From c6b37bbd5fdfc0df6b53d787a2c6a0f4262de26b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Mon, 29 Apr 2019 12:58:37 +0200 Subject: [PATCH 001/112] QWebEngineUrlScheme: Prevent registration of standard schemes Change-Id: I05ef67b81d9b871d38fcc51639b742b2a7b8a387 Reviewed-by: Allan Sandfeld Jensen --- src/core/api/qwebengineurlscheme.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/core/api/qwebengineurlscheme.cpp b/src/core/api/qwebengineurlscheme.cpp index 9b04f46c584..9cc5b5056be 100644 --- a/src/core/api/qwebengineurlscheme.cpp +++ b/src/core/api/qwebengineurlscheme.cpp @@ -378,6 +378,11 @@ void QWebEngineUrlScheme::registerScheme(const QWebEngineUrlScheme &scheme) return; } + if (url::IsStandard(scheme.d->name.data(), url::Component(0, scheme.d->name.size()))) { + qWarning() << "QWebEngineUrlScheme::registerScheme: Scheme" << scheme.name() << "is a standard scheme"; + return; + } + if (g_schemesLocked) { qWarning() << "QWebEngineUrlScheme::registerScheme: Too late to register scheme" << scheme.name(); return; From 26ac59af2306b4f6f83e791bb3e828b9f7b1a721 Mon Sep 17 00:00:00 2001 From: Kai Koehne Date: Mon, 29 Apr 2019 16:27:07 +0200 Subject: [PATCH 002/112] Skip qtwebengine for -no-gui build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: QTBUG-75465 Change-Id: Iaf8c75d60d00dac3079fcb3f7108e1c3e5ea5245 Reviewed-by: Allan Sandfeld Jensen Reviewed-by: Michael Brüning --- mkspecs/features/configure.prf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mkspecs/features/configure.prf b/mkspecs/features/configure.prf index d7d382a4ff8..42e5b40c98d 100644 --- a/mkspecs/features/configure.prf +++ b/mkspecs/features/configure.prf @@ -4,6 +4,10 @@ load(functions) load(platform) defineTest(runConfigure) { + !qtHaveModule(gui) { + skipBuild("QtWebEngine requires QtGui.") + return(false) + } !exists(src/3rdparty/chromium) { skipBuild("Submodule qtwebengine-chromium does not exist. Run 'git submodule update --init'.") From e44b509bad1f06d7e257bf09e80dfb5440cdbf9e Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Mon, 29 Apr 2019 15:28:53 +0200 Subject: [PATCH 003/112] Handle corner case of assigning an implicit page to a new view MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pass the ownership on to the the new view, so it is still handled like an implicit page. Change-Id: I76ad3cb349a492e60e3ad2bdd4aebaabed07bd4f Reviewed-by: Jüri Valdmann --- src/webenginewidgets/api/qwebenginepage.cpp | 22 +++++++++++-------- .../qwebengineview/tst_qwebengineview.cpp | 15 +++++++++++++ 2 files changed, 28 insertions(+), 9 deletions(-) diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index 85a162383f0..54006169e51 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -746,17 +746,26 @@ void QWebEnginePagePrivate::bindPageAndView(QWebEnginePage *page, QWebEngineView auto oldView = page ? page->d_func()->view : nullptr; auto oldPage = view ? view->d_func()->page : nullptr; + bool ownNewPage = false; + bool deleteOldPage = false; + // Change pointers first. if (page && oldView != view) { - if (oldView) + if (oldView) { + ownNewPage = oldView->d_func()->m_ownsPage; oldView->d_func()->page = nullptr; + oldView->d_func()->m_ownsPage = false; + } page->d_func()->view = view; } if (view && oldPage != page) { - if (oldPage) + if (oldPage) { oldPage->d_func()->view = nullptr; + deleteOldPage = view->d_func()->m_ownsPage; + } + view->d_func()->m_ownsPage = ownNewPage; view->d_func()->page = page; } @@ -775,14 +784,9 @@ void QWebEnginePagePrivate::bindPageAndView(QWebEnginePage *page, QWebEngineView view->d_func()->pageChanged(oldPage, page); if (oldWidget != widget) view->d_func()->widgetChanged(oldWidget, widget); - - // At this point m_ownsPage should still refer to oldPage, - // it is only set for the new page after binding. - if (view->d_func()->m_ownsPage) { - delete oldPage; - view->d_func()->m_ownsPage = false; - } } + if (deleteOldPage) + delete oldPage; } void QWebEnginePagePrivate::bindPageAndWidget(QWebEnginePage *page, RenderWidgetHostViewQtDelegateWidget *widget) diff --git a/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp b/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp index 6ab63b54e61..b9337cbee01 100644 --- a/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp +++ b/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp @@ -196,6 +196,7 @@ private Q_SLOTS: void closeOpenerTab(); void switchPage(); void setPageDeletesImplicitPage(); + void setPageDeletesImplicitPage2(); void setViewDeletesImplicitPage(); void setPagePreservesExplicitPage(); void setViewPreservesExplicitPage(); @@ -3210,6 +3211,20 @@ void tst_QWebEngineView::setPageDeletesImplicitPage() QVERIFY(!implicitPage); // should be deleted } +void tst_QWebEngineView::setPageDeletesImplicitPage2() +{ + QWebEngineView view1; + QWebEngineView view2; + QPointer implicitPage = view1.page(); + view2.setPage(view1.page()); + QVERIFY(implicitPage); + QVERIFY(view1.page() != implicitPage); + QWebEnginePage explicitPage; + view2.setPage(&explicitPage); + QCOMPARE(view2.page(), &explicitPage); + QVERIFY(!implicitPage); // should be deleted +} + void tst_QWebEngineView::setViewDeletesImplicitPage() { QWebEngineView view; From 3d9bfd7a0a9bff5a3d66366656ae2746f0af97af Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Mon, 29 Apr 2019 12:19:57 +0200 Subject: [PATCH 004/112] Silence warnings in tst_qwebengineprofile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Register custom schemes Change-Id: I536a27da8f936e4ea6569e39a8ec6e30e23af03a Reviewed-by: Jüri Valdmann --- .../tst_qwebengineprofile.cpp | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp index d9505cbfd82..e84aacb2708 100644 --- a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp +++ b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp @@ -31,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -43,6 +44,7 @@ class tst_QWebEngineProfile : public QObject Q_OBJECT private Q_SLOTS: + void initTestCase(); void init(); void cleanup(); void privateProfile(); @@ -61,6 +63,23 @@ private Q_SLOTS: void qtbug_72299(); // this should be the last test }; +void tst_QWebEngineProfile::initTestCase() +{ + QWebEngineUrlScheme foo("foo"); + QWebEngineUrlScheme stream("stream"); + QWebEngineUrlScheme letterto("letterto"); + QWebEngineUrlScheme aviancarrier("aviancarrier"); + foo.setSyntax(QWebEngineUrlScheme::Syntax::Host); + stream.setSyntax(QWebEngineUrlScheme::Syntax::HostAndPort); + stream.setDefaultPort(8080); + letterto.setSyntax(QWebEngineUrlScheme::Syntax::Path); + aviancarrier.setSyntax(QWebEngineUrlScheme::Syntax::Path); + QWebEngineUrlScheme::registerScheme(foo); + QWebEngineUrlScheme::registerScheme(stream); + QWebEngineUrlScheme::registerScheme(letterto); + QWebEngineUrlScheme::registerScheme(aviancarrier); +} + void tst_QWebEngineProfile::init() { //make sure defualt global profile is 'default' across all the tests @@ -82,6 +101,7 @@ void tst_QWebEngineProfile::cleanup() profile->setCachePath(QString()); profile->setPersistentStoragePath(QString()); profile->setHttpCacheType(QWebEngineProfile::DiskHttpCache); + profile->removeAllUrlSchemeHandlers(); } void tst_QWebEngineProfile::privateProfile() From 5a4656b9c731418f5568e57060b96b81333ac98f Mon Sep 17 00:00:00 2001 From: Leena Miettinen Date: Wed, 17 Apr 2019 09:41:51 +0200 Subject: [PATCH 005/112] Doc: Add notes about delegating navigation requests ...by overloading QWebEnginePage::acceptNavigationRequest() Task-number: QTBUG-75185 Change-Id: Ieaf9cacd5dd9259159767edba319191cf93f19ad Reviewed-by: Allan Sandfeld Jensen --- .../doc/src/qtwebkitportingguide.qdoc | 9 +++++++-- .../doc/src/qwebenginepage_lgpl.qdoc | 18 +++++++++++++++--- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/src/webenginewidgets/doc/src/qtwebkitportingguide.qdoc b/src/webenginewidgets/doc/src/qtwebkitportingguide.qdoc index e3fdc4ff106..9e8cc463c2d 100644 --- a/src/webenginewidgets/doc/src/qtwebkitportingguide.qdoc +++ b/src/webenginewidgets/doc/src/qtwebkitportingguide.qdoc @@ -1,6 +1,6 @@ /**************************************************************************** ** -** Copyright (C) 2016 The Qt Company Ltd. +** Copyright (C) 2019 The Qt Company Ltd. ** Contact: https://www.qt.io/licensing/ ** ** This file is part of the documentation of the Qt Toolkit. @@ -266,7 +266,6 @@ page.runJavaScript("document.documentElement.contentEditable = true"); \endcode - \section1 Unavailable Qt WebKit API The Qt \WebKit classes and methods in this list will not be available in \QWE. @@ -310,5 +309,11 @@ engine process them by overloading the QWebEnginePage::acceptNavigationRequest() function. This is necessary when an HTML document is used as part of the user interface, and not to display external data, for example, when displaying a list of results. + + \note \l{QWebEnginePage::}{acceptNavigationRequest()} starts the + loading process and emits the \l{QWebEnginePage::}{loadStarted()} + signal \e before the request is accepted or rejected. Therefore, a + \l{QWebEnginePage::}{loadFinished()} signal that returns \c false + is to be expected even after delegating the request. \endtable */ diff --git a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc index 9aca48ebfc2..274b4673072 100644 --- a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc @@ -1,5 +1,5 @@ /* - Copyright (C) 2015 The Qt Company Ltd. + Copyright (C) 2019 The Qt Company Ltd. Copyright (C) 2008, 2009, 2012 Nokia Corporation and/or its subsidiary(-ies) Copyright (C) 2007 Staikos Computing Services Inc. Copyright (C) 2007 Apple Inc. @@ -381,6 +381,11 @@ used as part of the user interface, and not to display external data, for example, when displaying a list of results. + \note The loading process is started and the loadStarted() signal is emitted + \e before the request is accepted or rejected. Therefore, a loadFinished() + signal that returns \c false is to be expected even after delegating the + request. + The \l{QWebEngineUrlRequestInterceptor} class offers further options for intercepting and manipulating requests. */ @@ -528,7 +533,7 @@ This signal is emitted when a page starts loading content. - \sa loadFinished() + \sa loadFinished(), acceptNavigationRequest() */ /*! @@ -548,7 +553,14 @@ is independent of script execution or page rendering. \a ok will indicate whether the load was successful or any error occurred. - \sa loadStarted() + \note Navigation requests can be delegated to the Qt application instead + of having the HTML handler engine process them by overloading the + acceptNavigationRequest() function. Because the loading process is started + and the loadStarted() signal is emitted \e before the request is accepted + or rejected, a \c loadFinished() signal that returns \c false is to be + expected even after delegating the request. + + \sa loadStarted(), acceptNavigationRequest() */ /*! From fc077552673e25c580592047369acbe47f4be46d Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 3 May 2019 10:45:54 +0200 Subject: [PATCH 006/112] Do not crash on QWebEnginePagePrivate::releaseProfile() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Deregistering the widget or deleting the view should be able to handle a now missing d_ptr in the old page. Change-Id: Ic843f7bde12776b6aad4fad865ccf14a25695154 Fixes: QTBUG-75547 Reviewed-by: Jüri Valdmann --- src/webenginewidgets/api/qwebenginepage.cpp | 14 +++++++++----- .../tst_qwebengineprofile.cpp | 19 +++++++++++++++++++ 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index 54006169e51..c3303401557 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -762,7 +762,8 @@ void QWebEnginePagePrivate::bindPageAndView(QWebEnginePage *page, QWebEngineView if (view && oldPage != page) { if (oldPage) { - oldPage->d_func()->view = nullptr; + if (oldPage->d_func()) + oldPage->d_func()->view = nullptr; deleteOldPage = view->d_func()->m_ownsPage; } view->d_func()->m_ownsPage = ownNewPage; @@ -772,7 +773,7 @@ void QWebEnginePagePrivate::bindPageAndView(QWebEnginePage *page, QWebEngineView // Then notify. auto widget = page ? page->d_func()->widget : nullptr; - auto oldWidget = oldPage ? oldPage->d_func()->widget : nullptr; + auto oldWidget = (oldPage && oldPage->d_func()) ? oldPage->d_func()->widget : nullptr; if (page && oldView != view && oldView) { oldView->d_func()->pageChanged(page, nullptr); @@ -781,7 +782,10 @@ void QWebEnginePagePrivate::bindPageAndView(QWebEnginePage *page, QWebEngineView } if (view && oldPage != page) { - view->d_func()->pageChanged(oldPage, page); + if (oldPage && oldPage->d_func()) + view->d_func()->pageChanged(oldPage, page); + else + view->d_func()->pageChanged(nullptr, page); if (oldWidget != widget) view->d_func()->widgetChanged(oldWidget, widget); } @@ -797,7 +801,7 @@ void QWebEnginePagePrivate::bindPageAndWidget(QWebEnginePage *page, RenderWidget // Change pointers first. if (widget && oldPage != page) { - if (oldPage) + if (oldPage && oldPage->d_func()) oldPage->d_func()->widget = nullptr; widget->m_page = page; } @@ -810,7 +814,7 @@ void QWebEnginePagePrivate::bindPageAndWidget(QWebEnginePage *page, RenderWidget // Then notify. - if (widget && oldPage != page && oldPage) { + if (widget && oldPage != page && oldPage && oldPage->d_func()) { if (auto oldView = oldPage->d_func()->view) oldView->d_func()->widgetChanged(widget, nullptr); } diff --git a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp index e84aacb2708..2a4e2d533d9 100644 --- a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp +++ b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp @@ -60,6 +60,7 @@ private Q_SLOTS: void downloadItem(); void changePersistentPath(); void initiator(); + void badDeleteOrder(); void qtbug_72299(); // this should be the last test }; @@ -589,6 +590,24 @@ void tst_QWebEngineProfile::initiator() QCOMPARE(handler.initiator, QUrl()); } +void tst_QWebEngineProfile::badDeleteOrder() +{ + QWebEngineProfile *profile = new QWebEngineProfile(); + QWebEngineView *view = new QWebEngineView(); + view->resize(640, 480); + view->show(); + QVERIFY(QTest::qWaitForWindowExposed(view)); + QWebEnginePage *page = new QWebEnginePage(profile, view); + view->setPage(page); + + QSignalSpy spyLoadFinished(page, SIGNAL(loadFinished(bool))); + page->setHtml(QStringLiteral("

Badly handled page!

