From 2a07e9a17698f1af49eaafcc59dec8ffa4a89eeb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Tue, 18 Dec 2018 10:54:24 +0100 Subject: Fix building with -no-opengl on macOS Based on a patch Dmitriy Kuminov. Change-Id: I5365b16e3b25fcfc5e8be33e6cdcfb85e3e118e4 Fixes: QTBUG-72540 Reviewed-by: Michal Klocek --- src/webengine/render_widget_host_view_qt_delegate_quick.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/webengine/render_widget_host_view_qt_delegate_quick.cpp b/src/webengine/render_widget_host_view_qt_delegate_quick.cpp index 2f65db97a..8aaf4c714 100644 --- a/src/webengine/render_widget_host_view_qt_delegate_quick.cpp +++ b/src/webengine/render_widget_host_view_qt_delegate_quick.cpp @@ -63,7 +63,7 @@ RenderWidgetHostViewQtDelegateQuick::RenderWidgetHostViewQtDelegateQuick(RenderW setFocus(true); setActiveFocusOnTab(true); -#ifdef Q_OS_OSX +#if defined(Q_OS_MACOS) && !defined(QT_NO_OPENGL) // Check that the default QSurfaceFormat OpenGL profile is compatible with the global OpenGL // shared context profile, otherwise this could lead to a nasty crash. QOpenGLContext *globalSharedContext = QOpenGLContext::globalShareContext(); -- cgit v1.2.3 From 4c12fa26cbd66b3973f5b1d05e792cee233764d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Tue, 18 Dec 2018 11:17:22 +0100 Subject: Update Chromium fbc71baba4 - [Backport] CVE-2018-18342 493c18adef - [Backport] CVE-2018-18341 f5ff8d4a62 - [Backport] CVE-2018-18340 f942ac6b4d - [Backport] CVE-2018-18339 58532117f8 - [Backport] CVE-2018-18338 ef4d1e1ef1 - [Backport] CVE-2018-18337 9a197eab29 - [Backport] CVE-2018-18335 c9155825f4 - [Backport] CVE-2018-17481 7f1f62997f - [Backport] CVE-2018-18336 4a26a08520 - [Backport] Security bug 851821 e63b2a8cb8 - [Backport] CVE-2018-17480 Task-number: QTBUG-72612 Change-Id: I6e970d3527249f1a229a7f3f42dea8886eaa1b6e Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 323b45aa2..fbc71baba 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 323b45aa242e0b4e75689d67418ec124ba1ca815 +Subproject commit fbc71baba4e8e3ce650b77587c837fb6bf22f1da -- cgit v1.2.3 From ebd30dc9682a4ff17baef379183206992d51dd16 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 20 Dec 2018 12:59:00 +0100 Subject: Update Chromium Pulls in following patches: * 4010e56 Minor. Remove old src version of sqlite * f97a65c [Backport] Update SQLite / Security bug 900910 * 35b62be [Backport] Prepare for sqllite update * 63dee74 [Backport] Security bug 877843 * 0ccf56b [Backport] Security bug 892643 * 2efddba [Backport] Security bug 839250 * 4627bab Add extensions to Qt build and fix it up for building * daa969c [Backport] Security bug 880665 * 04610f2 [Backport] Security bug 879965 * e1fe9e1 [Backport] Security bug 882270 * 7181bb5 [Backport] Security bug 895885 * 0dbd045 [Backpack] CVE-2018-18359 * 0473fab [Backport] CVE-2018-18358 * ed2a611 [Backport] CVE-2018-18357 * 5ee3488 [Backport] CVE-2018-18356 * 5e8a4ea [Backport] CVE-2018-18355 * 7d3f4e6 [Backport] CVE-2018-18350 * e0811d9 [Backport] CVE-2018-18349 * 26dba65 [Backport] CVE-2018-18347 * f0135d4 [Backport] CVE-2018-18345 * 586c41a [Backport] CVE-2018-18343 Fixes: QTBUG-72632 Task-number: QTBUG-72612 Change-Id: I32ddc57529b96e531cf14504fa0978cc8d490a26 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index fbc71baba..4010e56ec 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit fbc71baba4e8e3ce650b77587c837fb6bf22f1da +Subproject commit 4010e56ec0c7929764779376d99c6b2eeb2cbe53 -- cgit v1.2.3 From 35b97b92968505793b162ccfdada65e25690f711 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Fri, 21 Dec 2018 09:27:06 +0100 Subject: Update Chormium Pulls in following patches: * b3a4dd9 Fix heap overflow when allocating PowerSaveBlocker * 5463947 Fix use-after-scope on reference temporary detected by ASan Change-Id: I1777cb6d25d3364257e79054b1db23a4265ae00a Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 4010e56ec..b3a4dd9ee 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 4010e56ec0c7929764779376d99c6b2eeb2cbe53 +Subproject commit b3a4dd9ee40b959f56165d02fb87084712005c1d -- cgit v1.2.3 From fc382c92021954593e6d8d07ee3f0792c4ad5c17 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 27 Nov 2018 17:44:22 +0100 Subject: Fix recreation of cookie store and channel id service As more things gets mojofy and become services, we can not simply delete parts of storage context. Therefore regenerate whole storage in case of cookie store, cache, agent settings updates. URLRequestContextStorage guards correct order of destruction. This change aims to fix some crashes during cookie store and http cache recreation when ChannelIDService gets deleted. Depending on timing this ends with different stacktraces like in cookie store manager or during ssl handshake. We still keep network delegate outside of storage context to prevent crashes when url requests end their life due to (forced) request cancellation in cancelAllUrlRequests(). Please note this is just band-aid patch, and introduction of 'profile builder' will be a proper fix. Fixes: QTBUG-71895 Change-Id: If33a7af3ebba2632ea33f32d913e1c21a4534817 Reviewed-by: Allan Sandfeld Jensen --- src/core/profile_io_data_qt.cpp | 143 ++++++++------------- src/core/profile_io_data_qt.h | 5 +- .../qwebengineprofile/tst_qwebengineprofile.cpp | 16 +++ 3 files changed, 73 insertions(+), 91 deletions(-) diff --git a/src/core/profile_io_data_qt.cpp b/src/core/profile_io_data_qt.cpp index 7783f1ae7..5603d19b9 100644 --- a/src/core/profile_io_data_qt.cpp +++ b/src/core/profile_io_data_qt.cpp @@ -210,9 +210,9 @@ void ProfileIODataQt::initializeOnIOThread() // this binds factory to io thread m_weakPtr = m_weakPtrFactory.GetWeakPtr(); QMutexLocker lock(&m_mutex); - m_initialized = true; generateAllStorage(); generateJobFactory(); + m_initialized = true; } void ProfileIODataQt::initializeOnUIThread() @@ -227,6 +227,7 @@ void ProfileIODataQt::initializeOnUIThread() protocolHandlerRegistry->CreateJobInterceptorFactory(); m_cookieDelegate = new CookieMonsterDelegateQt(); m_cookieDelegate->setClient(m_profile->profileAdapter()->cookieStore()); + createProxyConfig(); } void ProfileIODataQt::cancelAllUrlRequests() @@ -262,11 +263,11 @@ void ProfileIODataQt::generateStorage() // We must stop all requests before deleting their backends. if (m_storage) { - m_cookieDelegate->setCookieMonster(0); - m_storage->set_cookie_store(0); + m_cookieDelegate->setCookieMonster(nullptr); + m_storage->set_cookie_store(nullptr); cancelAllUrlRequests(); // we need to get rid of dangling pointer due to coming storage deletion - m_urlRequestContext->set_http_transaction_factory(0); + m_urlRequestContext->set_http_transaction_factory(nullptr); m_httpNetworkSession.reset(); m_transportSecurityPersister.reset(); } @@ -282,25 +283,10 @@ void ProfileIODataQt::generateStorage() // ct_verifier->AddLogs(net::ct::CreateLogVerifiersForKnownLogs()); m_storage->set_cert_transparency_verifier(std::move(ct_verifier)); m_storage->set_ct_policy_enforcer(base::WrapUnique(new net::DefaultCTPolicyEnforcer())); - - std::unique_ptr host_resolver(net::HostResolver::CreateDefaultResolver(NULL)); - - // The System Proxy Resolver has issues on Windows with unconfigured network cards, - // which is why we want to use the v8 one - if (!m_dhcpPacFileFetcherFactory) - m_dhcpPacFileFetcherFactory.reset(new net::DhcpPacFileFetcherFactory); - - proxy_resolver::mojom::ProxyResolverFactoryPtr proxyResolver(std::move(m_proxyResolverFactoryInterface)); - m_storage->set_proxy_resolution_service(network::CreateProxyResolutionServiceUsingMojoFactory( - std::move(proxyResolver), - std::unique_ptr(proxyConfigService), - net::PacFileFetcherImpl::CreateWithFileUrlSupport(m_urlRequestContext.get()), - m_dhcpPacFileFetcherFactory->Create(m_urlRequestContext.get()), - host_resolver.get(), - nullptr /* NetLog */, - m_networkDelegate.get())); - + m_storage->set_host_resolver(net::HostResolver::CreateDefaultResolver(NULL)); m_storage->set_ssl_config_service(std::make_unique()); + m_storage->set_http_auth_handler_factory(net::HttpAuthHandlerFactory::CreateDefault( + m_urlRequestContext->host_resolver())); m_storage->set_transport_security_state(std::make_unique()); if (!m_dataPath.isEmpty()) { @@ -316,20 +302,23 @@ void ProfileIODataQt::generateStorage() background_task_runner); }; - if (!m_httpAuthPreferences) - m_httpAuthPreferences.reset(new net::HttpAuthPreferences()); - - m_storage->set_http_auth_handler_factory(net::HttpAuthHandlerFactory::CreateDefault( - host_resolver.get(), - m_httpAuthPreferences.get() -#if (defined(OS_POSIX) && !defined(OS_ANDROID)) || defined(OS_FUCHSIA) - , std::string() /* gssapi library name */ -#endif - )); m_storage->set_http_server_properties(std::unique_ptr( new net::HttpServerPropertiesImpl)); - // Give |m_storage| ownership at the end in case it's |mapped_host_resolver|. - m_storage->set_host_resolver(std::move(host_resolver)); + + // The System Proxy Resolver has issues on Windows with unconfigured network cards, + // which is why we want to use the v8 one + if (!m_dhcpPacFileFetcherFactory) + m_dhcpPacFileFetcherFactory.reset(new net::DhcpPacFileFetcherFactory); + + proxy_resolver::mojom::ProxyResolverFactoryPtr proxyResolver(std::move(m_proxyResolverFactoryInterface)); + m_storage->set_proxy_resolution_service(network::CreateProxyResolutionServiceUsingMojoFactory( + std::move(proxyResolver), + std::unique_ptr(proxyConfigService), + net::PacFileFetcherImpl::CreateWithFileUrlSupport(m_urlRequestContext.get()), + m_dhcpPacFileFetcherFactory->Create(m_urlRequestContext.get()), + m_urlRequestContext->host_resolver(), + nullptr /* NetLog */, + m_urlRequestContext->network_delegate())); } @@ -337,10 +326,8 @@ void ProfileIODataQt::generateCookieStore() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); Q_ASSERT(m_urlRequestContext); - Q_ASSERT(m_storage); QMutexLocker lock(&m_mutex); - m_updateCookieStore = false; scoped_refptr channel_id_db; if (!m_channelIdPath.isEmpty() && m_persistentCookiesPolicy != ProfileAdapter::NoPersistentCookies) { @@ -354,11 +341,6 @@ void ProfileIODataQt::generateCookieStore() base::WrapUnique(new net::ChannelIDService( new net::DefaultChannelIDStore(channel_id_db.get())))); - // Unset it first to get a chance to destroy and flush the old cookie store before - // opening a new on possibly the same file. - m_cookieDelegate->setCookieMonster(0); - m_storage->set_cookie_store(0); - std::unique_ptr