| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add test for cross origin XMLHttpRequests from/to custom schemes. By default,
this is not allowed, but can be changed by adding an origin access whitelist
entry to blink::WebSecurityPolicy in the renderer.
Do this for the qrc scheme. As a result SecurityOrigin("qrc").CanRequest("file")
will return true, which makes DocumentThreadableLoader::Start disable CORS for
the request. Otherwise, CORS would be used, which only works with CORS enabled
schemes.
Fixes: QTBUG-70228
Change-Id: I2da60fddbbfb490c6d2f03329be286dbc28e1f12
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Works with registered custom schemes, does not work with unregistered ones. In
the latter case the function call is treated as a security violation and the
renderer process is killed.
Task-number: QTBUG-70420
Change-Id: I9c6fc0f02b44854bbceaffd1efbfe065dee61582
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: Ifeaf0ee13213dc5a24d2f2b4655cf7f405cddef7
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following feedback from 5.12 API review:
- Use enum class for Syntax
- Add Q_FLAG for Flags
- Mark constructor from name as explicit
- Rename Secure to SecureScheme
- Rename Local to LocalScheme
- Rename addScheme to registerScheme
- Rename findScheme to schemeByName
Task-number: QTBUG-70247
Change-Id: Iae332c8d9843349506e8a4b07d70f0d234597375
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: I9a6b4e7625700c1ff2621f4e2a2125727c34d3a1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Add webengine-webchannel feature.
Change-Id: I600572180f8169aafe79cf0408527cc087d9a007
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
| |
Change-Id: I7dc0ed033b3b99e633802d92176aca6f672d89e0
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Public API for the new url/url_util_qt extension to Chromium, which allows to
integrate custom schemes into Chromium's url parsing library and security model.
Previously custom schemes would be treated as 'unknown' schemes and rely on
fallback behavior in Chromium.
[ChangeLog][Custom Schemes] Added the QWebEngineUrlScheme class for configuring
how custom schemes are parsed and which security restrictions should apply.
Task-number: QTBUG-62536
Change-Id: I7d8b9da3ad742f568b82ccc6a2456ad35e84069b
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: Ifc9a24d4f887a2ca63aed283db3d7d1b56bc243d
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
Based on what appears to be the only difference in initialization we
have compared to other tests.
Change-Id: I6f8737e5de31e8a74872bfee05fecbff3b8dd096
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
Add previously missing combinations of schemes to the test.
Task-number: QTBUG-62536
Change-Id: Idee99ba03ee17af056e57dd0b1ecbf1b6bc80dcd
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: I13cedba56012f74651a044d6fa8f0957487bf3eb
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: Iee88721a50036d4ef85a23dd1708d4fb84218708
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
Check that the workaround in src/3rdparty bf10f2f32a behaves as expected.
Task-number: QTBUG-62536
Change-Id: Ieae4ad61df303aae5c65d4f7be487574ce32eae0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
| |
Shared workers work, service workers don't. Dedicated workers over custom
schemes trigger the same serialization error as WebSockets.
Task-number: QTBUG-62536
Change-Id: I97b4b8c267f6cfca74bc0abfcca905b0adeabe3d
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
Unlike http/https, the same-origin policy for file, qrc and custom schemes is
not specified in any standard and, for the latter two, is not tested by Chromium
either. Therefore some tests might be useful.
Task-number: QTBUG-62536
Change-Id: I194d06c16c44b0a78bf4dba57415a2d2c6b991cc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|