")); + QTRY_COMPARE(spyLoadFinished.count(), 1); + + delete profile; + delete view; +} + void tst_QWebEngineProfile::qtbug_72299() { QWebEngineView view; From cb265ff630fdf9a6a97d83f9b3fb8ccb554f4b99 Mon Sep 17 00:00:00 2001 From: Kai Koehne Date: Mon, 6 May 2019 14:46:08 +0200 Subject: [PATCH 007/112] Skip qtwebengine for -no-gui build (also in the configure system) This amends 26ac59af2306 Fixes: QTBUG-75465 Change-Id: I22df5dc851f80724a44c028310269289548dacc5 Reviewed-by: Joerg Bornemann --- src/core/configure.json | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/configure.json b/src/core/configure.json index 044d855274b..fc23785dfb2 100644 --- a/src/core/configure.json +++ b/src/core/configure.json @@ -5,6 +5,7 @@ "gui-private", "printsupport" ], + "condition": "module.gui", "testDir": "../../config.tests", "commandline": { "options": { From efee223d7ff6e0e30fb9d9dff1536936922d4a03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Mon, 29 Apr 2019 15:51:58 +0200 Subject: [PATCH 008/112] Q(Quick)WebEngineProfile: Update list of internal schemes Disallow installing handler for "about" and everything in kStandardURLSchemes of url/url_util.cc. Except for "gopher" which is used in tests. Suppress warning about custom schemes for "gopher" since it's not a custom scheme. Also lowercase the scheme in urlSchemeHandler() and removeUrlSchemeHandler(). Change-Id: I72b06d4fa6433882019405a0d600a593c8971bf1 Reviewed-by: Allan Sandfeld Jensen --- src/core/profile_adapter.cpp | 41 +++++++++++++++++-- src/core/profile_adapter.h | 2 +- src/webengine/api/qquickwebengineprofile.cpp | 32 +-------------- .../api/qwebengineprofile.cpp | 32 +-------------- .../tst_qwebengineprofile.cpp | 41 +++++++++++++++++++ 5 files changed, 84 insertions(+), 64 deletions(-) diff --git a/src/core/profile_adapter.cpp b/src/core/profile_adapter.cpp index 1b946949a5d..b04fa0d46f6 100644 --- a/src/core/profile_adapter.cpp +++ b/src/core/profile_adapter.cpp @@ -44,6 +44,7 @@ #include "content/public/browser/browsing_data_remover.h" #include "content/public/browser/download_manager.h" +#include "api/qwebengineurlscheme.h" #include "content_client_qt.h" #include "download_manager_delegate_qt.h" #include "net/url_request_context_getter_qt.h" @@ -440,16 +441,50 @@ bool ProfileAdapter::removeCustomUrlSchemeHandler(QWebEngineUrlSchemeHandler *ha QWebEngineUrlSchemeHandler *ProfileAdapter::takeCustomUrlSchemeHandler(const QByteArray &scheme) { - QWebEngineUrlSchemeHandler *handler = m_customUrlSchemeHandlers.take(scheme); + QWebEngineUrlSchemeHandler *handler = m_customUrlSchemeHandlers.take(scheme.toLower()); if (handler) updateCustomUrlSchemeHandlers(); return handler; } -void ProfileAdapter::addCustomUrlSchemeHandler(const QByteArray &scheme, QWebEngineUrlSchemeHandler *handler) +bool ProfileAdapter::addCustomUrlSchemeHandler(const QByteArray &scheme, QWebEngineUrlSchemeHandler *handler) { - m_customUrlSchemeHandlers.insert(scheme, handler); + static const QSet blacklist{ + QByteArrayLiteral("about"), + QByteArrayLiteral("blob"), + QByteArrayLiteral("data"), + QByteArrayLiteral("javascript"), + QByteArrayLiteral("qrc"), + // See also kStandardURLSchemes in url/url_util.cc (through url::IsStandard below) + }; + + static const QSet whitelist{ + QByteArrayLiteral("gopher"), + }; + + const QByteArray canonicalScheme = scheme.toLower(); + bool standardSyntax = url::IsStandard(canonicalScheme.data(), url::Component(0, canonicalScheme.size())); + bool customScheme = QWebEngineUrlScheme::schemeByName(canonicalScheme) != QWebEngineUrlScheme(); + bool blacklisted = blacklist.contains(canonicalScheme) || (standardSyntax && !customScheme); + bool whitelisted = whitelist.contains(canonicalScheme); + + if (blacklisted && !whitelisted) { + qWarning("Cannot install a URL scheme handler overriding internal scheme: %s", scheme.constData()); + return false; + } + + if (m_customUrlSchemeHandlers.value(canonicalScheme, handler) != handler) { + qWarning("URL scheme handler already installed for the scheme: %s", scheme.constData()); + return false; + } + + if (!whitelisted && !customScheme) + qWarning("Please register the custom scheme '%s' via QWebEngineUrlScheme::registerScheme() " + "before installing the custom scheme handler.", scheme.constData()); + + m_customUrlSchemeHandlers.insert(canonicalScheme, handler); updateCustomUrlSchemeHandlers(); + return true; } void ProfileAdapter::clearCustomUrlSchemeHandlers() diff --git a/src/core/profile_adapter.h b/src/core/profile_adapter.h index 7ed5c13f566..e92fb524b36 100644 --- a/src/core/profile_adapter.h +++ b/src/core/profile_adapter.h @@ -179,7 +179,7 @@ class QWEBENGINECORE_PRIVATE_EXPORT ProfileAdapter : public QObject const QHash &customUrlSchemeHandlers() const; const QList customUrlSchemes() const; void clearCustomUrlSchemeHandlers(); - void addCustomUrlSchemeHandler(const QByteArray &, QWebEngineUrlSchemeHandler *); + bool addCustomUrlSchemeHandler(const QByteArray &, QWebEngineUrlSchemeHandler *); bool removeCustomUrlSchemeHandler(QWebEngineUrlSchemeHandler *); QWebEngineUrlSchemeHandler *takeCustomUrlSchemeHandler(const QByteArray &); UserResourceControllerHost *userResourceController(); diff --git a/src/webengine/api/qquickwebengineprofile.cpp b/src/webengine/api/qquickwebengineprofile.cpp index 73577a04ccc..f77f376aa35 100644 --- a/src/webengine/api/qquickwebengineprofile.cpp +++ b/src/webengine/api/qquickwebengineprofile.cpp @@ -847,20 +847,7 @@ void QQuickWebEngineProfile::setRequestInterceptor(QWebEngineUrlRequestIntercept const QWebEngineUrlSchemeHandler *QQuickWebEngineProfile::urlSchemeHandler(const QByteArray &scheme) const { const Q_D(QQuickWebEngineProfile); - if (d->profileAdapter()->customUrlSchemeHandlers().contains(scheme)) - return d->profileAdapter()->customUrlSchemeHandlers().value(scheme); - return 0; -} - -static bool checkInternalScheme(const QByteArray &scheme) -{ - static QSet internalSchemes; - if (internalSchemes.isEmpty()) { - internalSchemes << QByteArrayLiteral("qrc") << QByteArrayLiteral("data") << QByteArrayLiteral("blob") - << QByteArrayLiteral("http") << QByteArrayLiteral("https") << QByteArrayLiteral("ftp") - << QByteArrayLiteral("javascript"); - } - return internalSchemes.contains(scheme); + return d->profileAdapter()->customUrlSchemeHandlers().value(scheme.toLower()); } /*! @@ -873,23 +860,8 @@ void QQuickWebEngineProfile::installUrlSchemeHandler(const QByteArray &scheme, Q { Q_D(QQuickWebEngineProfile); Q_ASSERT(handler); - QByteArray canonicalScheme = scheme.toLower(); - if (checkInternalScheme(canonicalScheme)) { - qWarning("Cannot install a URL scheme handler overriding internal scheme: %s", scheme.constData()); - return; - } - - if (d->profileAdapter()->customUrlSchemeHandlers().contains(canonicalScheme)) { - if (d->profileAdapter()->customUrlSchemeHandlers().value(canonicalScheme) != handler) - qWarning("URL scheme handler already installed for the scheme: %s", scheme.constData()); + if (!d->profileAdapter()->addCustomUrlSchemeHandler(scheme, handler)) return; - } - - if (QWebEngineUrlScheme::schemeByName(canonicalScheme) == QWebEngineUrlScheme()) - qWarning("Please register the custom scheme '%s' via QWebEngineUrlScheme::registerScheme() " - "before installing the custom scheme handler.", scheme.constData()); - - d->profileAdapter()->addCustomUrlSchemeHandler(canonicalScheme, handler); connect(handler, SIGNAL(_q_destroyedUrlSchemeHandler(QWebEngineUrlSchemeHandler*)), this, SLOT(destroyedUrlSchemeHandler(QWebEngineUrlSchemeHandler*))); } diff --git a/src/webenginewidgets/api/qwebengineprofile.cpp b/src/webenginewidgets/api/qwebengineprofile.cpp index 929c2aaa1a8..c8aafa0e8c0 100644 --- a/src/webenginewidgets/api/qwebengineprofile.cpp +++ b/src/webenginewidgets/api/qwebengineprofile.cpp @@ -688,20 +688,7 @@ QWebEngineSettings *QWebEngineProfile::settings() const const QWebEngineUrlSchemeHandler *QWebEngineProfile::urlSchemeHandler(const QByteArray &scheme) const { const Q_D(QWebEngineProfile); - if (d->profileAdapter()->customUrlSchemeHandlers().contains(scheme)) - return d->profileAdapter()->customUrlSchemeHandlers().value(scheme); - return 0; -} - -static bool checkInternalScheme(const QByteArray &scheme) -{ - static QSet internalSchemes; - if (internalSchemes.isEmpty()) { - internalSchemes << QByteArrayLiteral("qrc") << QByteArrayLiteral("data") << QByteArrayLiteral("blob") - << QByteArrayLiteral("http") << QByteArrayLiteral("https") << QByteArrayLiteral("ftp") - << QByteArrayLiteral("javascript"); - } - return internalSchemes.contains(scheme); + return d->profileAdapter()->customUrlSchemeHandlers().value(scheme.toLower()); } /*! @@ -716,23 +703,8 @@ void QWebEngineProfile::installUrlSchemeHandler(const QByteArray &scheme, QWebEn { Q_D(QWebEngineProfile); Q_ASSERT(handler); - QByteArray canonicalScheme = scheme.toLower(); - if (checkInternalScheme(canonicalScheme)) { - qWarning("Cannot install a URL scheme handler overriding internal scheme: %s", scheme.constData()); - return; - } - - if (d->profileAdapter()->customUrlSchemeHandlers().contains(canonicalScheme)) { - if (d->profileAdapter()->customUrlSchemeHandlers().value(canonicalScheme) != handler) - qWarning("URL scheme handler already installed for the scheme: %s", scheme.constData()); + if (!d->profileAdapter()->addCustomUrlSchemeHandler(scheme, handler)) return; - } - - if (QWebEngineUrlScheme::schemeByName(canonicalScheme) == QWebEngineUrlScheme()) - qWarning("Please register the custom scheme '%s' via QWebEngineUrlScheme::registerScheme() " - "before installing the custom scheme handler.", scheme.constData()); - - d->profileAdapter()->addCustomUrlSchemeHandler(canonicalScheme, handler); connect(handler, SIGNAL(_q_destroyedUrlSchemeHandler(QWebEngineUrlSchemeHandler*)), this, SLOT(destroyedUrlSchemeHandler(QWebEngineUrlSchemeHandler*))); } diff --git a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp index 2a4e2d533d9..3fc8fb45a28 100644 --- a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp +++ b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp @@ -55,6 +55,7 @@ private Q_SLOTS: void urlSchemeHandlerFailRequest(); void urlSchemeHandlerFailOnRead(); void urlSchemeHandlerStreaming(); + void urlSchemeHandlerInstallation(); void customUserAgent(); void httpAcceptLanguage(); void downloadItem(); @@ -466,6 +467,46 @@ void tst_QWebEngineProfile::urlSchemeHandlerStreaming() QCOMPARE(toPlainTextSync(view.page()), QString::fromLatin1(result)); } +void tst_QWebEngineProfile::urlSchemeHandlerInstallation() +{ + FailingUrlSchemeHandler handler; + QWebEngineProfile profile; + + // Builtin schemes that *cannot* be overridden. + for (auto scheme : { "about", "blob", "data", "javascript", "qrc", "https", "http", "file", + "ftp", "wss", "ws", "filesystem", "FileSystem" }) { + QTest::ignoreMessage( + QtWarningMsg, + QRegularExpression("Cannot install a URL scheme handler overriding internal scheme.*")); + profile.installUrlSchemeHandler(scheme, &handler); + QCOMPARE(profile.urlSchemeHandler(scheme), nullptr); + } + + // Builtin schemes that *can* be overridden. + for (auto scheme : { "gopher", "GOPHER" }) { + profile.installUrlSchemeHandler(scheme, &handler); + QCOMPARE(profile.urlSchemeHandler(scheme), &handler); + profile.removeUrlScheme(scheme); + } + + // Other schemes should be registered with QWebEngineUrlScheme first, but + // handler installation still succeeds to preserve backwards compatibility. + QTest::ignoreMessage( + QtWarningMsg, + QRegularExpression("Please register the custom scheme.*")); + profile.installUrlSchemeHandler("tst", &handler); + QCOMPARE(profile.urlSchemeHandler("tst"), &handler); + + // Existing handler cannot be overridden. + FailingUrlSchemeHandler handler2; + QTest::ignoreMessage( + QtWarningMsg, + QRegularExpression("URL scheme handler already installed.*")); + profile.installUrlSchemeHandler("tst", &handler2); + QCOMPARE(profile.urlSchemeHandler("tst"), &handler); + profile.removeUrlScheme("tst"); +} + void tst_QWebEngineProfile::customUserAgent() { QString defaultUserAgent = QWebEngineProfile::defaultProfile()->httpUserAgent(); From a11bb985ab531fe570e6fb3d13c6e76a547b8178 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Wed, 8 May 2019 10:40:05 +0200 Subject: [PATCH 009/112] Update docs and test for runJavaScript Fixes: QTBUG-69567 Change-Id: Icdf5a200f7be1eb7a98cce62848e3a641c49e804 Reviewed-by: Allan Sandfeld Jensen Reviewed-by: Leena Miettinen --- src/webengine/doc/src/webengineview_lgpl.qdoc | 5 +++++ .../doc/src/qwebenginepage_lgpl.qdoc | 5 +++++ .../widgets/qwebenginepage/tst_qwebenginepage.cpp | 12 ++++++++++++ 3 files changed, 22 insertions(+) diff --git a/src/webengine/doc/src/webengineview_lgpl.qdoc b/src/webengine/doc/src/webengineview_lgpl.qdoc index 23d3049fd5f..090fb084e8d 100644 --- a/src/webengine/doc/src/webengineview_lgpl.qdoc +++ b/src/webengine/doc/src/webengineview_lgpl.qdoc @@ -395,6 +395,11 @@ runJavaScript("document.title", function(result) { console.log(result); }); \endcode + Only "plain data" can be returned from JavaScript as the result value. + Supported data types include all of the JSON data types as well as, for + example, \c{Date} and \c{ArrayBuffer}. Unsupported data types include, for + example, \c{Function} and \c{Promise}. + The script will run in the same \e world as other scripts that are part of the loaded site. diff --git a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc index 274b4673072..75b6c4f54e8 100644 --- a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc @@ -770,6 +770,11 @@ page.runJavaScript("document.title", [](const QVariant &v) { qDebug() << v.toString(); }); \endcode + Only "plain data" can be returned from JavaScript as the result value. + Supported data types include all of the JSON data types as well as, for + example, \c{Date} and \c{ArrayBuffer}. Unsupported data types include, for + example, \c{Function} and \c{Promise}. + \warning Do not execute lengthy routines in the callback function, because it might block the rendering of the web engine page. diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp index 8c3b4002c17..098bae9deea 100644 --- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp +++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp @@ -2806,6 +2806,18 @@ void tst_QWebEnginePage::runJavaScript() JavaScriptCallbackUndefined callbackUndefined; page.runJavaScript("undefined", QWebEngineCallback(callbackUndefined)); + JavaScriptCallback callbackDate(QVariant(42.0)); + page.runJavaScript("new Date(42000)", QWebEngineCallback(callbackDate)); + + JavaScriptCallback callbackBlob(QVariant(QByteArray(8, 0))); + page.runJavaScript("new ArrayBuffer(8)", QWebEngineCallback(callbackBlob)); + + JavaScriptCallbackUndefined callbackFunction; + page.runJavaScript("(function(){})", QWebEngineCallback(callbackFunction)); + + JavaScriptCallback callbackPromise(QVariant(QVariantMap{})); + page.runJavaScript("new Promise(function(){})", QWebEngineCallback(callbackPromise)); + QVERIFY(watcher.wait()); } From 0dc8401a0be3166cf9e3c229752d608e0757e20b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Thu, 9 May 2019 13:10:24 +0200 Subject: [PATCH 010/112] Update Chromium This pulls in the following changes: * 8d400b02 Fix crashes due to pa_context_get_server_info * b439cd9e Link with -latomic on mipsel * 4c061bfd Fix building GN with VS 2019 Change-Id: I26bef10d1ad051d29dd4a809d8c089a157d93ea9 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 5bbb0fff1e6..8d400b02159 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 5bbb0fff1e645bb29cd740767cda698e4e6d23e7 +Subproject commit 8d400b021591c0b619269317e239d8a750ace140 From e0f5df4c4a83a2dbe44a5ee42bb3b8e6ab0d851e Mon Sep 17 00:00:00 2001 From: Leena Miettinen Date: Wed, 15 May 2019 13:15:27 +0200 Subject: [PATCH 011/112] Doc: Add \a commands for WebEngineView signal and method arguments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To suppress QDoc warnings in the doc snapshot server: http://doc-snapshots.qt.io/qt5-5.13/qdoc-warnings.log Change-Id: I75a54cb584251877e329c22c380ec4ae5f95f2fb Reviewed-by: Jüri Valdmann --- src/webengine/doc/src/webengineview_lgpl.qdoc | 53 ++++++++++--------- 1 file changed, 28 insertions(+), 25 deletions(-) diff --git a/src/webengine/doc/src/webengineview_lgpl.qdoc b/src/webengine/doc/src/webengineview_lgpl.qdoc index 090fb084e8d..b294e1c4cb6 100644 --- a/src/webengine/doc/src/webengineview_lgpl.qdoc +++ b/src/webengine/doc/src/webengineview_lgpl.qdoc @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015 The Qt Company Ltd. + * Copyright (C) 2019 The Qt Company Ltd. * Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies) * Copyright (c) 2012 Hewlett-Packard Development Company, L.P. * @@ -491,7 +491,8 @@ a web engine view can be used to create a UI element that should not get focus. This can be useful in a hybrid UI. - \sa activeFocusOnPressChanged, WebEngineSettings::focusOnNavigationEnabled + \sa activeFocusOnPress, activeFocusOnPressChanged, + WebEngineSettings::focusOnNavigationEnabled */ /*! @@ -529,7 +530,8 @@ \qmlsignal WebEngineView::certificateError(WebEngineCertificateError error) \since QtWebEngine 1.1 - This signal is emitted when an invalid certificate error is raised while loading a given request. + This signal is emitted when an invalid certificate error, \a error, is + raised while loading a given request. The certificate error can be handled by using the methods of the WebEngineCertificateError type. @@ -565,7 +567,7 @@ \qmlsignal WebEngineView::newViewRequested(WebEngineNewViewRequest request) \since QtWebEngine 1.1 - This signal is emitted when a page load is requested to happen in a separate + This signal is emitted when \a request is issued to load a page in a separate web engine view. This can either be because the current page requested it explicitly through a JavaScript call to \c window.open, or because the user clicked on a link while holding Shift, Ctrl, or a built-in combination that triggers the page to open @@ -584,8 +586,8 @@ \qmlsignal WebEngineView::fullScreenRequested(FullScreenRequest request) \since QtWebEngine 1.1 - This signal is emitted when the web page requests fullscreen mode through the - JavaScript API. + This signal is emitted when the web page issues the \a request for + fullscreen mode through the JavaScript API. \sa isFullScreen */ @@ -594,10 +596,10 @@ \qmlsignal WebEngineView::activeFocusOnPressChanged(bool activeFocusOnPress) \since QtWebEngine 1.2 - This signal is emitted when the ability of the web engine view to get focus when clicked - changes. + This signal is emitted when the value of \a activeFocusOnPress changes. + It specifies whether the view should gain active focus when pressed. - \sa setActiveFocusOnPress() + \sa activeFocusOnPress, setActiveFocusOnPress() */ /*! @@ -1112,7 +1114,8 @@ \qmlsignal WebEngineView::audioMutedChanged(bool muted) \since QtWebEngine 1.3 - This signal is emitted when the page's audio is (un)muted using audioMuted property. + This signal is emitted when the value of \a muted changes. The value is + specified using the \l audioMuted property. \note Not to be confused with a specific HTML5 audio / video element being muted. \sa audioMuted, recentlyAudibleChanged @@ -1130,10 +1133,10 @@ \qmlsignal WebEngineView::recentlyAudibleChanged(bool recentlyAudible) \since QtWebEngine 1.3 - This signal is emitted when the page's audible state is changed, due to audio - being played or stopped. + This signal is emitted when the page's audible state, specified by + \a recentlyAudible, is changed, due to audio being played or stopped. - \note The signal is also emitted when the audioMuted property changes. + \note The signal is also emitted when the \l audioMuted property changes. Also if the audio is paused, this signal is emitted with an approximate \b{two-second delay}, from the moment the audio is paused. @@ -1179,7 +1182,7 @@ PDF and returns immediately. To be informed about the result of the request, connect to the signal pdfPrintingFinished(). - If you leave out \a pageSizeID, it defaults to \c A4. If you leave out + If you leave out \a pageSizeId, it defaults to \c A4. If you leave out \a orientation, it defaults to \c Portrait. \sa pdfPrintingFinished() @@ -1195,7 +1198,7 @@ The \a resultCallback must take a string parameter. This string will contain the document's data upon successful printing and an empty string otherwise. - If you leave out \a pageSizeID, it defaults to \c A4. If you leave out + If you leave out \a pageSizeId, it defaults to \c A4. If you leave out \a orientation, it defaults to \c Portrait. */ @@ -1210,8 +1213,8 @@ \qmlsignal WebEngineView::wasRecentlyAudibleChanged(bool wasRecentlyAudible) \since QtWebEngine 1.3 - This signal is emitted when the page's audible state is changed, due to audio - being played or stopped. + This signal is emitted when the page's audible state, specified by + \a wasRecentlyAudible, is changed, due to audio being played or stopped. \note The signal is also emitted when calling the setAudioMuted method. Also if the audio is paused, this signal is emitted with an approximate \b{2 second @@ -1224,7 +1227,7 @@ This signal is emitted when an authentication dialog is requested. - The request can be handled by using the methods of the AuthenticationDialogRequest + The \a request can be handled by using the methods of the AuthenticationDialogRequest type. \note Signal handlers need to call \c{request.accepted = true} to prevent a @@ -1239,7 +1242,7 @@ This signal is emitted when a JavaScript dialog is requested. - The request can be handled by using the methods of the JavaScriptDialogRequest + The \a request can be handled by using the methods of the JavaScriptDialogRequest type. \note Signal handlers need to call \c{request.accepted = true} to prevent a @@ -1254,7 +1257,7 @@ This signal is emitted when a color picker dialog is requested. - The request can be handled by using the methods of the ColorDialogRequest + The \a request can be handled by using the methods of the ColorDialogRequest type. \note Signal handlers need to call \c{request.accepted = true} to prevent a @@ -1268,7 +1271,7 @@ This signal is emitted when a file picker dialog is requested. - The request error can be handled by using the methods of the FileDialogRequest + The \a request can be handled by using the methods of the FileDialogRequest type. \note Signal handlers need to call \c{request.accepted = true} to prevent a @@ -1290,7 +1293,7 @@ This signal is emitted when a context menu is requested. - The request can be handled by using the properties of the ContextMenuRequest + The \a request can be handled by using the properties of the ContextMenuRequest type. \note Signal handlers need to call \c{request.accepted = true} to prevent a @@ -1305,7 +1308,7 @@ \qmlsignal WebEngineView::quotaRequested(QuotaRequest request) \since QtWebEngine 1.7 - This signal is emitted when the web page requests larger persistent storage + This signal is emitted when the web page issues a \a request for a larger persistent storage than the application's current allocation in File System API. The default quota is 0 bytes. @@ -1364,7 +1367,7 @@ \since QtWebEngine 1.7 This signal is emitted when the web page tries to register a custom protocol - using the \l registerProtocolHandler API. + by issuing a \l registerProtocolHandler \a request. \sa RegisterProtocolHandlerRequest */ @@ -1460,7 +1463,7 @@ \qmlmethod WebEngineAction WebEngineView::action(WebAction action) \since 5.12 - Returns a \l WebEngineAction for the specified \l WebAction action. + Returns a \l WebEngineAction for the specified \l WebAction \a action. WebEngineView also takes care of implementing the action, so that upon triggering the corresponding action is performed on the view. From 1a8e93c95de92f6a00bdf3768c5315dd032513c0 Mon Sep 17 00:00:00 2001 From: Leander Beernaert Date: Mon, 20 May 2019 11:05:51 +0200 Subject: [PATCH 012/112] Referrer HTTP Header no longer ignored when set via RequestInterceptor Make sure the HTTP referer is properly placed on a request when it's set via the QWebEngineUrlRequestInterceptor. Added test case to catch future incidents. Fixes: QTBUG-60203 Change-Id: Ida2f713a7352c3199fc9f8e15b5d8350d50afdda Reviewed-by: Allan Sandfeld Jensen --- src/core/net/network_delegate_qt.cpp | 13 ++++-- .../qwebengineurlrequestinterceptor.pro | 1 + .../tst_qwebengineurlrequestinterceptor.cpp | 43 +++++++++++++++++++ 3 files changed, 54 insertions(+), 3 deletions(-) diff --git a/src/core/net/network_delegate_qt.cpp b/src/core/net/network_delegate_qt.cpp index 1441ec336ed..f6202cf1be3 100644 --- a/src/core/net/network_delegate_qt.cpp +++ b/src/core/net/network_delegate_qt.cpp @@ -252,15 +252,22 @@ int NetworkDelegateQt::OnBeforeURLRequest(net::URLRequest *request, net::Complet if (!infoPrivate->extraHeaders.isEmpty()) { auto end = infoPrivate->extraHeaders.constEnd(); - for (auto header = infoPrivate->extraHeaders.constBegin(); header != end; ++header) - request->SetExtraRequestHeaderByName(header.key().toStdString(), header.value().toStdString(), /* overwrite */ true); + for (auto header = infoPrivate->extraHeaders.constBegin(); header != end; ++header) { + std::string h = header.key().toStdString(); + if (base::LowerCaseEqualsASCII(h, "referer")) { + request->SetReferrer(header.value().toStdString()); + } else { + request->SetExtraRequestHeaderByName(h, header.value().toStdString(), /* overwrite */ true); + } + } } if (result != net::OK) return result; } - } else + } else { m_profileIOData->releaseInterceptor(); + } if (!resourceInfo) return net::OK; diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/qwebengineurlrequestinterceptor.pro b/tests/auto/core/qwebengineurlrequestinterceptor/qwebengineurlrequestinterceptor.pro index e99c7f4938c..9c239f1a7cd 100644 --- a/tests/auto/core/qwebengineurlrequestinterceptor/qwebengineurlrequestinterceptor.pro +++ b/tests/auto/core/qwebengineurlrequestinterceptor/qwebengineurlrequestinterceptor.pro @@ -1 +1,2 @@ include(../tests.pri) +include(../../shared/http.pri) diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp index 23bf88417c3..653a1e421b8 100644 --- a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp +++ b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp @@ -34,6 +34,9 @@ #include #include +#include +#include + class tst_QWebEngineUrlRequestInterceptor : public QObject { Q_OBJECT @@ -59,6 +62,7 @@ private Q_SLOTS: void requestInterceptorByResourceType_data(); void requestInterceptorByResourceType(); void firstPartyUrlHttp(); + void passRefererHeader(); }; tst_QWebEngineUrlRequestInterceptor::tst_QWebEngineUrlRequestInterceptor() @@ -97,6 +101,9 @@ struct RequestInfo { int resourceType; }; +static const QByteArray kHttpHeaderReferrerValue = QByteArrayLiteral("http://somereferrer.com/"); +static const QByteArray kHttpHeaderRefererName = QByteArrayLiteral("referer"); + class TestRequestInterceptor : public QWebEngineUrlRequestInterceptor { public: @@ -112,6 +119,9 @@ class TestRequestInterceptor : public QWebEngineUrlRequestInterceptor if (shouldIntercept && info.requestUrl().toString().endsWith(QLatin1String("__placeholder__"))) info.redirect(QUrl("qrc:///resources/content.html")); + // Set referrer header + info.setHttpHeader(kHttpHeaderRefererName, kHttpHeaderReferrerValue); + requestInfos.append(info); } @@ -487,5 +497,38 @@ void tst_QWebEngineUrlRequestInterceptor::firstPartyUrlHttp() QCOMPARE(info.firstPartyUrl, firstPartyUrl); } +void tst_QWebEngineUrlRequestInterceptor::passRefererHeader() +{ + // Create HTTP Server to parse the request. + HttpServer httpServer; + + if (!httpServer.start()) + QSKIP("Failed to start http server"); + + bool succeeded = false; + connect(&httpServer, &HttpServer::newRequest, [&succeeded](HttpReqRep *rr) { + const QByteArray headerValue = rr->requestHeader(kHttpHeaderRefererName); + QCOMPARE(headerValue, kHttpHeaderReferrerValue); + succeeded = headerValue == kHttpHeaderReferrerValue; + rr->setResponseStatus(200); + rr->sendResponse(); + }); + + QWebEngineProfile profile; + TestRequestInterceptor interceptor(true); + profile.setRequestInterceptor(&interceptor); + + QWebEnginePage page(&profile); + QSignalSpy spy(&page, SIGNAL(loadFinished(bool))); + QWebEngineHttpRequest httpRequest; + QUrl requestUrl = httpServer.url(); + httpRequest.setUrl(requestUrl); + page.load(httpRequest); + + QVERIFY(spy.wait()); + (void) httpServer.stop(); + QVERIFY(succeeded); +} + QTEST_MAIN(tst_QWebEngineUrlRequestInterceptor) #include "tst_qwebengineurlrequestinterceptor.moc" From d9643a016abc743db1dd879e7622cd27f88ff392 Mon Sep 17 00:00:00 2001 From: Joerg Bornemann Date: Mon, 13 May 2019 11:04:42 +0200 Subject: [PATCH 013/112] Fix detection of the webengine-arm-thumb feature Configure tests must run in a clean environment. That's why functions that are defined below the mkspecs directory are discarded during the configure run. As a result, extractCFlag could not be found when running qtConftest_hasThumbFlag. This patch moves extractCFlag to src/core/config/functions.pri. Also, extractCFlag gets a qtwebengine_ prefix to avoid collisions with functions defined in other modules. The alias extractCFlag in functions.prf lets us use the old function within QtWebEngine itself. Fixes: QTBUG-75748 Change-Id: I6be613fbc569d5f7b3c145ef44b9a7be8e2ecb9d Reviewed-by: Kai Koehne --- configure.pri | 8 +++++--- mkspecs/features/functions.prf | 9 --------- src/core/config/functions.pri | 8 ++++++++ src/core/config/linux.pri | 6 ++++++ 4 files changed, 19 insertions(+), 12 deletions(-) create mode 100644 src/core/config/functions.pri diff --git a/configure.pri b/configure.pri index 26c57ce61fb..897bea54098 100644 --- a/configure.pri +++ b/configure.pri @@ -1,3 +1,5 @@ +include(src/core/config/functions.pri) + # this must be done outside any function QTWEBENGINE_SOURCE_TREE = $$PWD @@ -297,12 +299,12 @@ defineTest(qtConfTest_isWindowsHostCompiler64) { # Fixme QTBUG-71772 defineTest(qtConfTest_hasThumbFlag) { - FLAG = $$extractCFlag("-mthumb") + FLAG = $$qtwebengine_extractCFlag("-mthumb") !isEmpty(FLAG): return(true) - FLAG = $$extractCFlag("-marm") + FLAG = $$qtwebengine_extractCFlag("-marm") !isEmpty(FLAG): return(false) - MARCH = $$extractCFlag("-march=.