cookieStore; switch (m_persistentCookiesPolicy) { case ProfileAdapter::NoPersistentCookies: @@ -398,11 +380,6 @@ void ProfileIODataQt::generateCookieStore() const std::vector cookieableSchemes(kCookieableSchemes, kCookieableSchemes + arraysize(kCookieableSchemes)); cookieMonster->SetCookieableSchemes(cookieableSchemes); - - if (!m_updateAllStorage && m_updateHttpCache) { - // HttpCache needs to be regenerated when we generate a new channel id service - generateHttpCache(); - } } void ProfileIODataQt::generateUserAgent() @@ -412,8 +389,6 @@ void ProfileIODataQt::generateUserAgent() Q_ASSERT(m_storage); QMutexLocker lock(&m_mutex); - m_updateUserAgent = false; - m_storage->set_http_user_agent_settings(std::unique_ptr( new net::StaticHttpUserAgentSettings(m_httpAcceptLanguage.toStdString(), m_httpUserAgent.toStdString()))); @@ -426,10 +401,6 @@ void ProfileIODataQt::generateHttpCache() Q_ASSERT(m_storage); QMutexLocker lock(&m_mutex); - m_updateHttpCache = false; - - if (m_updateCookieStore) - generateCookieStore(); net::HttpCache::DefaultBackend* main_backend = 0; switch (m_httpCacheType) { @@ -583,6 +554,34 @@ void ProfileIODataQt::setFullConfiguration() m_dataPath = m_profileAdapter->dataPath(); } +void ProfileIODataQt::requestStorageGeneration() { + Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); + QMutexLocker lock(&m_mutex); + if (m_initialized && !m_updateAllStorage) { + m_updateAllStorage = true; + createProxyConfig(); + content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE, + base::Bind(&ProfileIODataQt::generateAllStorage, m_weakPtr)); + } +} + +// TODO(miklocek): mojofy ProxyConfigServiceQt +void ProfileIODataQt::createProxyConfig() +{ + Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); + QMutexLocker lock(&m_mutex); + // We must create the proxy config service on the UI loop on Linux because it + // must synchronously run on the glib message loop. This will be passed to + // the URLRequestContextStorage on the IO thread in GetURLRequestContext(). + Q_ASSERT(m_proxyConfigService == 0); + m_proxyConfigService = + new ProxyConfigServiceQt( + net::ProxyResolutionService::CreateSystemProxyConfigService( + content::BrowserThread::GetTaskRunnerForThread(content::BrowserThread::IO))); + //pass interface to io thread + m_proxyResolverFactoryInterface = ChromeMojoProxyResolverFactory::CreateWithStrongBinding().PassInterface(); +} + void ProfileIODataQt::updateStorageSettings() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); @@ -595,23 +594,7 @@ void ProfileIODataQt::updateStorageSettings() file::ForgetServiceUserIdUserDirAssociation(userId); file::AssociateServiceUserIdWithUserDir(userId, toFilePath(m_profileAdapter->dataPath())); } - - if (!m_updateAllStorage) { - m_updateAllStorage = true; - // We must create the proxy config service on the UI loop on Linux because it - // must synchronously run on the glib message loop. This will be passed to - // the URLRequestContextStorage on the IO thread in GetURLRequestContext(). - Q_ASSERT(m_proxyConfigService == 0); - m_proxyConfigService = - new ProxyConfigServiceQt( - net::ProxyResolutionService::CreateSystemProxyConfigService( - content::BrowserThread::GetTaskRunnerForThread(content::BrowserThread::IO))); - //pass interface to io thread - m_proxyResolverFactoryInterface = ChromeMojoProxyResolverFactory::CreateWithStrongBinding().PassInterface(); - if (m_initialized) - content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE, - base::Bind(&ProfileIODataQt::generateAllStorage, m_weakPtr)); - } + requestStorageGeneration(); } void ProfileIODataQt::updateCookieStore() @@ -621,13 +604,7 @@ void ProfileIODataQt::updateCookieStore() m_persistentCookiesPolicy = m_profileAdapter->persistentCookiesPolicy(); m_cookiesPath = m_profileAdapter->cookiesPath(); m_channelIdPath = m_profileAdapter->channelIdPath(); - - if (m_initialized && !m_updateAllStorage && !m_updateCookieStore) { - m_updateCookieStore = true; - m_updateHttpCache = true; - content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE, - base::Bind(&ProfileIODataQt::generateCookieStore, m_weakPtr)); - } + requestStorageGeneration(); } void ProfileIODataQt::updateUserAgent() @@ -636,12 +613,7 @@ void ProfileIODataQt::updateUserAgent() QMutexLocker lock(&m_mutex); m_httpAcceptLanguage = m_profileAdapter->httpAcceptLanguage(); m_httpUserAgent = m_profileAdapter->httpUserAgent(); - - if (m_initialized && !m_updateAllStorage && !m_updateUserAgent) { - m_updateUserAgent = true; - content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE, - base::Bind(&ProfileIODataQt::generateUserAgent, m_weakPtr)); - } + requestStorageGeneration(); } void ProfileIODataQt::updateHttpCache() @@ -660,12 +632,7 @@ void ProfileIODataQt::updateHttpCache() content::BrowsingDataRemover::ORIGIN_TYPE_UNPROTECTED_WEB | content::BrowsingDataRemover::ORIGIN_TYPE_PROTECTED_WEB); } - - if (m_initialized && !m_updateAllStorage && !m_updateHttpCache) { - m_updateHttpCache = true; - content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE, - base::Bind(&ProfileIODataQt::generateHttpCache, m_weakPtr)); - } + requestStorageGeneration(); } void