments into argv[0] and deleting the other arguments - see set_process_title_linux.cc for the glory details. This potentially confuses QCoreApplication::applicationDirPath(), which assumes that argv[0] contains the binary path. This in turn caused a regression in Qt 5.9.4 where resource files could not be located anymore for QtWebEngineProcess. Avoid this by making two distinct copies of argv already in main(). Task-number: QTBUG-66346 Reviewed-by: Michal Klocek <michal.klocek@qt.io> (cherry picked from commit 488b8e8ed01018c155812e5cfb06162a5e216c7a) Change-Id: I22f0abf9e8a253a9cfcf919cdea6940a440a73e6
* Fix crash on accessing WebEngineView properties too earlyPeter Varga2018-02-071-0/+4
| | | | | | | | | | | WebContentsAdapter is not created together with the QQuickWebEngineView. Thus querying a view property can lead to a crash if it uses the adapter. This fix adds the missing guards for contentSize and scrollPosition as it is done for similar WebEngineView properties. Task-number: QTBUG-65942 Change-Id: I9c2668a059b08325629f5730608280ba7f3669cf Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* Shutdown storage in browser context adapter destructorMichal Klocek2018-02-051-1/+1
| | | | | | | | | Shutdown storage should take place in destructor, otherwise it might get recreated on web content destruction. Task-number: QTBUG-66081 Change-Id: Ibba3fce50e05e09131cf45061320a9f99267babd Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Disable shared workersAllan Sandfeld Jensen2018-01-312-0/+3
| | | | | | | | | | The feature has been redesigned for security reasons in 64. [ChangeLog][General] SharedWorkers have been disabled as they have been changed in the newest spec for security reasons. Change-Id: I3d0e03f170ef646a0352a38b65030bb4c06f3397 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Fix QWebEngineDownloadItem::type()Jüri Valdmann2018-01-193-10/+17
| | | | | | Task-number: QTBUG-62640 Change-Id: I2b16f24533b38c20a7071319723382ba240e35f3 Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
* Fix incorrect GLX pbuffer attributes terminatorFrank Richter2018-01-181-1/+1
| | | | | | | | | The glXCreatePbuffer() documentation states that the attributes list must be terminated with "None or NULL". However, GLX_NONE does not have a null value. Mesa is sensitive to this. Change-Id: I9606d95a6a0dadec446496abb8e0213950e3d700 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Fix qmake recursive callMichal Klocek2018-01-161-7/+7
| | | | | | | | | Change order of parsing buildtools.pro to avoid missing toolchain generated files. Change-Id: I40456cbf38573903c119313d036e4c2aea039b16 Reviewed-by: Viktor Engelmann <viktor.engelmann@qt.io> Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Merge "Merge remote-tracking branch 'origin/5.9.4' into 5.9" into ↵Allan Sandfeld Jensen2018-01-161-0/+0
|\ | | | | | | refs/staging/5.9
| * Merge remote-tracking branch 'origin/5.9.4' into 5.9Allan Sandfeld Jensen2018-01-151-0/+0
| |\ | | | | | | | | | Change-Id: I63420b008c4511022868175ebac60949cf8aa434
| | * Update Chromiumv5.9.4Allan Sandfeld Jensen2018-01-151-0/+0
| | | | | | | | | | | | | | | | | | | | | Pull in SPECTRE mitigation Change-Id: I3849adce737c5518d02a5b27431bac50224c2065 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
| | * Update ChromiumMichael Brüning2018-01-111-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulling in the second set of security patches from Chrome 63. Changes: eebf32c32027 [Backport] Fix UAF in SetVisible(). a6ca6057e7e9 [Backport] [BlobStorage] Fixing potential overflow 0f0ad4d73977 [Backport] Fix a range bug in Persian calendar 81ed5d7a47a2 [Backport] Cherry-pick the entire fix for Persian calendar 9b1e7a460573 [Backport] Add size_t variants of constant-time functions. 941bccbf33f5 [Backport] Clear bottom three bits of password scalar in SPAKE2. 1f43353c961a [Backport] Change the script mixing policy to highly restrictive Task-number: QTBUG-65042 Change-Id: I668700e17f89297bbf2593a248f301f56904c72c Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
| | * Update ChromiumAllan Sandfeld Jensen2018-01-091-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulling in the first set of security patches from Chrome 63 Changes: 4318c22e5167 Add missing .gitattributes -file in 3rdparty submodule eb4e4c294b56 [Backport] Fix OOB Write in QuicStreamSequencerBuffer::OnStreamData 13d8b0ed6a3a [Backport] Remove unsafe align4 call 93362702cc7e [Backport] Don't clear DnsAttempts that have received a response eeffcf490fd6 [Backport] Serialize struct tm in a safe way. 864b219901f8 [Backport] Simplify / fix SkBitmap::ReadRawPixels() 13827fc77195 [Backport] Resource Timing: Do not report subsequent navigations within subframes 07527dc5cae2 [Backport] Make CPWL_Wnd classes be observable. 0ce0976538dc [Backport] Setting focus on a widget may destroy the widget Task-number: QTBUG-65042 Change-Id: I6bb1b93d37111ada696ae77c2b2c04ecc17d2ca3 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* | | Protect QML profiles as well as coreAllan Sandfeld Jensen2018-01-157-54/+181
|/ / | | | | | | | | | | | | | | | | Moves QWebEngineBrowserContext to core and makes use of it from both widget and qml. Change-Id: I34748f302b0515b11b5831690d28478dfa6a852b Reviewed-by: Michal Klocek <michal.klocek@qt.io> Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* | ProxyConfigServiceQt: Use default HostPortPair for SCHEME_DIRECTJüri Valdmann2018-01-151-8/+6