*") + MARCH = $$qtwebengine_extractCFlag("-march=.*") MARMV = $$replace(MARCH, "armv",) !isEmpty(MARMV) { MARMV = $$split(MARMV,) diff --git a/mkspecs/features/functions.prf b/mkspecs/features/functions.prf index f6aeea21a79..9efa8958f9c 100644 --- a/mkspecs/features/functions.prf +++ b/mkspecs/features/functions.prf @@ -10,15 +10,6 @@ defineReplace(getChromiumSrcDir) { return($$git_chromium_src_dir) } -defineReplace(extractCFlag) { - CFLAGS = $$QMAKE_CC $$QMAKE_CFLAGS - OPTION = $$find(CFLAGS, $$1) - OPTION = $$split(OPTION, =) - PARAM = $$member(OPTION, 1) - !isEmpty(PARAM): return ($$PARAM) - return ($$OPTION) -} - defineReplace(which) { out = $$1 win32 { diff --git a/src/core/config/functions.pri b/src/core/config/functions.pri new file mode 100644 index 00000000000..8c11faa16ad --- /dev/null +++ b/src/core/config/functions.pri @@ -0,0 +1,8 @@ +defineReplace(qtwebengine_extractCFlag) { + CFLAGS = $$QMAKE_CC $$QMAKE_CFLAGS + OPTION = $$find(CFLAGS, $$1) + OPTION = $$split(OPTION, =) + PARAM = $$member(OPTION, 1) + !isEmpty(PARAM): return ($$PARAM) + return ($$OPTION) +} diff --git a/src/core/config/linux.pri b/src/core/config/linux.pri index 9fc8c6e821a..e75764239fc 100644 --- a/src/core/config/linux.pri +++ b/src/core/config/linux.pri @@ -1,4 +1,10 @@ include(common.pri) +include(functions.pri) + +defineReplace(extractCFlag) { + return($$qtwebengine_extractCFlag($$1)) +} + QT_FOR_CONFIG += gui-private webenginecore-private gn_args += \ From e02bcb0855ebee0612cab0f3cd3f9fd494497336 Mon Sep 17 00:00:00 2001 From: Tamas Zakor Date: Fri, 3 May 2019 15:53:25 +0200 Subject: [PATCH 014/112] Add path validation for QWebEngineDownloadItem::setPath() Do not set path if it ends with separator or if it matches with an already existing directory name. Task-number: QTBUG-75566 Change-Id: I4b78b28afe034c7589633c569a4945a36b32008e Reviewed-by: Allan Sandfeld Jensen --- .../api/qquickwebenginedownloaditem.cpp | 12 ++ .../api/qwebenginedownloaditem.cpp | 11 ++ .../tst_qwebenginedownloaditem.cpp | 123 ++++++++++++++++++ 3 files changed, 146 insertions(+) diff --git a/src/webengine/api/qquickwebenginedownloaditem.cpp b/src/webengine/api/qquickwebenginedownloaditem.cpp index cdb95fa53e6..7d51ed21d4f 100644 --- a/src/webengine/api/qquickwebenginedownloaditem.cpp +++ b/src/webengine/api/qquickwebenginedownloaditem.cpp @@ -43,6 +43,8 @@ #include "profile_adapter.h" #include "qquickwebengineprofile_p.h" +#include "QFileInfo" + using QtWebEngineCore::ProfileAdapterClient; QT_BEGIN_NAMESPACE @@ -427,6 +429,16 @@ void QQuickWebEngineDownloadItem::setPath(QString path) return; } if (d->downloadPath != path) { + if (QFileInfo(path).fileName().isEmpty()) { + qWarning("The download path does not include file name."); + return; + } + + if (QFileInfo(path).isDir()) { + qWarning("The download path matches with an already existing directory path."); + return; + } + d->downloadPath = path; Q_EMIT pathChanged(); } diff --git a/src/webenginewidgets/api/qwebenginedownloaditem.cpp b/src/webenginewidgets/api/qwebenginedownloaditem.cpp index 4575f292943..05c6956eabc 100644 --- a/src/webenginewidgets/api/qwebenginedownloaditem.cpp +++ b/src/webenginewidgets/api/qwebenginedownloaditem.cpp @@ -43,6 +43,7 @@ #include "profile_adapter.h" #include "qwebengineprofile_p.h" +#include "QFileInfo" QT_BEGIN_NAMESPACE @@ -534,6 +535,16 @@ void QWebEngineDownloadItem::setPath(QString path) return; } + if (QFileInfo(path).fileName().isEmpty()) { + qWarning("The download path does not include file name."); + return; + } + + if (QFileInfo(path).isDir()) { + qWarning("The download path matches with an already existing directory path."); + return; + } + d->downloadPath = path; } diff --git a/tests/auto/widgets/qwebenginedownloaditem/tst_qwebenginedownloaditem.cpp b/tests/auto/widgets/qwebenginedownloaditem/tst_qwebenginedownloaditem.cpp index b30fc7258a1..9732de85c04 100644 --- a/tests/auto/widgets/qwebenginedownloaditem/tst_qwebenginedownloaditem.cpp +++ b/tests/auto/widgets/qwebenginedownloaditem/tst_qwebenginedownloaditem.cpp @@ -70,6 +70,7 @@ private Q_SLOTS: void downloadFileNot2(); void downloadDeleted(); void downloadDeletedByProfile(); + void downloadPathValidation(); private: void saveLink(QPoint linkPos); @@ -844,5 +845,127 @@ void tst_QWebEngineDownloadItem::downloadDeletedByProfile() QTRY_COMPARE(downloadItem.isNull(), true); } +void tst_QWebEngineDownloadItem::downloadPathValidation() +{ + const QString fileName = "test.txt"; + QString downloadPath; + QString originalDownloadPath; + + QTemporaryDir tmpDir; + QVERIFY(tmpDir.isValid()); + + // Set up HTTP server + ScopedConnection sc1 = connect(m_server, &HttpServer::newRequest, [&](HttpReqRep *rr) { + if (rr->requestMethod() == "GET" && rr->requestPath() == ("/" + fileName)) { + rr->setResponseHeader(QByteArrayLiteral("content-type"), QByteArrayLiteral("application/octet-stream")); + rr->setResponseHeader(QByteArrayLiteral("content-disposition"), QByteArrayLiteral("attachment")); + rr->setResponseBody(QByteArrayLiteral("a")); + rr->sendResponse(); + } else { + rr->setResponseStatus(404); + rr->sendResponse(); + } + }); + + // Set up profile and download handler + QPointer downloadItem; + ScopedConnection sc2 = connect(m_profile, &QWebEngineProfile::downloadRequested, [&](QWebEngineDownloadItem *item) { + downloadItem = item; + originalDownloadPath = item->path(); + + item->setPath(downloadPath); + // TODO: Do not cancel download from 5.13. This is for not messing up system download path. + // Use m_profile->setDownloadPath(tmpDir.path()) at initialization. + if (item->path() != downloadPath) + item->cancel(); + else + item->accept(); + + connect(item, &QWebEngineDownloadItem::stateChanged, [&, item](QWebEngineDownloadItem::DownloadState downloadState) { + if (downloadState == QWebEngineDownloadItem::DownloadInterrupted) { + item->cancel(); + } + }); + + connect(item, &QWebEngineDownloadItem::finished, [&, item]() { + QCOMPARE(item->isFinished(), true); + QCOMPARE(item->totalBytes(), item->receivedBytes()); + QVERIFY(item->receivedBytes() > 0); + QCOMPARE(item->page(), m_page); + }); + }); + + QString oldPath = QDir::currentPath(); + QDir::setCurrent(tmpDir.path()); + + // Set only the file name. + downloadItem.clear(); + originalDownloadPath = ""; + downloadPath = fileName; + m_page->setUrl(m_server->url("https://github.com/%22%20+%20fileName)); + QTRY_VERIFY(downloadItem); + QTRY_COMPARE(downloadItem->state(), QWebEngineDownloadItem::DownloadCompleted); + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::NoReason); + QCOMPARE(downloadItem->path(), fileName); + + // Set only the directory path. + downloadItem.clear(); + originalDownloadPath = ""; + downloadPath = tmpDir.path(); + m_page->setUrl(m_server->url("https://github.com/%22%20+%20fileName)); + QTRY_VERIFY(downloadItem); + QTRY_COMPARE(downloadItem->state(), QWebEngineDownloadItem::DownloadCancelled); + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::UserCanceled); + QCOMPARE(downloadItem->path(), originalDownloadPath); + + // Set only the directory path with separator. + downloadItem.clear(); + originalDownloadPath = ""; + downloadPath = tmpDir.path() + QDir::separator(); + m_page->setUrl(m_server->url("https://github.com/%22%20+%20fileName)); + QTRY_VERIFY(downloadItem); + QTRY_COMPARE(downloadItem->state(), QWebEngineDownloadItem::DownloadCancelled); + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::UserCanceled); + QCOMPARE(downloadItem->path(), originalDownloadPath); + + // Set only the directory with the current directory path without ending separator. + downloadItem.clear(); + originalDownloadPath = ""; + downloadPath = "."; + m_page->setUrl(m_server->url("https://github.com/%22%20+%20fileName)); + QTRY_VERIFY(downloadItem); + QTRY_COMPARE(downloadItem->state(), QWebEngineDownloadItem::DownloadCancelled); + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::UserCanceled); + QCOMPARE(downloadItem->path(), originalDownloadPath); + + // Set only the directory with the current directory path with ending separator. + downloadItem.clear(); + originalDownloadPath = ""; + downloadPath = "./"; + m_page->setUrl(m_server->url("https://github.com/%22%20+%20fileName)); + QTRY_VERIFY(downloadItem); + QTRY_COMPARE(downloadItem->state(), QWebEngineDownloadItem::DownloadCancelled); + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::UserCanceled); + QCOMPARE(downloadItem->path(), originalDownloadPath); + + + + downloadItem.clear(); + originalDownloadPath = ""; + downloadPath = "..."; + m_page->setUrl(m_server->url("https://github.com/%22%20+%20fileName)); + QTRY_VERIFY(downloadItem); + QTRY_COMPARE(downloadItem->state(), QWebEngineDownloadItem::DownloadCancelled); +#if !defined(Q_OS_WIN) + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::FileFailed); + QCOMPARE(downloadItem->path(), downloadPath); +#else + // Windows interprets the "..." path as a valid path. It will be the current path. + QCOMPARE(downloadItem->interruptReason(), QWebEngineDownloadItem::UserCanceled); + QCOMPARE(downloadItem->path(), originalDownloadPath); +#endif // !defined(Q_OS_WIN) + QDir::setCurrent(oldPath); +} + QTEST_MAIN(tst_QWebEngineDownloadItem) #include "tst_qwebenginedownloaditem.moc" From 34c00625d02db6167ae13f56e4b5bc0e94b602c9 Mon Sep 17 00:00:00 2001 From: Frederik Gladhorn Date: Thu, 23 May 2019 11:18:20 +0200 Subject: [PATCH 015/112] Bump version Change-Id: I2e0a1e8912cb236e89f97f009411b94103b0ff64 --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index b6a222b54b7..18329bbf84a 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.3 +MODULE_VERSION = 5.12.4 From 2c86c348d7a94f27d1e9e7a71c2435565cbe6fb5 Mon Sep 17 00:00:00 2001 From: Peter Varga Date: Wed, 15 May 2019 10:33:07 +0200 Subject: [PATCH 016/112] Disable edit actions when content has no focused frame Task-number: QTBUG-75505 Change-Id: Ia1329ff554a86e307aa7995e9af1665ea6c5e64c Reviewed-by: Allan Sandfeld Jensen --- src/core/devtools_frontend_qt.cpp | 3 +- src/core/web_contents_adapter.cpp | 6 ++ src/core/web_contents_adapter.h | 1 + src/core/web_contents_adapter_client.h | 1 + src/core/web_contents_delegate_qt.cpp | 59 ++++++++++++ src/core/web_contents_delegate_qt.h | 21 ++++ src/webengine/api/qquickwebengineaction.cpp | 3 +- src/webengine/api/qquickwebengineview.cpp | 22 +++++ src/webengine/api/qquickwebengineview_p_p.h | 1 + src/webengine/doc/src/webengineview_lgpl.qdoc | 4 + src/webenginewidgets/api/qwebenginepage.cpp | 22 +++++ src/webenginewidgets/api/qwebenginepage_p.h | 1 + .../doc/src/qwebenginepage_lgpl.qdoc | 8 +- tests/auto/quick/qmltests/data/tst_action.qml | 54 +++++++++++ .../qwebenginepage/tst_qwebenginepage.cpp | 95 ++++++++++++++++++- 15 files changed, 292 insertions(+), 9 deletions(-) diff --git a/src/core/devtools_frontend_qt.cpp b/src/core/devtools_frontend_qt.cpp index bd9e0ebe7d4..fc91fd75fc8 100644 --- a/src/core/devtools_frontend_qt.cpp +++ b/src/core/devtools_frontend_qt.cpp @@ -78,7 +78,6 @@ #include "net/url_request/url_fetcher.h" #include "net/url_request/url_fetcher_response_writer.h" -#include using namespace QtWebEngineCore; namespace { @@ -180,7 +179,7 @@ DevToolsFrontendQt *DevToolsFrontendQt::Show(QSharedPointer content::WebContents *contents = frontendAdapter->webContents(); if (contents == inspectedContents) { - qWarning() << "You can not inspect youself"; + LOG(WARNING) << "You can not inspect yourself"; return nullptr; } diff --git a/src/core/web_contents_adapter.cpp b/src/core/web_contents_adapter.cpp index 3e500396064..567a76637a2 100644 --- a/src/core/web_contents_adapter.cpp +++ b/src/core/web_contents_adapter.cpp @@ -1602,6 +1602,12 @@ bool WebContentsAdapter::isFindTextInProgress() const return m_lastFindRequestId != m_webContentsDelegate->lastReceivedFindReply(); } +bool WebContentsAdapter::hasFocusedFrame() const +{ + CHECK_INITIALIZED(false); + return m_webContents->GetFocusedFrame() != nullptr; +} + WebContentsAdapterClient::RenderProcessTerminationStatus WebContentsAdapterClient::renderProcessExitStatus(int terminationStatus) { auto status = WebContentsAdapterClient::RenderProcessTerminationStatus(-1); diff --git a/src/core/web_contents_adapter.h b/src/core/web_contents_adapter.h index e8e5359beb7..9f9d0ed033f 100644 --- a/src/core/web_contents_adapter.h +++ b/src/core/web_contents_adapter.h @@ -217,6 +217,7 @@ class QWEBENGINECORE_PRIVATE_EXPORT WebContentsAdapter : public QEnableSharedFro bool canViewSource(); void focusIfNecessary(); bool isFindTextInProgress() const; + bool hasFocusedFrame() const; // meant to be used within WebEngineCore only void initialize(content::SiteInstance *site); diff --git a/src/core/web_contents_adapter_client.h b/src/core/web_contents_adapter_client.h index 75d01086560..129e97c5b4f 100644 --- a/src/core/web_contents_adapter_client.h +++ b/src/core/web_contents_adapter_client.h @@ -466,6 +466,7 @@ class QWEBENGINECORE_PRIVATE_EXPORT WebContentsAdapterClient { virtual void updateScrollPosition(const QPointF &position) = 0; virtual void updateContentsSize(const QSizeF &size) = 0; virtual void updateNavigationActions() = 0; + virtual void updateEditActions() = 0; virtual void startDragging(const content::DropData &dropData, Qt::DropActions allowedActions, const QPixmap &pixmap, const QPoint &offset) = 0; virtual bool supportsDragging() const = 0; diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 5cb94de5c4d..95a49f40a9f 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -63,6 +63,7 @@ #include "chrome/browser/custom_handlers/protocol_handler_registry_factory.h" #include "components/web_cache/browser/web_cache_manager.h" +#include "content/browser/frame_host/render_frame_host_impl.h" #include "content/browser/renderer_host/render_widget_host_impl.