ProfileIODataQt::updateJobFactory() diff --git a/src/core/profile_io_data_qt.h b/src/core/profile_io_data_qt.h index 5b416861c..2d4706bf4 100644 --- a/src/core/profile_io_data_qt.h +++ b/src/core/profile_io_data_qt.h @@ -105,6 +105,8 @@ public: void updateHttpCache(); // runs on ui thread void updateJobFactory(); // runs on ui thread void updateRequestInterceptor(); // runs on ui thread + void requestStorageGeneration(); //runs on ui thread + void createProxyConfig(); //runs on ui thread private: ProfileQt *m_profile; @@ -140,10 +142,7 @@ private: int m_httpCacheMaxSize = 0; bool m_initialized = false; bool m_updateAllStorage = false; - bool m_updateCookieStore = false; - bool m_updateHttpCache = false; bool m_updateJobFactory = false; - bool m_updateUserAgent = false; bool m_ignoreCertificateErrors = false; base::WeakPtrFactory m_weakPtrFactory; // this should be always the last member QString m_dataPath; diff --git a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp index 1fe0f0304..98b4fa6a8 100644 --- a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp +++ b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -57,6 +58,7 @@ private Q_SLOTS: void downloadItem(); void changePersistentPath(); void initiator(); + void qtbug_72299(); // this should be the last test }; void tst_QWebEngineProfile::init() @@ -568,5 +570,19 @@ void tst_QWebEngineProfile::initiator() QCOMPARE(handler.initiator, QUrl()); } +void tst_QWebEngineProfile::qtbug_72299() +{ + QWebEngineView view; + view.setUrl(QUrl("https://www.qt.io")); + view.show(); + QSignalSpy loadSpy(view.page(), SIGNAL(loadFinished(bool))); + view.page()->profile()->clearHttpCache(); + view.page()->profile()->setHttpCacheType(QWebEngineProfile::NoCache); + view.page()->profile()->cookieStore()->deleteAllCookies(); + view.page()->profile()->setPersistentCookiesPolicy(QWebEngineProfile::NoPersistentCookies); + QTRY_COMPARE_WITH_TIMEOUT(loadSpy.count(), 1, 20000); +} + + QTEST_MAIN(tst_QWebEngineProfile) #include "tst_qwebengineprofile.moc" -- cgit v1.2.3 From f661543d54c4bb453c3f01e11544b39c98d32e95 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 11 Dec 2018 18:13:51 +0100 Subject: Fix hide/show of delegate widget For QQuickWidget::show does not work correctly if widget was not hidden. Fixes: QTBUG-72299 Change-Id: I12fba8c18cbf3f847d30de8b057a50e6d9917fde Reviewed-by: Allan Sandfeld Jensen Reviewed-by: Kai Koehne --- .../render_widget_host_view_qt_delegate_widget.cpp | 1 + .../widgets/qwebengineview/tst_qwebengineview.cpp | 23 ++++++++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp index 900ed3324..55bdb3a62 100644 --- a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp +++ b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp @@ -277,6 +277,7 @@ void RenderWidgetHostViewQtDelegateWidget::show() void RenderWidgetHostViewQtDelegateWidget::hide() { m_rootItem->setVisible(false); + QQuickWidget::hide(); } bool RenderWidgetHostViewQtDelegateWidget::isVisible() const diff --git a/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp b/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp index c7d3ccca7..839bc8c0c 100644 --- a/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp +++ b/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp @@ -46,6 +46,7 @@ #include #include #include +#include #define VERIFY_INPUTMETHOD_HINTS(actual, expect) \ QVERIFY(actual == (expect | Qt::ImhNoPredictiveText | Qt::ImhNoTextHandles | Qt::ImhNoEditMenu)); @@ -193,6 +194,7 @@ private Q_SLOTS: void jsKeyboardEvent(); void deletePage(); void closeOpenerTab(); + void switchPage(); }; // This will be called before the first test function is executed. @@ -3173,5 +3175,26 @@ void tst_QWebEngineView::closeOpenerTab() QVERIFY(newView->focusProxy()->isVisible()); } +void tst_QWebEngineView::switchPage() +{ + QWebEngineProfile profile; + QWebEnginePage page1(&profile); + QWebEnginePage page2(&profile); + QSignalSpy loadFinishedSpy1(&page1, SIGNAL(loadFinished(bool))); + QSignalSpy loadFinishedSpy2(&page2, SIGNAL(loadFinished(bool))); + page1.setHtml(""); + page2.setHtml(""); + QTRY_VERIFY(loadFinishedSpy1.count() && loadFinishedSpy2.count()); + QWebEngineView webView; + webView.resize(300,300); + webView.show(); + webView.setPage(&page1); + QTRY_COMPARE(webView.grab().toImage().pixelColor(QPoint(150,150)), Qt::black); + webView.setPage(&page2); + QTRY_COMPARE(webView.grab().toImage().pixelColor(QPoint(150,150)), Qt::white); + webView.setPage(&page1); + QTRY_COMPARE(webView.grab().toImage().pixelColor(QPoint(150,150)), Qt::black); +} + QTEST_MAIN(tst_QWebEngineView) #include "tst_qwebengineview.moc" -- cgit v1.2.3 From 3f501ed2cf4a0a54aeddce9e83effcd8d37c754b Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Fri, 16 Nov 2018 11:40:52 +0100 Subject: Fix incorrect GLX pbuffer attributes terminator Reland fix 04337275e4 after adaptations d5bffb5125 Change-Id: Ieca40fd2ac3d245f760c9b24e2d42d21855b836a Reviewed-by: Michal Klocek --- src/core/ozone/gl_surface_glx_qt.