| | | | | | | | | | | | | | | | | | Unlike QNetworkProxy, Chromium's net::ProxyServer expects the hostname and port to be at default values for special schemes (DIRECT and INVALID). Otherwise, a DCHECK is triggered at proxy_server.cc:73. Change-Id: I1ac6c425ea03fcbfe084d25c2fd05bf174c753d6 Reviewed-by: Viktor Engelmann <viktor.engelmann@qt.io>
* | Fix backward compatibilityPeter Varga2018-01-082-0/+9
| | | | | | | | | | | | | | | | | | - Guard QTemporaryDir::filePath (5.9) usage in the drag and drop implementation. - Guard QQuickItem::mapToGlobal (5.7) usage in the Quick context menu implementation. Change-Id: If383fa55fbbd1b2a3fe4abd57373598a1703786c Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* | Fix access after free on shutdownAllan Sandfeld Jensen2018-01-056-9/+44
| | | | | | | | | | | | | | | | | | | | After we keep around the browser-context after the profile is deleted it was keeping pointers to deleted objects and would sometimes use them on shutdown. Change-Id: Ib67d0ee0b27cb1a1b64d9b8b4c348ed418b9bbc3 Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu> Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* | Initialize ScreenWin singleton to fix dpi glitches on WindowsKai Koehne2018-01-041-1/+8
|/ | | | | | | | | | | | | | | | Static function ScreenWin::GetSystemMetricsInDIP returned an incorrect (already scaled) size for the scrollbars. To take system scaling into account an instance of the ScreenWin singleton has to be created once. So let's use ScreenWin directly, instead of DesktopScreenQt, which is just a mock object anyway. [ChangeLog][Windows] Fixed issues with too large scrollbars on Hi-DPI monitors. Task-number: QTBUG-60705 Change-Id: I7cbc10e98b2a5217b0a0e78afb32818c1cb199d7 Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io> Reviewed-by: Viktor Engelmann <viktor.engelmann@qt.io>
* Doc: QWebEngineUrlRequestJob: mention when to delete the deviceDavid Faure2017-12-201-0/+7
| | | | | | | | | | It's used from another thread, so it shouldn't be deleted immediately, and it's not deleted by the QtWebEngine code, so tell people to do it themselves at the right time. Change-Id: I54786be320f5fe82f144e7b1c2e6137260d9ceab Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io> Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumAlexandru Croitor2017-12-181-0/+0
| | | | | | | | 2ee59e45bd Fix hanging of process when application is closed too fast cdecf3ca05 Silence most spurious warnings with gcc Change-Id: I220ec63538e13cd5e71552a5f6d99de564a3f0ea Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Hardcode default argument for mimetype in ::setContentKai Koehne2017-12-183-9/+9
| | | | | | | | | | | | | | | | The docs were wrong in that the default is actually text/plain with US-ASCII encoding (see e.g. data_url_unittest.cc). Anyhow, saying it might change in the future does not help anyone, and is actually a potential security risk - see e.g. the discussion about 'magic' in QTextEdit::setText(). Because of this, it's unlikely that Chromium ever changes the default. Anyhow, we can as well hardcode the default, and document it then. Change-Id: I949111598a30fa69d152d3e98d76e9d96df92d54 Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io> Reviewed-by: Viktor Engelmann <viktor.engelmann@qt.io> Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Turn off caching of images rendered for the printerMichael Brüning2017-12-143-19/+15
| | | | | | | | | | | | | | | When printing very large documents using the QPrinter-based API, it was possible to run out of memory because the images that pdfium has generated was cached for reuse when printing multiple copies of the document. Caching the images is now removed as printing multiple copies is not the default use case and is nowadays often also handled by the printer itself. Task-number: QTBUG-58400 Change-Id: I27bd17b33a839a845ca1b387b0c3bd0466b6592f Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix invalid access in currentTimeForEventAlexandru Croitor2017-12-141-1/+2
| | | | | | | | | The method currentTimeForEvent() tried to access the timestamp() method for a QEvent::Leave event. Leave events are regular QEvents and not QInputEvents, and thus have no such method. Change-Id: Iecc20d239b0e2a5b39b995dabdd7ca8fb44491aa Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix QSGSoftwareLayer renderingJüri Valdmann2017-12-131-1/+1
| | | | | | | | Software layers (added in qtdeclarative 5.8) also need updating. Task-number: QTBUG-62867 Change-Id: If7a941d7e360871822e1776cde3845abcb1f7efa Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Fix favicon update from JavaScriptPeter Varga2017-12-131-0/+3
| | | | | | Task-number: QTBUG-64967 Change-Id: Ida79d6cdb682d510e9a2e91e3e3ca263acf34a99 Reviewed-by: Viktor Engelmann <viktor.engelmann@qt.io>
* Check for null renderViewAllan Sandfeld Jensen2017-12-111-4/+10
| | | | | | | | | | | It can according to documentation potentially be null, even if it might not happen in our cases. Task-number: QTBUG-63854 Change-Id: I76029c83fe32c163c2707568fe81b7590a79b4fe Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io> Reviewed-by: Michael Brüning <michael.bruning@qt.io> Reviewed-by: Viktor Engelmann <viktor.engelmann@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 21:45:26 +0000