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/invalidate_type.h" @@ -102,6 +103,7 @@ WebContentsDelegateQt::WebContentsDelegateQt(content::WebContents *webContents, , m_lastReceivedFindReply(0) , m_faviconManager(new FaviconManager(webContents, adapterClient)) , m_lastLoadProgress(-1) + , m_frameFocusedObserver(adapterClient) { webContents->SetDelegate(this); Observe(webContents); @@ -253,11 +255,30 @@ void WebContentsDelegateQt::HandleKeyboardEvent(content::WebContents *, const co m_viewClient->unhandledKeyEvent(reinterpret_cast(event.os_event)); } +void WebContentsDelegateQt::RenderFrameCreated(content::RenderFrameHost *render_frame_host) +{ + content::FrameTreeNode *node = static_cast(render_frame_host)->frame_tree_node(); + m_frameFocusedObserver.addNode(node); +} + void WebContentsDelegateQt::RenderFrameDeleted(content::RenderFrameHost *render_frame_host) { m_loadingErrorFrameList.removeOne(render_frame_host->GetRoutingID()); } +void WebContentsDelegateQt::RenderFrameHostChanged(content::RenderFrameHost *old_host, content::RenderFrameHost *new_host) +{ + if (old_host) { + content::FrameTreeNode *old_node = static_cast(old_host)->frame_tree_node(); + m_frameFocusedObserver.removeNode(old_node); + } + + if (new_host) { + content::FrameTreeNode *new_node = static_cast(new_host)->frame_tree_node(); + m_frameFocusedObserver.addNode(new_node); + } +} + void WebContentsDelegateQt::RenderViewHostChanged(content::RenderViewHost *, content::RenderViewHost *newHost) { if (newHost && newHost->GetWidget() && newHost->GetWidget()->GetView()) { @@ -704,4 +725,42 @@ WebContentsAdapter *WebContentsDelegateQt::webContentsAdapter() const return m_viewClient->webContentsAdapter(); } + +FrameFocusedObserver::FrameFocusedObserver(WebContentsAdapterClient *adapterClient) + : m_viewClient(adapterClient) +{} + +void FrameFocusedObserver::addNode(content::FrameTreeNode *node) +{ + if (m_observedNodes.contains(node)) + return; + + node->AddObserver(this); + m_observedNodes.append(node); +} + +void FrameFocusedObserver::removeNode(content::FrameTreeNode *node) +{ + node->RemoveObserver(this); + m_observedNodes.removeOne(node); +} + +void FrameFocusedObserver::OnFrameTreeNodeFocused(content::FrameTreeNode *node) +{ + Q_UNUSED(node); + m_viewClient->updateEditActions(); +} + +void FrameFocusedObserver::OnFrameTreeNodeDestroyed(content::FrameTreeNode *node) +{ + m_observedNodes.removeOne(node); + m_viewClient->updateEditActions(); +} + +FrameFocusedObserver::~FrameFocusedObserver() +{ + for (content::FrameTreeNode *node : m_observedNodes) + node->RemoveObserver(this); +} + } // namespace QtWebEngineCore diff --git a/src/core/web_contents_delegate_qt.h b/src/core/web_contents_delegate_qt.h index 2baa1176fc8..27aac207123 100644 --- a/src/core/web_contents_delegate_qt.h +++ b/src/core/web_contents_delegate_qt.h @@ -40,6 +40,7 @@ #ifndef WEB_CONTENTS_DELEGATE_QT_H #define WEB_CONTENTS_DELEGATE_QT_H +#include "content/browser/frame_host/frame_tree_node.h" #include "content/public/browser/web_contents_delegate.h" #include "content/public/browser/web_contents_observer.h" #include "third_party/skia/include/core/SkColor.h" @@ -70,6 +71,23 @@ class WebContentsAdapter; class WebContentsAdapterClient; class WebEngineSettings; +class FrameFocusedObserver : public content::FrameTreeNode::Observer +{ +public: + FrameFocusedObserver(WebContentsAdapterClient *adapterClient); + ~FrameFocusedObserver(); + void addNode(content::FrameTreeNode *node); + void removeNode(content::FrameTreeNode *node); + +protected: + void OnFrameTreeNodeFocused(content::FrameTreeNode *node) override; + void OnFrameTreeNodeDestroyed(content::FrameTreeNode *node) override; + +private: + WebContentsAdapterClient *m_viewClient; + QVector m_observedNodes; +}; + class SavePageInfo { public: @@ -130,7 +148,9 @@ class WebContentsDelegateQt : public content::WebContentsDelegate bool TakeFocus(content::WebContents *source, bool reverse) override; // WebContentsObserver overrides + void RenderFrameCreated(content::RenderFrameHost *render_frame_host) override; void RenderFrameDeleted(content::RenderFrameHost *render_frame_host) override; + void RenderFrameHostChanged(content::RenderFrameHost *old_host, content::RenderFrameHost *new_host) override; void RenderViewHostChanged(content::RenderViewHost *old_host, content::RenderViewHost *new_host) override; void DidStartNavigation(content::NavigationHandle *navigation_handle) override; void DidFinishNavigation(content::NavigationHandle *navigation_handle) override; @@ -172,6 +192,7 @@ class WebContentsDelegateQt : public content::WebContentsDelegate QSharedPointer m_filePickerController; QUrl m_initialTargetUrl; int m_lastLoadProgress; + FrameFocusedObserver m_frameFocusedObserver; QUrl m_url; QString m_title; diff --git a/src/webengine/api/qquickwebengineaction.cpp b/src/webengine/api/qquickwebengineaction.cpp index 69a05f29b37..77ac8d340d0 100644 --- a/src/webengine/api/qquickwebengineaction.cpp +++ b/src/webengine/api/qquickwebengineaction.cpp @@ -146,8 +146,7 @@ QString QQuickWebEngineAction::iconName() const /*! \qmlproperty bool WebEngineAction::enabled - This property holds whether the action is enabled. Context-dependent - actions are always enabled. + This property holds whether the action is enabled. */ bool QQuickWebEngineAction::isEnabled() const { diff --git a/src/webengine/api/qquickwebengineview.cpp b/src/webengine/api/qquickwebengineview.cpp index fd3cc8e8284..c8ba64f499e 100644 --- a/src/webengine/api/qquickwebengineview.cpp +++ b/src/webengine/api/qquickwebengineview.cpp @@ -931,6 +931,16 @@ void QQuickWebEngineViewPrivate::updateAction(QQuickWebEngineView::WebAction act case QQuickWebEngineView::ViewSource: enabled = adapter->canViewSource(); break; + case QQuickWebEngineView::Cut: + case QQuickWebEngineView::Copy: + case QQuickWebEngineView::Paste: + case QQuickWebEngineView::Undo: + case QQuickWebEngineView::Redo: + case QQuickWebEngineView::SelectAll: + case QQuickWebEngineView::PasteAndMatchStyle: + case QQuickWebEngineView::Unselect: + enabled = adapter->hasFocusedFrame(); + break; default: break; } @@ -948,6 +958,18 @@ void QQuickWebEngineViewPrivate::updateNavigationActions() updateAction(QQuickWebEngineView::ViewSource); } +void QQuickWebEngineViewPrivate::updateEditActions() +{ + updateAction(QQuickWebEngineView::Cut); + updateAction(QQuickWebEngineView::Copy); + updateAction(QQuickWebEngineView::Paste); + updateAction(QQuickWebEngineView::Undo); + updateAction(QQuickWebEngineView::Redo); + updateAction(QQuickWebEngineView::SelectAll); + updateAction(QQuickWebEngineView::PasteAndMatchStyle); + updateAction(QQuickWebEngineView::Unselect); +} + QUrl QQuickWebEngineView::url() const { Q_D(const QQuickWebEngineView); diff --git a/src/webengine/api/qquickwebengineview_p_p.h b/src/webengine/api/qquickwebengineview_p_p.h index 3c4189fd9fb..3b6300d5f31 100644 --- a/src/webengine/api/qquickwebengineview_p_p.h +++ b/src/webengine/api/qquickwebengineview_p_p.h @@ -147,6 +147,7 @@ class Q_WEBENGINE_PRIVATE_EXPORT QQuickWebEngineViewPrivate : public QtWebEngine void updateScrollPosition(const QPointF &position) override; void updateContentsSize(const QSizeF &size) override; void updateNavigationActions() override; + void updateEditActions() override; void startDragging(const content::DropData &dropData, Qt::DropActions allowedActions, const QPixmap &pixmap, const QPoint &offset) override; bool supportsDragging() const override; diff --git a/src/webengine/doc/src/webengineview_lgpl.qdoc b/src/webengine/doc/src/webengineview_lgpl.qdoc index b294e1c4cb6..6759c1a36da 100644 --- a/src/webengine/doc/src/webengineview_lgpl.qdoc +++ b/src/webengine/doc/src/webengineview_lgpl.qdoc @@ -756,6 +756,10 @@ Redo the last editing action. \value WebEngineView.SelectAll Select all content. + This action is only enabled when the page's content is focused. + The focus can be forced by the JavaScript \c{window.focus()} call, or the + \l{WebEngineSettings::focusOnNavigationEnabled} {focusOnNavigationEnabled} setting + should be enabled to get automatic focus. \value WebEngineView.PasteAndMatchStyle Paste content from the clipboard with current style. \value WebEngineView.OpenLinkInThisWindow diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index c3303401557..78b89a53c0f 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -650,6 +650,16 @@ void QWebEnginePagePrivate::updateAction(QWebEnginePage::WebAction action) const case QWebEnginePage::ViewSource: enabled = adapter->canViewSource(); break; + case QWebEnginePage::Cut: + case QWebEnginePage::Copy: + case QWebEnginePage::Paste: + case QWebEnginePage::Undo: + case QWebEnginePage::Redo: + case QWebEnginePage::SelectAll: + case QWebEnginePage::PasteAndMatchStyle: + case QWebEnginePage::Unselect: + enabled = adapter->hasFocusedFrame(); + break; default: break; } @@ -668,6 +678,18 @@ void QWebEnginePagePrivate::updateNavigationActions() updateAction(QWebEnginePage::ViewSource); } +void QWebEnginePagePrivate::updateEditActions() +{ + updateAction(QWebEnginePage::Cut); + updateAction(QWebEnginePage::Copy); + updateAction(QWebEnginePage::Paste); + updateAction(QWebEnginePage::Undo); + updateAction(QWebEnginePage::Redo); + updateAction(QWebEnginePage::SelectAll); + updateAction(QWebEnginePage::PasteAndMatchStyle); + updateAction(QWebEnginePage::Unselect); +} + #ifndef QT_NO_ACTION void QWebEnginePagePrivate::_q_webActionTriggered(bool checked) { diff --git a/src/webenginewidgets/api/qwebenginepage_p.h b/src/webenginewidgets/api/qwebenginepage_p.h index 25ed8937157..f8f67d3417f 100644 --- a/src/webenginewidgets/api/qwebenginepage_p.h +++ b/src/webenginewidgets/api/qwebenginepage_p.h @@ -144,6 +144,7 @@ class QWebEnginePagePrivate : public QtWebEngineCore::WebContentsAdapterClient void updateScrollPosition(const QPointF &position) override; void updateContentsSize(const QSizeF &size) override; void updateNavigationActions() override; + void updateEditActions() override; void startDragging(const content::DropData &dropData, Qt::DropActions allowedActions, const QPixmap &pixmap, const QPoint &offset) override; bool supportsDragging() const override; diff --git a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc index 75b6c4f54e8..15e57e90485 100644 --- a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc @@ -112,8 +112,7 @@ Actions only have an effect when they are applicable. The availability of actions can be be determined by checking - \l{QAction::}{isEnabled()} on the action returned by action(). Context-dependent - actions are always enabled. + \l{QAction::}{isEnabled()} on the action returned by action(). \value NoWebAction No action is triggered. \value Back Navigate back in the history of navigated links. @@ -126,7 +125,10 @@ \value Paste Paste content from the clipboard. \value Undo Undo the last editing action. \value Redo Redo the last editing action. - \value SelectAll Select all content. + \value SelectAll Select all content. This action is only enabled when the page's content is focused. + The focus can be forced by the JavaScript \c{window.focus()} call, or the + \l{QWebEngineSettings::FocusOnNavigationEnabled} {FocusOnNavigationEnabled} setting + should be enabled to get automatic focus. \value PasteAndMatchStyle Paste content from the clipboard with current style. \value OpenLinkInThisWindow Open the current link in the current window. (Added in Qt 5.6) diff --git a/tests/auto/quick/qmltests/data/tst_action.qml b/tests/auto/quick/qmltests/data/tst_action.qml index f6d8669febd..56a91d8d0b0 100644 --- a/tests/auto/quick/qmltests/data/tst_action.qml +++ b/tests/auto/quick/qmltests/data/tst_action.qml @@ -127,5 +127,59 @@ TestWebEngineView { stopAction.trigger(); compare(stopTriggerSpy.count, 0); } + + function test_editActionsWithExplicitFocus() { + var webView = Qt.createQmlObject("TestWebEngineView { visible: false; }", webEngineView); + webView.settings.focusOnNavigationEnabled = false; + + // The view is hidden and no focus on the page. Edit actions should be disabled. + var selectAllAction = webView.action(WebEngineView.SelectAll); + verify(selectAllAction); + verify(!selectAllAction.enabled); + + var triggerSpy = createTemporaryObject(signalSpy, webEngineView, {target: selectAllAction, signalName: "triggered"}); + var enabledSpy = createTemporaryObject(signalSpy, webEngineView, {target: selectAllAction, signalName: "enabledChanged"}); + + webView.loadHtml("
foo bar