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/ozone/gl_surface_glx_qt.cpp b/src/core/ozone/gl_surface_glx_qt.cpp index eebefa59b..4faa08091 100644 --- a/src/core/ozone/gl_surface_glx_qt.cpp +++ b/src/core/ozone/gl_surface_glx_qt.cpp @@ -173,7 +173,7 @@ bool GLSurfaceGLXQt::Initialize(GLSurfaceFormat format) GLX_PBUFFER_HEIGHT, m_size.height(), GLX_LARGEST_PBUFFER, x11::False, GLX_PRESERVED_CONTENTS, x11::False, - GLX_NONE + NULL }; m_surfaceBuffer = glXCreatePbuffer(display, static_cast(g_config), pbuffer_attributes); -- cgit v1.2.3 From 835356982547b0a5ab0c487dd744ac84fb083e51 Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Wed, 9 Jan 2019 10:09:42 +0200 Subject: Add changes file for Qt 5.12.1 Change-Id: Ic750e5a1668c533b197ef0224dceb747d5b1fde3 Reviewed-by: Kai Koehne --- dist/changes-5.12.1 | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 dist/changes-5.12.1 diff --git a/dist/changes-5.12.1 b/dist/changes-5.12.1 new file mode 100644 index 000000000..44dfdd5c7 --- /dev/null +++ b/dist/changes-5.12.1 @@ -0,0 +1,78 @@ +Qt 5.12.1 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +http://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.1 Changes * +**************************************************************************** + +Chromium +-------- + + - Security fixes from Chromium up to version 71.0.3578.94, including: + * CVE-2018-17480 + * CVE-2018-17481 + * CVE-2018-18335 + * CVE-2018-18336 + * CVE-2018-18337 + * CVE-2018-18338 + * CVE-2018-18339 + * CVE-2018-18340 + * CVE-2018-18341 + * CVE-2018-18342 + * CVE-2018-18343 + * CVE-2018-18345 + * CVE-2018-18347 + * CVE-2018-18349 + * CVE-2018-18350 + * CVE-2018-18355 + * CVE-2018-18356 + * CVE-2018-18357 + * CVE-2018-18358 + * CVE-2018-18359 + * Security Bug 839250 + * Security Bug 851821 + * Security Bug 869067 + * Security Bug 877843 + * Security Bug 879965 + * Security Bug 880665 + * Security Bug 882270 + * Security Bug 892643 + * Security Bug 895885 + * Security Bug 900910 + - Fixed x86-32 builds on GCC 8. + - Fixed building on ARM hosts. + + +General +------- + + * Enabled idle detection and sleep inhibition on Linux and macOS. + * [QTBUG-66262] Improved suggested file name of downloads when conflicts arise. + * [QTBUG-71322] Enabled bilinear filtering of textures in software rendering mode. + * [QTBUG-71370] Fixed autoscrolling regression. + * [QTBUG-71895] Fixed crash when calling clearHttpCache(). + * [QTBUG-72260] Fixed crash on requestInterceptor changes. + * [QTBUG-72654] Fixed Event.timeStamp being 0. + * [QTBUG-72655] Fixed some JS properties of dead key event. + + +QtQuickWebEngine +---------------- + + * [QTBUG-72299] Fixed problem with blank view after reuse. -- cgit v1.2.3 From dde9bbb40ceed6409862e4cd31091270f99ea346 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Tue, 15 Jan 2019 13:39:51 +0100 Subject: Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changes: 9aa80f767b Fix jumbo build with GCC 35e15c6001 [Backport] Security bug 880207 4848d71bd9 [Backport] Security bug 881252 and 896326 27c402195e [Backport] Security issue 849942 fec48c17fa FIXUP: [Backport] Security bug 881252 and 896326 Fixes: QTBUG-72612 Change-Id: I27c3214b9491112a0ec576ef4f609534e4eb0e94 Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index b3a4dd9ee..fec48c17f 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit b3a4dd9ee40b959f56165d02fb87084712005c1d +Subproject commit fec48c17fa1853a1e42a5b6ce97680767464185d -- cgit v1.2.3 From ef8e1c4109b6d00b9031cdab9c253fcc0c9cda06 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Wed, 30 Jan 2019 16:23:50 +0100 Subject: Reinstate CT verification using known logs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Lost in the transition to Chromium 69 as the function we were using no longer exists. Reimplemented by how it is now done in NetworkContext. Change-Id: I05c986f2941c7d5f2b8641adc8c619ec3f75e0b1 Reviewed-by: Jüri Valdmann --- src/core/profile_io_data_qt.cpp | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/core/profile_io_data_qt.cpp b/src/core/profile_io_data_qt.cpp index 5603d19b9..36f92e14f 100644 --- a/src/core/profile_io_data_qt.cpp +++ b/src/core/profile_io_data_qt.cpp @@ -279,8 +279,17 @@ void ProfileIODataQt::generateStorage() m_storage->set_cert_verifier(net::CertVerifier::CreateDefault()); std::unique_ptr ct_verifier(new net::MultiLogCTVerifier()); -// FIXME: -// ct_verifier->AddLogs(net::ct::CreateLogVerifiersForKnownLogs()); + std::vector> ct_logs; + for (const auto &ct_log : certificate_transparency::GetKnownLogs()) { + scoped_refptr log_verifier = + net::CTLogVerifier::Create(std::string(ct_log.log_key, ct_log.log_key_length), + ct_log.log_name, + ct_log.log_dns_domain); + if (!log_verifier) + continue; + ct_logs.push_back(std::move(log_verifier)); + } + ct_verifier->AddLogs(ct_logs); m_storage->set_cert_transparency_verifier(std::move(ct_verifier)); m_storage->set_ct_policy_enforcer(base::WrapUnique(new net::DefaultCTPolicyEnforcer())); m_storage->set_host_resolver(net::HostResolver::CreateDefaultResolver(NULL)); -- cgit v1.2.3 From 31730085ee9247864a5da5682939eb399853f984 Mon Sep 17 00:00:00 2001 From: Andy Shaw Date: Fri, 1 Feb 2019 15:02:48 +0100 Subject: macOS: Look for the widevine plugin in the possible new locations Change-Id: Ibaaa64ace3bff9fe630d9448864587bac8f7b128 Reviewed-by: Allan Sandfeld Jensen --- src/core/content_client_qt.cpp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/core/content_client_qt.cpp b/src/core/content_client_qt.cpp index 1a3be31be..df1bc303d 100644 --- a/src/core/content_client_qt.cpp +++ b/src/core/content_client_qt.cpp @@ -262,9 +262,19 @@ static bool IsWidevineAvailable(base::FilePath *cdm_path, pluginPaths << ppapiPluginsPath() + QStringLiteral("/") + QString::fromLatin1(kWidevineCdmFileName); #endif #if defined(Q_OS_OSX) - QDir potentialWidevineDir(QDir::homePath() + "/Library/Application Support/Google/Chrome/WidevineCDM"); + QDir potentialWidevineDir("/Applications/Google Chrome.app/Contents/Versions"); if (potentialWidevineDir.exists()) { - QFileInfoList widevineVersionDirs = potentialWidevineDir.entryInfoList(QDir::Dirs | QDir::NoDotAndDotDot, QDir::Name | QDir::Reversed); + QFileInfoList widevineVersionDirs = potentialWidevineDir.entryInfoList(QDir::Dirs | QDir::NoDotAndDotDot, + QDir::Name | QDir::Reversed); + const QString library = QLatin1String("/Google Chrome Framework.framework/Versions/A/Libraries/" + "WidevineCdm/_platform_specific/mac_x64/libwidevinecdm.dylib"); + for (const QFileInfo &info : widevineVersionDirs) + pluginPaths << info.absoluteFilePath() + library; + } + + QDir oldPotentialWidevineDir(QDir::homePath() + "/Library/Application Support/Google/Chrome/WidevineCDM"); + if (oldPotentialWidevineDir.exists()) { + QFileInfoList widevineVersionDirs = oldPotentialWidevineDir.entryInfoList(QDir::Dirs | QDir::NoDotAndDotDot, QDir::Name | QDir::Reversed); for (int i = 0; i < widevineVersionDirs.size(); ++i) { QString versionDirPath(widevineVersionDirs.at(i).absoluteFilePath()); QString potentialWidevinePluginPath = versionDirPath + "/_platform_specific/mac_x64/" + QString::fromLatin1(kWidevineCdmFileName); -- cgit v1.2.3 From 5bbf6c89b36a19484a9915943041740ef1bf8931 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Tue, 5 Feb 2019 11:27:16 +0100 Subject: Update Chromium Changes: fe4f93f10929 Disable unsupported JavaScript APIs in PDF extension 99bfdd214657 Fix apps_shim build file to properly flag extension related files fd293fc03974 Minor. Drop dependency for ffmpeg for test_support 50d06b752453 [Backport] Fix for CVE-2019-5754 cf5bd0c9157c [Backport] Fix for CVE-2019-5755 7a5167caf765 [Backport] Fix for CVE-2019-5782 09ae6be5bb83 [Backport] Fix for CVE-2019-5756 6605d8f7b430 [Backport] Fix for CVE-2019-5757 3b390539f429 [Backport] Fix for CVE-2019-5758 c350fc2e3258 [Backport] Fix for CVE-2019-5759 63cf07a2a77c [Backport] Fix for CVE-2019-5760 Task-number: QTBUG-73417 Change-Id: Ia72fd847c8c36959189fe9648c81a3eb6dec6a10 Reviewed-by: Michal Klocek --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index fec48c17f..63cf07a2a 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit fec48c17fa1853a1e42a5b6ce97680767464185d +Subproject commit 63cf07a2a77c2fc2ce52e063ceb860c8adcc718c -- cgit v1.2.3 From 68733d4fb913255fba47b1f7190cf85ad57e6541 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Thu, 17 Jan 2019 15:22:01 +0100 Subject: tst_origins: Don't create SharedWorkers from unregistered scheme Triggers DCHECK in content::SharedWorkerInstance::Matches on CI. According to the DCHECK, SharedWorkers cannot be constructed from unique origins (worker and constructor page need to be same-origin and unique origins are never same-origin with anything). In release builds the construction will just fail as expected. The DCHECK is only triggered if at least one other active SharedWorker already exists in the same storage partition. The reason it only happens on CI might be that the previous renderer process is not torn down fast enough and the previous SharedWorker remains active. Change-Id: I0906e1b5c85587df67b768ef022386d599ce9541 Reviewed-by: Allan Sandfeld Jensen --- tests/auto/widgets/origins/tst_origins.cpp | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/tests/auto/widgets/origins/tst_origins.cpp b/tests/auto/widgets/origins/tst_origins.cpp index 4e415af90..59cbdae13 100644 --- a/tests/auto/widgets/origins/tst_origins.cpp +++ b/tests/auto/widgets/origins/tst_origins.cpp @@ -640,10 +640,7 @@ void tst_Origins::sharedWorker() QTRY_VERIFY(eval(QSL("done")).toBool()); QCOMPARE(eval(QSL("result")), QVariant(42)); - // Even unregistered schemes can create SharedWorkers. - QVERIFY(load(QSL("tst:/resources/sharedWorker.html"))); - QTRY_VERIFY(eval(QSL("done")).toBool()); - QCOMPARE(eval(QSL("result")), QVariant(42)); + // Unregistered schemes should not create SharedWorkers. QVERIFY(load(QSL("PathSyntax:/resources/sharedWorker.html"))); QTRY_VERIFY(eval(QSL("done")).toBool()); -- cgit v1.2.3 From b3872ab2bb94b70e3f43cdf4217d959b95815d26 Mon Sep 17 00:00:00 2001 From: Tamas Zakor Date: Fri, 25 Jan 2019 14:41:52 +0100 Subject: Doc: Extend documentation of callbacks Warn about callbacks on QWebEnginePage destruction. Task-number: QTBUG-72816 Change-Id: I8dbc297a8f364bc237b0672a63325af8da197e01 Reviewed-by: Allan Sandfeld Jensen --- src/webenginewidgets/api/qwebenginepage.cpp | 9 +++++++++ src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc | 16 ++++++++++++++++ src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc | 4 ++++ 3 files changed, 29 insertions(+) diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index 5da39e814..67f3d7a76 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -2406,6 +2406,10 @@ void QWebEnginePage::printToPdf(const QString &filePath, const QPageLayout &page The \a resultCallback must take a const reference to a QByteArray as parameter. If printing was successful, this byte array will contain the PDF data, otherwise, the byte array will be empty. + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + \since 5.7 */ void QWebEnginePage::printToPdf(const QWebEngineCallback &resultCallback, const QPageLayout &pageLayout) @@ -2441,6 +2445,11 @@ void QWebEnginePage::printToPdf(const QWebEngineCallback &res The \a resultCallback must take a boolean as parameter. If printing was successful, this boolean will have the value \c true, otherwise, its value will be \c false. + + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + \since 5.8 */ void QWebEnginePage::print(QPrinter *printer, const QWebEngineCallback &resultCallback) diff --git a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc index d012c678c..035b45a6d 100644 --- a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc @@ -485,6 +485,10 @@ The \a resultCallback must take a boolean parameter. It will be called with a value of \c true if the \a subString was found; otherwise the callback value will be \c false. + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + For example: \snippet qtwebengine_qwebenginepage_snippet.cpp 0 */ @@ -613,6 +617,10 @@ \note \a resultCallback can be any of a function pointer, a functor or a lambda, and it is expected to take a QString parameter. + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + \sa setHtml(), toPlainText() */ @@ -624,6 +632,10 @@ \note \a resultCallback can be any of a function pointer, a functor or a lambda, and it is expected to take a QString parameter. + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + \sa toHtml() */ @@ -743,6 +755,10 @@ \warning Do not execute lengthy routines in the callback function, because it might block the rendering of the web engine page. + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + See scripts() for an alternative API to inject scripts. \sa QWebEngineScript::ScriptWorldId diff --git a/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc index 09346a446..501959ab9 100644 --- a/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc @@ -252,6 +252,10 @@ \a resultCallback must take a boolean parameter. It will be called with a value of \c true if \a subString was found; otherwise the callback value will be \c false. + \warning We guarantee that the callback (\a resultCallback) is always called, but it might be done + during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid + value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. + \sa selectedText(), selectionChanged() */ -- cgit v1.2.3 From 998a5a28f4ce348ba985bec4aacbd39aa82b5261 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Tue, 5 Feb 2019 15:00:52 +0100 Subject: Better error reporting for QWebEngineUrlScheme Add warnings for late registration and invalid configuration. Fixes: QTBUG-72842 Change-Id: I2c103c3b3581112cc885c3a1b4f42c011c3510ab Reviewed-by: Michal Klocek --- src/core/api/qwebengineurlscheme.cpp | 33 ++++++++++++++++++++++++++++++++- src/core/api/qwebengineurlscheme.h | 4 ++++ src/core/web_engine_context.cpp | 15 ++++++++++----- 3 files changed, 46 insertions(+), 6 deletions(-) diff --git a/src/core/api/qwebengineurlscheme.cpp b/src/core/api/qwebengineurlscheme.cpp index d63599163..9f7288f2d 100644 --- a/src/core/api/qwebengineurlscheme.cpp +++ b/src/core/api/qwebengineurlscheme.cpp @@ -39,7 +39,9 @@ #include "qwebengineurlscheme.h" -#include +#include "url/url_util_qt.h" + +#include QT_BEGIN_NAMESPACE @@ -59,6 +61,8 @@ ASSERT_ENUMS_MATCH(QWebEngineUrlScheme::ServiceWorkersAllowed, url::CustomScheme ASSERT_ENUMS_MATCH(QWebEngineUrlScheme::ViewSourceAllowed, url::CustomScheme::ViewSourceAllowed) ASSERT_ENUMS_MATCH(QWebEngineUrlScheme::ContentSecurityPolicyIgnored, url::CustomScheme::ContentSecurityPolicyIgnored) +static bool g_schemesLocked = false; + class QWebEngineUrlSchemePrivate : public QSharedData , public url::CustomScheme { @@ -357,6 +361,28 @@ void QWebEngineUrlScheme::setFlags(Flags newValue) */ void QWebEngineUrlScheme::registerScheme(const QWebEngineUrlScheme &scheme) { + if (scheme.d->name.empty()) { + qWarning() << "QWebEngineUrlScheme::registerScheme: Scheme name cannot be empty"; + return; + } + + bool needsPort = scheme.d->has_port_component(); + bool hasPort = scheme.d->default_port != url::PORT_UNSPECIFIED; + if (needsPort && !hasPort) { + qWarning() << "QWebEngineUrlScheme::registerScheme: Scheme" << scheme.name() << "needs a default port"; + return; + } + + if (url::CustomScheme::FindScheme(scheme.d->name)) { + qWarning() << "QWebEngineUrlScheme::registerScheme: Scheme" << scheme.name() << "already registered"; + return; + } + + if (g_schemesLocked) { + qWarning() << "QWebEngineUrlScheme::registerScheme: Too late to register scheme" << scheme.name(); + return; + } + url::CustomScheme::AddScheme(*scheme.d); } @@ -374,4 +400,9 @@ QWebEngineUrlScheme QWebEngineUrlScheme::schemeByName(const QByteArray &name) return QWebEngineUrlScheme(); } +void QWebEngineUrlScheme::lockSchemes() +{ + g_schemesLocked = true; +} + QT_END_NAMESPACE diff --git a/src/core/api/qwebengineurlscheme.h b/src/core/api/qwebengineurlscheme.h index 88a8f5065..da3010335 100644 --- a/src/core/api/qwebengineurlscheme.h +++ b/src/core/api/qwebengineurlscheme.h @@ -46,6 +46,8 @@ #include #include +namespace QtWebEngineCore { class WebEngineContext; } + QT_BEGIN_NAMESPACE class QWebEngineUrlSchemePrivate; @@ -106,6 +108,8 @@ public: static QWebEngineUrlScheme schemeByName(const QByteArray &name); private: + friend QtWebEngineCore::WebEngineContext; + static void lockSchemes(); QWebEngineUrlScheme(QWebEngineUrlSchemePrivate *d); QSharedDataPointer d; }; diff --git a/src/core/web_engine_context.cpp b/src/core/web_engine_context.cpp index ca52a5e67..edae5c47d 100644 --- a/src/core/web_engine_context.cpp +++ b/src/core/web_engine_context.cpp @@ -353,11 +353,16 @@ WebEngineContext::WebEngineContext() qputenv("force_s3tc_enable", "true"); #endif - QWebEngineUrlScheme qrcScheme(QByteArrayLiteral("qrc")); - qrcScheme.setFlags(QWebEngineUrlScheme::SecureScheme - | QWebEngineUrlScheme::LocalAccessAllowed - | QWebEngineUrlScheme::ViewSourceAllowed); - QWebEngineUrlScheme::registerScheme(qrcScheme); + if (QWebEngineUrlScheme::schemeByName(QByteArrayLiteral("qrc")) == QWebEngineUrlScheme()) { + // User might have registered "qrc" already with different options. + QWebEngineUrlScheme qrcScheme(QByteArrayLiteral("qrc")); + qrcScheme.setFlags(QWebEngineUrlScheme::SecureScheme + | QWebEngineUrlScheme::LocalAccessAllowed + | QWebEngineUrlScheme::ViewSourceAllowed); + QWebEngineUrlScheme::registerScheme(qrcScheme); + } + + QWebEngineUrlScheme::lockSchemes(); // Allow us to inject javascript like any webview toolkit. content::RenderFrameHost::AllowInjectingJavaScriptForAndroidWebView(); -- cgit v1.2.3 From 89ebafdb6c41229f007d423aa785dea6ace07271 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Wed, 28 Nov 2018 17:19:35 +0100 Subject: Shutdown ProxyResolutionSerivce Shut down the ProxyResolutionService before regenerating storage, it may have pending URLRequests. Change-Id: If79efc0bc942762dc48a50a12d74593ff1ee3989 Reviewed-by: Allan Sandfeld Jensen --- src/core/profile_io_data_qt.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/core/profile_io_data_qt.cpp b/src/core/profile_io_data_qt.cpp index 36f92e14f..63585b2c3 100644 --- a/src/core/profile_io_data_qt.cpp +++ b/src/core/profile_io_data_qt.cpp @@ -171,6 +171,8 @@ ProfileIODataQt::~ProfileIODataQt() { if (content::BrowserThread::IsThreadInitialized(content::BrowserThread::IO)) DCHECK_CURRENTLY_ON(content::BrowserThread::IO); + if (m_urlRequestContext && m_urlRequestContext->proxy_resolution_service()) + m_urlRequestContext->proxy_resolution_service()->OnShutdown(); m_resourceContext.reset(); if (m_cookieDelegate) m_cookieDelegate->setCookieMonster(0); // this will let CookieMonsterDelegateQt be deleted @@ -263,6 +265,7 @@ void ProfileIODataQt::generateStorage() // We must stop all requests before deleting their backends. if (m_storage) { + m_urlRequestContext->proxy_resolution_service()->OnShutdown(); m_cookieDelegate->setCookieMonster(nullptr); m_storage->set_cookie_store(nullptr); cancelAllUrlRequests(); -- cgit v1.2.3 From 3e88b4d35441301e44981874c06c16e3c6351b6e Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Tue, 12 Feb 2019 15:49:09 +0100 Subject: Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changes: 509f0033c434 [Backport] Fix for CVE-2019-5762 436537b89cc4 [Backport] Fix for CVE-2019-5763 69210928ceaa [Backport] Fix for CVE-2019-5764 c0f8161a7658 [Backport] Fix for security issue 922677 7f14eb3daf24 [Backport] Fix for security issue 899689 328129c5de09 [Backport] Fix for security issue 912520 a917b0698d8d [Backport] Fix for CVE-2019-5769 6c8f45a91435 [Backport] Fix for CVE-2019-5770 7b5e48775b3a [Backport] Fix for security issue 907047 Task-number: QTBUG-73417 Change-Id: I941f322313f42a6c92712f1d6cb7ae9a915bcf2e Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 63cf07a2a..7b5e48775 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 63cf07a2a77c2fc2ce52e063ceb860c8adcc718c +Subproject commit 7b5e48775b3ac89f49d4b0f74b7db03540cc212b -- cgit v1.2.3 From 74d2d301b11f2edfde69f0515e2fd74882ab6dab Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Wed, 13 Feb 2019 13:03:23 +0100 Subject: Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changes: 5c76f0592d0e [Backport] Fix for CVE-2019-5776 8b78be4530ae [Backport] Fix for CVE-2019-5775 and CVE-2019-5777 297b64d3d7d7 [Backport] Fix for CVE-2019-5779 42b4075a690d [Backport] Fix for CVE-2019-5783 5ee5529dea3a [Backport] Fix for CVE-2019-5781 5bebe28ae4d0 [Backport] Fix for security issue 912508 48192fb6548b [Backport] Update sqlite 3709910608cd [Backport] Fix for security issue 908358 Task-number: QTBUG-73417 Change-Id: If451e38f04bc4df90230acd51192a38c184df304 Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 7b5e48775..370991060 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 7b5e48775b3ac89f49d4b0f74b7db03540cc212b +Subproject commit 3709910608cd43db9272312e7ae8ca817b4a9b63 -- cgit v1.2.3