"); + verify(webView.waitForLoadSucceeded()); + + // Still no focus because focus on navigation is disabled. Edit actions don't do anything (should not crash). + verify(!selectAllAction.enabled); + compare(enabledSpy.count, 0); + selectAllAction.trigger(); + compare(triggerSpy.count, 0); + compare(getTextSelection(), ""); + + // Focus content by focusing window from JavaScript. Edit actions should be enabled and functional. + webView.runJavaScript("window.focus();"); + tryVerify(function() { return enabledSpy.count === 1 }); + verify(selectAllAction.enabled); + selectAllAction.trigger(); + compare(triggerSpy.count, 1); + tryVerify(function() { return webView.getTextSelection() === "foo bar" }); + } + + function test_editActionsWithInitialFocus() { + var webView = Qt.createQmlObject("TestWebEngineView { visible: false; }", webEngineView); + webView.settings.focusOnNavigationEnabled = true; + + // The view is hidden and no focus on the page. Edit actions should be disabled. + var selectAllAction = webView.action(WebEngineView.SelectAll); + verify(selectAllAction); + verify(!selectAllAction.enabled); + + var triggerSpy = createTemporaryObject(signalSpy, webEngineView, {target: selectAllAction, signalName: "triggered"}); + var enabledSpy = createTemporaryObject(signalSpy, webEngineView, {target: selectAllAction, signalName: "enabledChanged"}); + + webView.loadHtml("
foo bar
"); + verify(webView.waitForLoadSucceeded()); + + // Content gets initial focus. + tryVerify(function() { return enabledSpy.count === 1 }); + verify(selectAllAction.enabled); + selectAllAction.trigger(); + compare(triggerSpy.count, 1); + tryVerify(function() { return webView.getTextSelection() === "foo bar" }); + } } } diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp index 098bae9deea..d73c8e80ac7 100644 --- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp +++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp @@ -227,6 +227,10 @@ private Q_SLOTS: void triggerActionWithoutMenu(); void dynamicFrame(); + void editActionsWithExplicitFocus(); + void editActionsWithInitialFocus(); + void editActionsWithFocusOnIframe(); + private: static QPoint elementCenter(QWebEnginePage *page, const QString &id); @@ -1137,8 +1141,8 @@ void tst_QWebEnginePage::textSelection() QCOMPARE(page->action(QWebEnginePage::SelectEndOfDocument)->isEnabled(), false); #endif - // ..but SelectAll is awalys enabled - QCOMPARE(page->action(QWebEnginePage::SelectAll)->isEnabled(), true); + // ..but SelectAll is disabled because the page has no focus due to disabled FocusOnNavigationEnabled. + QCOMPARE(page->action(QWebEnginePage::SelectAll)->isEnabled(), false); // Verify hasSelection returns false since there is no selection yet... QCOMPARE(page->hasSelection(), false); @@ -4503,6 +4507,93 @@ void tst_QWebEnginePage::dynamicFrame() QCOMPARE(toPlainTextSync(&page).trimmed(), QStringLiteral("foo")); } +void tst_QWebEnginePage::editActionsWithExplicitFocus() +{ + QWebEngineView view; + QWebEnginePage *page = view.page(); + view.settings()->setAttribute(QWebEngineSettings::FocusOnNavigationEnabled, false); + + QSignalSpy loadFinishedSpy(page, &QWebEnginePage::loadFinished); + QSignalSpy selectionChangedSpy(page, &QWebEnginePage::selectionChanged); + QSignalSpy actionChangedSpy(page->action(QWebEnginePage::SelectAll), &QAction::changed); + + // The view is hidden and no focus on the page. Edit actions should be disabled. + QVERIFY(!view.isVisible()); + QVERIFY(!page->action(QWebEnginePage::SelectAll)->isEnabled()); + + page->setHtml(QString("
foo bar
")); + QTRY_COMPARE(loadFinishedSpy.count(), 1); + + // Still no focus because focus on navigation is disabled. Edit actions don't do anything (should not crash). + QVERIFY(!page->action(QWebEnginePage::SelectAll)->isEnabled()); + view.page()->triggerAction(QWebEnginePage::SelectAll); + QCOMPARE(selectionChangedSpy.count(), 0); + QCOMPARE(page->hasSelection(), false); + + // Focus content by focusing window from JavaScript. Edit actions should be enabled and functional. + evaluateJavaScriptSync(page, "window.focus();"); + QTRY_COMPARE(actionChangedSpy.count(), 1); + QVERIFY(page->action(QWebEnginePage::SelectAll)->isEnabled()); + view.page()->triggerAction(QWebEnginePage::SelectAll); + QTRY_COMPARE(selectionChangedSpy.count(), 1); + QCOMPARE(page->hasSelection(), true); + QCOMPARE(page->selectedText(), QStringLiteral("foo bar")); +} + +void tst_QWebEnginePage::editActionsWithInitialFocus() +{ + QWebEngineView view; + QWebEnginePage *page = view.page(); + view.settings()->setAttribute(QWebEngineSettings::FocusOnNavigationEnabled, true); + + QSignalSpy loadFinishedSpy(page, &QWebEnginePage::loadFinished); + QSignalSpy selectionChangedSpy(page, &QWebEnginePage::selectionChanged); + QSignalSpy actionChangedSpy(page->action(QWebEnginePage::SelectAll), &QAction::changed); + + // The view is hidden and no focus on the page. Edit actions should be disabled. + QVERIFY(!view.isVisible()); + QVERIFY(!page->action(QWebEnginePage::SelectAll)->isEnabled()); + + page->setHtml(QString("
foo bar
")); + QTRY_COMPARE(loadFinishedSpy.count(), 1); + + // Content gets initial focus. + QTRY_COMPARE(actionChangedSpy.count(), 1); + QVERIFY(page->action(QWebEnginePage::SelectAll)->isEnabled()); + view.page()->triggerAction(QWebEnginePage::SelectAll); + QTRY_COMPARE(selectionChangedSpy.count(), 1); + QCOMPARE(page->hasSelection(), true); + QCOMPARE(page->selectedText(), QStringLiteral("foo bar")); +} + +void tst_QWebEnginePage::editActionsWithFocusOnIframe() +{ + QWebEngineView view; + QWebEnginePage *page = view.page(); + view.settings()->setAttribute(QWebEngineSettings::FocusOnNavigationEnabled, false); + + QSignalSpy loadFinishedSpy(page, &QWebEnginePage::loadFinished); + QSignalSpy selectionChangedSpy(page, &QWebEnginePage::selectionChanged); + QSignalSpy actionChangedSpy(page->action(QWebEnginePage::SelectAll), &QAction::changed); + + // The view is hidden and no focus on the page. Edit actions should be disabled. + QVERIFY(!view.isVisible()); + QVERIFY(!page->action(QWebEnginePage::SelectAll)->isEnabled()); + + page->load(QUrl("qrc:///resources/iframe2.html")); + QTRY_COMPARE(loadFinishedSpy.count(), 1); + QVERIFY(!page->action(QWebEnginePage::SelectAll)->isEnabled()); + + // Focusing an iframe. + evaluateJavaScriptSync(page, "document.getElementsByTagName('iframe')[0].contentWindow.focus()"); + QTRY_COMPARE(actionChangedSpy.count(), 1); + QVERIFY(page->action(QWebEnginePage::SelectAll)->isEnabled()); + view.page()->triggerAction(QWebEnginePage::SelectAll); + QTRY_COMPARE(selectionChangedSpy.count(), 1); + QCOMPARE(page->hasSelection(), true); + QCOMPARE(page->selectedText(), QStringLiteral("inner")); +} + static QByteArrayList params = {QByteArrayLiteral("--use-fake-device-for-media-stream")}; W_QTEST_MAIN(tst_QWebEnginePage, params) From fed3e5ce397c9698b5d9546e2edfcb3504c403c3 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 16 May 2019 21:58:06 +0200 Subject: [PATCH 017/112] Fix linker too long argument list For yocto builds linker can get quite long path since all archives are listed as absolute paths. This can end up as "execvp: /bin/sh: Argument list too long" Use rsp files also for archives. Change-Id: I096e2f35ed72b68261bf465e84baddd1f78cd917 Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit 546c42e42643a209d893d5291c26c3f8ef7102a3) Reviewed-by: Michal Klocek --- src/core/core_module.pro | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/core/core_module.pro b/src/core/core_module.pro index 3b5d37f299c..0217d2a2bbd 100644 --- a/src/core/core_module.pro +++ b/src/core/core_module.pro @@ -25,14 +25,17 @@ isEmpty(NINJA_LIBS): error("Missing library files from QtWebEngineCore linking p NINJA_OBJECTS = $$eval($$list($$NINJA_OBJECTS)) # Do manual response file linking for macOS and Linux -RSP_FILE = $$OUT_PWD/$$getConfigDir()/$${TARGET}.rsp -for(object, NINJA_OBJECTS): RSP_CONTENT += $$object -write_file($$RSP_FILE, RSP_CONTENT) -macos:LIBS_PRIVATE += -Wl,-filelist,$$shell_quote($$RSP_FILE) -linux:LIBS_PRIVATE += @$$RSP_FILE +RSP_OBJECT_FILE = $$OUT_PWD/$$getConfigDir()/$${TARGET}_o.rsp +for(object, NINJA_OBJECTS): RSP_O_CONTENT += $$object +write_file($$RSP_OBJECT_FILE, RSP_O_CONTENT) +RSP_ARCHIVE_FILE = $$OUT_PWD/$$getConfigDir()/$${TARGET}_a.rsp +for(archive, NINJA_ARCHIVES): RSP_A_CONTENT += $$archive +write_file($$RSP_ARCHIVE_FILE, RSP_A_CONTENT) +macos:LIBS_PRIVATE += -Wl,-filelist,$$shell_quote($$RSP_OBJECT_FILE) +linux:LIBS_PRIVATE += @$${RSP_OBJECT_FILE} # QTBUG-58710 add main rsp file on windows -win32:QMAKE_LFLAGS += @$$RSP_FILE -linux: LIBS_PRIVATE += -Wl,--start-group $$NINJA_ARCHIVES -Wl,--end-group +win32:QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} +linux: LIBS_PRIVATE += -Wl,--start-group @$${RSP_ARCHIVE_FILE} -Wl,--end-group else: LIBS_PRIVATE += $$NINJA_ARCHIVES LIBS_PRIVATE += $$NINJA_LIB_DIRS $$NINJA_LIBS # GN's LFLAGS doesn't always work across all the Linux configurations we support. From ddd3d905395298188329df111d3785e07e06e0db Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Fri, 17 May 2019 15:49:23 +0200 Subject: [PATCH 018/112] Make linker call look great again Fix issues with messed up linker path: * do not use LIBS_PRIVATE on linux at least for passing object and archive responses files. * do not use QT and QT_PRIVATE with same libs, it simply includes libs in LIB and LIB_PRIVATE so doubles linker libs. * remove bogus dependency for gui and core for webengineheaders pseudo module. * remove unused egl config flag Fixes: QTBUG-75832 Task-number: QTBUG-75357 Change-Id: I1720394e636e3f89d546f372b10932dd4ad395fe Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit ee12b53eba009e8a3ca12ef77031d9a48c609cb4) Reviewed-by: Michal Klocek --- src/core/core_chromium.pri | 2 -- src/core/core_common.pri | 4 ++-- src/core/core_headers.pro | 1 + src/core/core_module.pro | 13 ++++++------- 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/src/core/core_chromium.pri b/src/core/core_chromium.pri index e92dd60ffcb..60eaf1f0690 100644 --- a/src/core/core_chromium.pri +++ b/src/core/core_chromium.pri @@ -33,8 +33,6 @@ RCC_DIR = $$OUT_PWD/$$getConfigDir()/.rcc # whenever we are cross compiling. qtConfig(webengine-embedded-build): DEFINES += QTWEBENGINE_EMBEDDED_SWITCHES -qtConfig(egl): CONFIG += egl - INCLUDEPATH += $$PWD $$PWD/api SOURCES = \ diff --git a/src/core/core_common.pri b/src/core/core_common.pri index 5f9f3c4f615..01f40eb09e6 100644 --- a/src/core/core_common.pri +++ b/src/core/core_common.pri @@ -2,8 +2,8 @@ # gyp/ninja will take care of the compilation, qmake/make will finish with linking and install. TARGET = QtWebEngineCore -QT += qml quick -QT_PRIVATE += quick-private gui-private core-private webenginecoreheaders-private +QT += qml-private quick-private gui-private core-private +QT_PRIVATE += webenginecoreheaders-private qtConfig(webengine-geolocation): QT += positioning qtConfig(webengine-webchannel): QT += webchannel diff --git a/src/core/core_headers.pro b/src/core/core_headers.pro index 21b5d58c33d..cd5352eb7b1 100644 --- a/src/core/core_headers.pro +++ b/src/core/core_headers.pro @@ -1,5 +1,6 @@ TARGET = QtWebEngineCore CONFIG += no_private_module header_module internal_module no_plist +QT -= core gui MODULE = webenginecoreheaders MODULE_CFG_FILE = qtwebenginecore-config load(qt_module) diff --git a/src/core/core_module.pro b/src/core/core_module.pro index 0217d2a2bbd..b5c8542f356 100644 --- a/src/core/core_module.pro +++ b/src/core/core_module.pro @@ -10,8 +10,6 @@ linking_pri = $$OUT_PWD/$$getConfigDir()/$${TARGET}.pri error("Could not find the linking information that gn should have generated.") } -load(qt_module) - api_library_name = qtwebenginecoreapi$$qtPlatformTargetSuffix() api_library_path = $$OUT_PWD/api/$$getConfigDir() @@ -32,10 +30,10 @@ RSP_ARCHIVE_FILE = $$OUT_PWD/$$getConfigDir()/$${TARGET}_a.rsp for(archive, NINJA_ARCHIVES): RSP_A_CONTENT += $$archive write_file($$RSP_ARCHIVE_FILE, RSP_A_CONTENT) macos:LIBS_PRIVATE += -Wl,-filelist,$$shell_quote($$RSP_OBJECT_FILE) -linux:LIBS_PRIVATE += @$${RSP_OBJECT_FILE} +linux:QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} # QTBUG-58710 add main rsp file on windows win32:QMAKE_LFLAGS += @$${RSP_OBJECT_FILE} -linux: LIBS_PRIVATE += -Wl,--start-group @$${RSP_ARCHIVE_FILE} -Wl,--end-group +linux:QMAKE_LFLAGS += -Wl,--start-group @$${RSP_ARCHIVE_FILE} -Wl,--end-group else: LIBS_PRIVATE += $$NINJA_ARCHIVES LIBS_PRIVATE += $$NINJA_LIB_DIRS $$NINJA_LIBS # GN's LFLAGS doesn't always work across all the Linux configurations we support. @@ -74,7 +72,7 @@ osx { # API library as response file to the linker. QMAKE_LFLAGS += @$${api_library_path}$${QMAKE_DIR_SEP}$${api_library_name}.lib.objects } else { - LIBS_PRIVATE += -Wl,-whole-archive -l$$api_library_name -Wl,-no-whole-archive + QMAKE_LFLAGS += -Wl,-whole-archive -l$$api_library_name -Wl,-no-whole-archive } win32-msvc* { @@ -87,8 +85,6 @@ win32-msvc* { # and doesn't let Chromium get access to libc symbols through dlsym. CONFIG -= bsymbolic_functions -qtConfig(egl): CONFIG += egl - linux:qtConfig(separate_debug_info): QMAKE_POST_LINK="cd $(DESTDIR) && $(STRIP) --strip-unneeded $(TARGET)" REPACK_DIR = $$OUT_PWD/$$getConfigDir() @@ -157,3 +153,6 @@ OTHER_FILES = \ $$files(../3rdparty/chromium/*.gypi, true) \ $$files(../3rdparty/chromium/*.gn, true) \ $$files(../3rdparty/chromium/*.gni, true) + +load(qt_module) + From da67565737b564e1951b15c6b7756783c88ab438 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Wed, 29 May 2019 09:42:06 +0200 Subject: [PATCH 019/112] Update Chromium This pulls in the following changes: 11c5d00ab75 Use MessagePumpMac for desktop capture thread on macOS Fixes: QTBUG-76045 Change-Id: I9fe920afeb39b34b837d9a5603c79e128942922d Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 8d400b02159..11c5d00ab75 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 8d400b021591c0b619269317e239d8a750ace140 +Subproject commit 11c5d00ab758576925308e2b508b798a4bf0ac3c From efe771eaaa69557cdca04bccc4502c8e31f372fa Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 3 May 2019 14:46:41 +0200 Subject: [PATCH 020/112] Fix automatic NTLM authentication by backporting server white list support Support --auth-server-whitelist Read it and pass it to an HttpAuthPreference. Change-Id: I37c23f4d777ff11b2c0480fa9c28ea6fbe029737 Task-number: QTBUG-75539 Task-number: QTBUG-57729 Reviewed-by: Kai Koehne (cherry picked from commit b81d7095825cdd4f486e83894c801e596f248936) Reviewed-by: Allan Sandfeld Jensen --- src/core/profile_io_data_qt.cpp | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/core/profile_io_data_qt.cpp b/src/core/profile_io_data_qt.cpp index 63585b2c3a3..dd363f74dee 100644 --- a/src/core/profile_io_data_qt.cpp +++ b/src/core/profile_io_data_qt.cpp @@ -48,6 +48,7 @@ #include "content/public/common/content_features.h" #include "chrome/browser/custom_handlers/protocol_handler_registry_factory.h" #include "chrome/browser/net/chrome_mojo_proxy_resolver_factory.h" +#include "chrome/common/chrome_switches.h" #include "net/cert/cert_verifier.h" #include "net/cert/ct_log_verifier.h" #include "net/cert/ct_policy_enforcer.h" @@ -88,13 +89,6 @@ namespace QtWebEngineCore { -static const char* const kDefaultAuthSchemes[] = { net::kBasicAuthScheme, - net::kDigestAuthScheme, -#if QT_CONFIG(webengine_kerberos) - net::kNegotiateAuthScheme, -#endif - net::kNtlmAuthScheme }; - static bool doNetworkSessionParamsMatch(const net::HttpNetworkSession::Params &first, const net::HttpNetworkSession::Params &second) { @@ -297,8 +291,14 @@ void ProfileIODataQt::generateStorage() m_storage->set_ct_policy_enforcer(base::WrapUnique(new net::DefaultCTPolicyEnforcer())); m_storage->set_host_resolver(net::HostResolver::CreateDefaultResolver(NULL)); m_storage->set_ssl_config_service(std::make_unique()); + if (!m_httpAuthPreferences) { + m_httpAuthPreferences.reset(new net::HttpAuthPreferences()); + std::string serverWhitelist = base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(switches::kAuthServerWhitelist); + m_httpAuthPreferences->SetServerWhitelist(serverWhitelist); + } m_storage->set_http_auth_handler_factory(net::HttpAuthHandlerFactory::CreateDefault( - m_urlRequestContext->host_resolver())); + m_urlRequestContext->host_resolver(), + m_httpAuthPreferences.get())); m_storage->set_transport_security_state(std::make_unique()); if (!m_dataPath.isEmpty()) { From 54fa06ccecaceeffdfbafdd516503f8007569cf0 Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Thu, 23 May 2019 15:20:42 +0300 Subject: [PATCH 021/112] Add changes file for Qt 5.12.4 Change-Id: Ie79515e5bcae490acf316278aabaeadefc6bd707 Reviewed-by: Leena Miettinen --- dist/changes-5.12.4 | 48 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 dist/changes-5.12.4 diff --git a/dist/changes-5.12.4 b/dist/changes-5.12.4 new file mode 100644 index 00000000000..dcd44681ad0 --- /dev/null +++ b/dist/changes-5.12.4 @@ -0,0 +1,48 @@ +Qt 5.12.4 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.3. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.4 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-57729, QTBUG-75539] Fixed automatic NTLM authentication, and added + support for --auth-server-whitelist. + - [QTBUG-60203] Fixed setting referer HTTP header in request interceptor. + - [QTBUG-74251, QTBUG-74698] Normalize download paths on Windows. + - [QTBUG-74864] Fixed resolving relative URLs with custom schemes. + - [QTBUG-75092] Fixed printing in landscape orientation. + - [QTBUG-75212] Added support for building with VS 2019. + - [QTBUG-75304] Fixed running non-MainWorld DocumentCreations scripts when + JavaScript is disabled. + - [QTBUG-75465] Fixed -no-gui builds. + - [QTBUG-75629] Fixed crash on Linux when pulseaudio had no devices. + - [QTBUG-76045] Fixed desktop capture on macOS. + + +Qt WebEngine Widgets +-------------------- + + - [QTBUG-75131, QTBUG-75175] Fixed QWebEngineView::setPage not deleting + old page. + - [QTBUG-75547] Fixed crash on exit when page and profile were deleted in + the wrong order. + - [QTBUG-75566] Added path validation to QWebEngineDownloadItem::setPath(). From 597359a16a798df3955404200f1fc6833a7425ab Mon Sep 17 00:00:00 2001 From: Thiago Macieira Date: Fri, 31 May 2019 09:56:28 -0700 Subject: [PATCH 022/112] Don't allow QtWebEngineCore to request executable stack The Chromium sources contain assembly code that causes the library to default to executable stack (the linker requires that *all* .o files have a .note.GNU-stack section in order to default to non-executable). So add the -z noexecstack linker flag to change the setting. The other libraries are not affected. Change-Id: I0bf9ebeb5aa34d19be30fffd15a3d3063dea2005 Reviewed-by: Allan Sandfeld Jensen --- src/core/configure.json | 10 ++++++++++ src/core/core_module.pro | 2 ++ 2 files changed, 12 insertions(+) diff --git a/src/core/configure.json b/src/core/configure.json index fc23785dfb2..6dccd164492 100644 --- a/src/core/configure.json +++ b/src/core/configure.json @@ -327,6 +327,11 @@ "webengine-arm-thumb" : { "label": "thumb instruction set", "type": "hasThumbFlag" + }, + "webengine-noexecstack" : { + "label": "linker supports -z noexecstack", + "type": "linkerSupportsFlag", + "flag": "-z,noexecstack" } }, @@ -658,6 +663,11 @@ "label": "Thumb instruction set", "condition": "config.linux && features.webengine-embedded-build && arch.arm && tests.webengine-arm-thumb", "output": [ "privateFeature" ] + }, + "webengine-noexecstack": { + "label": "linker supports -z noexecstack", + "condition": "config.unix && tests.webengine-noexecstack", + "output": [ "privateFeature" ] } }, diff --git a/src/core/core_module.pro b/src/core/core_module.pro index b5c8542f356..9bd56f9deeb 100644 --- a/src/core/core_module.pro +++ b/src/core/core_module.pro @@ -39,6 +39,8 @@ LIBS_PRIVATE += $$NINJA_LIB_DIRS $$NINJA_LIBS # GN's LFLAGS doesn't always work across all the Linux configurations we support. # The Windows and macOS ones from GN does provide a few useful flags however +unix:qtConfig(webengine-noexecstack): \ + QMAKE_LFLAGS += -Wl,-z,noexecstack linux { QMAKE_LFLAGS += -Wl,--gc-sections -Wl,-O1 -Wl,-z,now # Embedded address sanitizer symbols are undefined and are picked up by the dynamic link loader From 1005d6f3f03fb48feddfb4226b72fc0df3bc8af3 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 6 Jun 2019 12:34:17 +0200 Subject: [PATCH 023/112] Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 41a5b412 [Backport] Fix for CVE-2019-5822 * 233802ed [Backport] Fix for CVE-2019-5821 * c9ade8f0 [Backport] Fix for CVE-2019-5820 * c2dbb31a [Backport] Fix for CVE-2019-5819 * 7a8ae930 [Backport] Fix for CVE-2019-5818 * b5436c7a [Backport] Fix for CVE-2019-5815 * d3584684 [Backport] Fix for CVE-2019-5814 * 891c0a91 [Backport] Fix for CVE-2019-5808 * 23e798e8 [Backport] Fix for CVE-2019-5806 * 4d6500c2 [Backport] Fix for CVE-2019-5805 * 7b6a459e Try different versions when creating a CoreProfile context on macOS Task-number: QTBUG-75497 Task-number: QTBUG-73799 Change-Id: Ica812747467fc02a142f83d8638ec995589f1e5a Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 11c5d00ab75..41a5b412682 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 11c5d00ab758576925308e2b508b798a4bf0ac3c +Subproject commit 41a5b4126821d396d581e7624a82f9109f8ca473 From 5c4f53b4026923e5fbc1e9151f5f4f5f90d1435c Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 6 Jun 2019 14:56:14 +0200 Subject: [PATCH 024/112] Update Chromium * bd792030 [Backport] Fix for security issue 951322 * b82fa580 [Backport] Fix for CVE-2019-5827 * 77de851f [Backport] Fix for CVE-2019-5825 * 3b283bc5 [Backport] Fix for CVE-2019-5826 * 546e8a27 [Backport] Fix for CVE-2019-5824 * 1660b7b1 [Backport] Fix for security issue 894933 * 048b1aee [Backport] Fix for security issue 937663 * bf0e274c [Backport] Fix for security issue 908669 * b8f953da [Backport] Fix for security issue 931949 (2/2) * 422411de [Backport] Fix for security issue 931949 (1/2) * f659a4d7 [Backport] Fix for security issue 939316 * f3378a1c [Backport] Fix for security issue 940205 * af9444ec [Backport] Fix for security issue 949015 * 8f58d94e [Backport] Fix for CVE-2019-5823 Task-number: QTBUG-75497 Change-Id: Id4330b3d08a444dcd95d072905dac6da212fd93b Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 41a5b412682..bd792030e19 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 41a5b4126821d396d581e7624a82f9109f8ca473 +Subproject commit bd792030e194a0bcce4defbf2298041244b54121 From 80674ddb452c6926a01fcb0f35699252cf452043 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 6 Jun 2019 15:07:03 +0200 Subject: [PATCH 025/112] Update dist changes to include security fixes Task-number: QTBUG-75497 Change-Id: Iedc69eacd67766b14474d053d68251ab93af3472 Reviewed-by: Allan Sandfeld Jensen --- dist/changes-5.12.4 | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/dist/changes-5.12.4 b/dist/changes-5.12.4 index dcd44681ad0..986c6871bc6 100644 --- a/dist/changes-5.12.4 +++ b/dist/changes-5.12.4 @@ -36,7 +36,36 @@ General - [QTBUG-75465] Fixed -no-gui builds. - [QTBUG-75629] Fixed crash on Linux when pulseaudio had no devices. - [QTBUG-76045] Fixed desktop capture on macOS. + - [QTBUG-73799] Try different versions when creating a CoreProfile context on macOS +Chromium +-------- + + - Security fixes from Chromium up to version 74.0.3729.157, including: + + - CVE-2019-5805 + - CVE-2019-5806 + - CVE-2019-5808 + - CVE-2019-5814 + - CVE-2019-5815 + - CVE-2019-5818 + - CVE-2019-5819 + - CVE-2019-5820 + - CVE-2019-5821 + - CVE-2019-5822 + - CVE-2019-5823 + - CVE-2019-5824 + - CVE-2019-5825 + - CVE-2019-5826 + - CVE-2019-5827 + - security issue 894933 + - security issue 908669 + - security issue 931949 + - security issue 937663 + - security issue 939316 + - security issue 940205 + - security issue 949015 + - security issue 951322 Qt WebEngine Widgets -------------------- From f7cc2f2a8038182d4c2c3c76a6ca97394a22b213 Mon Sep 17 00:00:00 2001 From: Leander Beernaert Date: Fri, 17 May 2019 15:21:53 +0200 Subject: [PATCH 026/112] Add a close button and ensure text height fitting in tabs for quicknanobrowser Ensure the text can be correctly displayed vertically by reserving some height and add a close button via a custom tabview style. This change aloso fixes the case where all tabs are closed and new one can't be created using the ctrl+t short cut. Fixes: QTBUG-75291 Change-Id: I139bb832119d56d0e0f12f054e924e5d944b91d4 Reviewed-by: Michal Klocek --- .../quicknanobrowser/BrowserWindow.qml | 62 +++++++++++++++++-- 1 file changed, 56 insertions(+), 6 deletions(-) diff --git a/examples/webengine/quicknanobrowser/BrowserWindow.qml b/examples/webengine/quicknanobrowser/BrowserWindow.qml index 0ac69ef241c..17e7941bb70 100644 --- a/examples/webengine/quicknanobrowser/BrowserWindow.qml +++ b/examples/webengine/quicknanobrowser/BrowserWindow.qml @@ -115,7 +115,7 @@ ApplicationWindow { Action { shortcut: StandardKey.AddTab onTriggered: { - tabs.createEmptyTab(currentWebView.profile); + tabs.createEmptyTab(tabs.count != 0 ? currentWebView.profile : defaultProfile); tabs.currentIndex = tabs.count - 1; addressBar.forceActiveFocus(); addressBar.selectAll(); @@ -294,18 +294,22 @@ ApplicationWindow { id: offTheRecordEnabled text: "Off The Record" checkable: true - checked: currentWebView.profile === otrProfile + checked: currentWebView && currentWebView.profile === otrProfile onToggled: function(checked) { - currentWebView.profile = checked ? otrProfile : defaultProfile; + if (currentWebView) { + currentWebView.profile = checked ? otrProfile : defaultProfile; + } } } MenuItem { id: httpDiskCacheEnabled text: "HTTP Disk Cache" - checkable: !currentWebView.profile.offTheRecord - checked: (currentWebView.profile.httpCacheType === WebEngineProfile.DiskHttpCache) + checkable: currentWebView && !currentWebView.profile.offTheRecord + checked: currentWebView && (currentWebView.profile.httpCacheType === WebEngineProfile.DiskHttpCache) onToggled: function(checked) { - currentWebView.profile.httpCacheType = checked ? WebEngineProfile.DiskHttpCache : WebEngineProfile.MemoryHttpCache; + if (currentWebView) { + currentWebView.profile.httpCacheType = checked ? WebEngineProfile.DiskHttpCache : WebEngineProfile.MemoryHttpCache; + } } } MenuItem { @@ -373,6 +377,52 @@ ApplicationWindow { anchors.right: parent.right Component.onCompleted: createEmptyTab(defaultProfile) + // Add custom tab view style so we can customize the tabs to include a close button + style: TabViewStyle { + property color frameColor: "#999" + property color fillColor: "#eee" + property color nonSelectedColor: "#ddd" + frameOverlap: 1 + frame: Rectangle { + color: "#eee" + border.color: frameColor + } + tab: Rectangle { + id: tabRectangle + color: styleData.selected ? fillColor : nonSelectedColor + border.width: 1 + border.color: frameColor + implicitWidth: Math.max(text.width + 30, 80) + implicitHeight: Math.max(text.height + 10, 20) + Rectangle { height: 1 ; width: parent.width ; color: frameColor} + Rectangle { height: parent.height ; width: 1; color: frameColor} + Rectangle { x: parent.width - 2; height: parent.height ; width: 1; color: frameColor} + Text { + id: text + anchors.left: parent.left + anchors.verticalCenter: parent.verticalCenter + anchors.leftMargin: 6 + text: styleData.title + elide: Text.ElideRight + color: styleData.selected ? "black" : frameColor + } + Button { + anchors.right: parent.right + anchors.verticalCenter: parent.verticalCenter + anchors.rightMargin: 4 + height: 12 + style: ButtonStyle { + background: Rectangle { + implicitWidth: 12 + implicitHeight: 12 + color: control.hovered ? "#ccc" : tabRectangle.color + Text {text: "x" ; anchors.centerIn: parent ; color: "gray"} + }} + onClicked: tabs.removeTab(styleData.index); + } + } + } + Component { id: tabComponent WebEngineView { From 156826376f47924e4ef57695ee233b051c336406 Mon Sep 17 00:00:00 2001 From: Leena Miettinen Date: Mon, 13 May 2019 09:57:13 +0200 Subject: [PATCH 027/112] Doc: Improve documentation for QWebEngineView::setHtml() ...and QWebEngineView::setContent()and WebEngineView.loadHtml() The baseUrl cannot be empty. Fixes: QTBUG-75760 Change-Id: If276767ed6a7a9421292299e0ac79d02bbbca0e3 Reviewed-by: Michal Klocek --- src/webengine/doc/src/webengineview_lgpl.qdoc | 3 ++- src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc | 9 +++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/webengine/doc/src/webengineview_lgpl.qdoc b/src/webengine/doc/src/webengineview_lgpl.qdoc index 6759c1a36da..d790cccea93 100644 --- a/src/webengine/doc/src/webengineview_lgpl.qdoc +++ b/src/webengine/doc/src/webengineview_lgpl.qdoc @@ -376,7 +376,8 @@ which references HTML pages via URL. External objects, such as stylesheets or images referenced in the HTML - document, should be located relative to \a baseUrl. For example, if \a html + document, should be located relative to \a baseUrl. For external objects to + be loaded, \c baseUrl cannot be empty. For example, if \a html is retrieved from \c http://www.example.com/documents/overview.html, which is the base URL, then an image referenced with the relative URL, \c diagram.png, should be at \c{http://www.example.com/documents/diagram.png}. diff --git a/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc index fce1e8d8f41..1b7812dffd1 100644 --- a/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebengineview_lgpl.qdoc @@ -1,5 +1,5 @@ /* - Copyright (C) 2015 The Qt Company Ltd. + Copyright (C) 2019 The Qt Company Ltd. Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) Copyright (C) 2008 Holger Hans Peter Freyther Copyright (C) 2009 Girish Ramakrishnan @@ -125,7 +125,11 @@ Sets the content of the web view to the specified \a html content. External objects, such as stylesheets or images referenced in the HTML - document, are located relative to \a baseUrl. + document, are located relative to \a baseUrl. For external objects to + be loaded, \c baseUrl cannot be empty. For example, if \a html + is retrieved from \c http://www.example.com/documents/overview.html, which + is the base URL, then an image referenced with the relative URL, \c diagram.png, + should be at \c{http://www.example.com/documents/diagram.png}. The HTML document is loaded immediately, whereas external objects are loaded asynchronously. @@ -156,6 +160,7 @@ is empty, it is assumed that the content is \c{text/plain,charset=US-ASCII}. External objects referenced in the content are located relative to \a baseUrl. + For external objects to be loaded, \c baseUrl cannot be empty. The data is loaded immediately; external objects are loaded asynchronously. From df84dec6bc90c087aab4a2b9b4bfe6f129584ebb Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 4 Jun 2019 12:48:10 +0200 Subject: [PATCH 028/112] Use Chromium linker flags Add all Chromium linker flags by default and explicitly blacklist some of them. Change-Id: Icb461838f71c8511fe5730d4601eb20bc2aa135c Reviewed-by: Allan Sandfeld Jensen --- src/core/core_module.pro | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/src/core/core_module.pro b/src/core/core_module.pro index 9bd56f9deeb..7bcd916a15f 100644 --- a/src/core/core_module.pro +++ b/src/core/core_module.pro @@ -42,11 +42,15 @@ LIBS_PRIVATE += $$NINJA_LIB_DIRS $$NINJA_LIBS unix:qtConfig(webengine-noexecstack): \ QMAKE_LFLAGS += -Wl,-z,noexecstack linux { - QMAKE_LFLAGS += -Wl,--gc-sections -Wl,-O1 -Wl,-z,now - # Embedded address sanitizer symbols are undefined and are picked up by the dynamic link loader - # at runtime. Thus we do not to pass the linker flag below, because the linker would complain - # about the undefined sanitizer symbols. - !sanitizer: QMAKE_LFLAGS += -Wl,-z,defs + # add chromium flags + for(flag, NINJA_LFLAGS) { + # filter out some flags + !contains(flag, .*noexecstack$): \ + !contains(flag, .*as-needed$): \ + !contains(flag, ^-B.*): \ + !contains(flag, ^-fuse-ld.*): \ + QMAKE_LFLAGS += $$flag + } } else { QMAKE_LFLAGS += $$NINJA_LFLAGS } From b78d307f741e6fed23ee4b3326927b6f49d5f172 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 14 Jun 2019 15:44:40 +0200 Subject: [PATCH 029/112] Accept handled events If we let tablet events pass through without handling it, it will come back to haunt us as a mouse event. Fixes: QTBUG-76347 Change-Id: I93297f543620350db0329fe993d18a04e33c7d18 Reviewed-by: Michal Klocek --- .../render_widget_host_view_qt_delegate_widget.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp index 55bdb3a6251..90ef3c1eef3 100644 --- a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp +++ b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp @@ -487,6 +487,8 @@ bool RenderWidgetHostViewQtDelegateWidget::event(QEvent *event) if (!handled) return QQuickWidget::event(event); + // Most events are accepted by default, but tablet events are not: + event->accept(); return true; } From 47e69dd008dd7e55dc035063dc7293a19971a0bb Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 14 Jun 2019 16:01:07 +0200 Subject: [PATCH 030/112] Do not forward key-events on QQuickItem level We forward the real events earlier, anything coming in at QQuickItem level is synthetic. Fixes: QTBUG-76268 Change-Id: I067f8f94cc5e07bb0cd500b5ae9b9d6bbe66310b Reviewed-by: Michal Klocek --- .../render_widget_host_view_qt_delegate_widget.cpp | 8 -------- 1 file changed, 8 deletions(-) diff --git a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp index 90ef3c1eef3..27adef919ee 100644 --- a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp +++ b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp @@ -77,14 +77,6 @@ class RenderWidgetHostViewQuickItem : public QQuickItem { { m_client->forwardEvent(event); } - void keyPressEvent(QKeyEvent *event) override - { - m_client->forwardEvent(event); - } - void keyReleaseEvent(QKeyEvent *event) override - { - m_client->forwardEvent(event); - } void inputMethodEvent(QInputMethodEvent *event) override { m_client->forwardEvent(event); From 3b04c83620a465a4f8876413c37696fbbc3a23d6 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 7 Jun 2019 11:14:00 +0200 Subject: [PATCH 031/112] Set custom user-agent manually on new windows Chromium forgets to set ShouldOverrideUserAgentInNewTabs(), so we need to manually set the override. Fixes: QTBUG-76249 Change-Id: Id240ee525dacec3cd8389aca058a61d3af62b00a Reviewed-by: Michal Klocek --- src/core/web_contents_delegate_qt.cpp | 5 ++ .../qwebenginepage/tst_qwebenginepage.cpp | 65 +++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 95a49f40a9f..83f68b68db1 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -225,6 +225,11 @@ void WebContentsDelegateQt::AddNewContents(content::WebContents* source, std::un { Q_UNUSED(source) QSharedPointer newAdapter = createWindow(std::move(new_contents), disposition, initial_pos, user_gesture); + // Chromium can forget to pass user-agent override settings to new windows (see QTBUG-61774 and QTBUG-76249), + // so set it here. Note the actual value doesn't really matter here. Only the second value does, but we try + // to give the correct user-agent anyway. + if (newAdapter) + newAdapter->webContents()->SetUserAgentOverride(newAdapter->profileAdapter()->httpUserAgent().toStdString(), true); if (newAdapter && !newAdapter->isInitialized()) newAdapter->loadDefault(); if (was_blocked) diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp index d73c8e80ac7..bfe94ba4ed9 100644 --- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp +++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp @@ -231,6 +231,8 @@ private Q_SLOTS: void editActionsWithInitialFocus(); void editActionsWithFocusOnIframe(); + void customUserAgentInNewTab(); + private: static QPoint elementCenter(QWebEnginePage *page, const QString &id); @@ -4594,6 +4596,69 @@ void tst_QWebEnginePage::editActionsWithFocusOnIframe() QCOMPARE(page->selectedText(), QStringLiteral("inner")); } +void tst_QWebEnginePage::customUserAgentInNewTab() +{ + HttpServer server; + QByteArray lastUserAgent; + connect(&server, &HttpServer::newRequest, [&](HttpReqRep *rr) { + QCOMPARE(rr->requestMethod(), "GET"); + lastUserAgent = rr->requestHeader("user-agent"); + rr->setResponseBody(QByteArrayLiteral("Test")); + rr->sendResponse(); + }); + QVERIFY(server.start()); + + class Page : public QWebEnginePage { + public: + QWebEngineProfile *targetProfile = nullptr; + QScopedPointer newPage; + Page(QWebEngineProfile *profile) : QWebEnginePage(profile) {} + private: + QWebEnginePage *createWindow(WebWindowType) override + { + newPage.reset(new QWebEnginePage(targetProfile ? targetProfile : profile(), nullptr)); + return newPage.data(); + } + }; + QWebEngineProfile profile1, profile2; + profile1.setHttpUserAgent(QStringLiteral("custom 1")); + profile2.setHttpUserAgent(QStringLiteral("custom 2")); + Page page(&profile1); + QWebEngineView view; + view.resize(500, 500); + view.setPage(&page); + view.show(); + QVERIFY(QTest::qWaitForWindowExposed(&view)); + QSignalSpy spy(&page, &QWebEnginePage::loadFinished); + + // First check we can get the user-agent passed through normally + page.setHtml(QString("link")); + QTRY_COMPARE(spy.count(), 1); + QVERIFY(spy.takeFirst().value(0).toBool()); + QCOMPARE(evaluateJavaScriptSync(&page, QStringLiteral("navigator.userAgent")).toString(), profile1.httpUserAgent()); + QTest::mouseClick(view.focusProxy(), Qt::LeftButton, 0, elementCenter(&page, "link")); + QTRY_VERIFY(page.newPage); + QTRY_VERIFY(!lastUserAgent.isEmpty()); + QCOMPARE(lastUserAgent, profile1.httpUserAgent().toUtf8()); + + // Now check we can get the new user-agent of the profile + page.newPage.reset(); + page.targetProfile = &profile2; + spy.clear(); + lastUserAgent = { }; + page.setHtml(QString("link")); + QTRY_COMPARE(spy.count(), 1); + QVERIFY(spy.takeFirst().value(0).toBool()); + QTest::mouseClick(view.focusProxy(), Qt::LeftButton, 0, elementCenter(&page, "link")); + QTRY_VERIFY(page.newPage); + QTRY_VERIFY(!lastUserAgent.isEmpty()); + QCOMPARE(lastUserAgent, profile2.httpUserAgent().toUtf8()); +} + static QByteArrayList params = {QByteArrayLiteral("--use-fake-device-for-media-stream")}; W_QTEST_MAIN(tst_QWebEnginePage, params) From 1f02df146c30adab0a9dffa0587afde1aa6a48b9 Mon Sep 17 00:00:00 2001 From: Frederik Gladhorn Date: Mon, 1 Jul 2019 16:02:44 +0200 Subject: [PATCH 032/112] Bump version Change-Id: I1911b4094df4622a67eaeb9c638efc20cbf1a8b3 --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 18329bbf84a..65f02f1b4eb 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.4 +MODULE_VERSION = 5.12.5 From 16a6b2dc39f0022cddbc9be48a0ae8564f7a53a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Wed, 3 Jul 2019 11:53:07 +0200 Subject: [PATCH 033/112] Unset global share context pointer on deletion Fixes: QTBUG-76828 Change-Id: I43eae3c04a23abe118f51c69742772ddb38646f0 Reviewed-by: Allan Sandfeld Jensen --- src/core/api/qtwebenginecoreglobal.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/api/qtwebenginecoreglobal.cpp b/src/core/api/qtwebenginecoreglobal.cpp index a415ade92a4..5a634641b23 100644 --- a/src/core/api/qtwebenginecoreglobal.cpp +++ b/src/core/api/qtwebenginecoreglobal.cpp @@ -79,6 +79,8 @@ static QOpenGLContext *shareContext; static void deleteShareContext() { + if (qt_gl_global_share_context() == shareContext) + qt_gl_set_global_share_context(nullptr); delete shareContext; shareContext = 0; } From fafc387a32ac4b06709c0845c7f4cfd5164c1206 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Wed, 3 Jul 2019 08:56:39 +0200 Subject: [PATCH 034/112] Bump timeout in tst_InspectorServer::openRemoteDebuggingSession Flaky on Windows 10. Change-Id: Idaf73ccaf29831010e84397ae722dbe54a2de9bb Reviewed-by: Allan Sandfeld Jensen --- tests/auto/quick/inspectorserver/tst_inspectorserver.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/auto/quick/inspectorserver/tst_inspectorserver.cpp b/tests/auto/quick/inspectorserver/tst_inspectorserver.cpp index 8e23e86e853..922c7769e93 100644 --- a/tests/auto/quick/inspectorserver/tst_inspectorserver.cpp +++ b/tests/auto/quick/inspectorserver/tst_inspectorserver.cpp @@ -167,7 +167,7 @@ void tst_InspectorServer::openRemoteDebuggingSession() // - The page list didn't return a valid inspector URL // - Or the front-end couldn't be loaded through the inspector HTTP server // - Or the web socket connection couldn't be established between the front-end and the page through the inspector server - QTRY_VERIFY(inspectorWebView->title().startsWith("DevTools -")); + QTRY_VERIFY_WITH_TIMEOUT(inspectorWebView->title().startsWith("DevTools -"), 20000); } QTEST_MAIN(tst_InspectorServer) From 9bf361eddea701a65ea2a26f3d598ec4d4a6e22c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Mon, 8 Jul 2019 10:01:16 +0200 Subject: [PATCH 035/112] Un-blacklist some passing tests Remove from the blacklist some tests which, according to Grafana, have had no failures in the last 90 days on 5.12 branch. Change-Id: I3f174c82b5644d74b70fffa3856ae79f8c9893f8 Reviewed-by: Allan Sandfeld Jensen --- tests/auto/quick/qmltests/BLACKLIST | 9 --------- tests/auto/quick/qquickwebengineview/BLACKLIST | 11 ----------- tests/auto/widgets/qwebenginepage/BLACKLIST | 3 --- tests/auto/widgets/qwebengineview/BLACKLIST | 3 --- 4 files changed, 26 deletions(-) diff --git a/tests/auto/quick/qmltests/BLACKLIST b/tests/auto/quick/qmltests/BLACKLIST index dfafbaea456..083c1598404 100644 --- a/tests/auto/quick/qmltests/BLACKLIST +++ b/tests/auto/quick/qmltests/BLACKLIST @@ -1,9 +1,3 @@ -[WebViewGeopermission::test_deniedGeolocationByUser] -osx - -[WebViewGeopermission::test_geoPermissionRequest] -osx - [WebEngineViewSingleFileUpload::test_acceptDirectory] * @@ -13,8 +7,5 @@ osx [WebEngineViewSingleFileUpload::test_acceptSingleFileSelection] * -[WebViewFindText::test_findTextInterruptedByLoad] -* - [WebEngineViewSource::test_viewSourceURL] * diff --git a/tests/auto/quick/qquickwebengineview/BLACKLIST b/tests/auto/quick/qquickwebengineview/BLACKLIST index 76cb18c1e45..5f46fa47eb6 100644 --- a/tests/auto/quick/qquickwebengineview/BLACKLIST +++ b/tests/auto/quick/qquickwebengineview/BLACKLIST @@ -1,14 +1,3 @@ -[transparentWebEngineViews] -windows - -[inputEventForwardingDisabledWhenActiveFocusOnPressDisabled] -* - -[transparentWebEngineViews] -* - -[basicRenderingSanity] -* [javascriptClipboard:default] opensuse-leap [javascriptClipboard:canPaste] diff --git a/tests/auto/widgets/qwebenginepage/BLACKLIST b/tests/auto/widgets/qwebenginepage/BLACKLIST index 228efd61c6f..1453f6e958e 100644 --- a/tests/auto/widgets/qwebenginepage/BLACKLIST +++ b/tests/auto/widgets/qwebenginepage/BLACKLIST @@ -10,9 +10,6 @@ osx [mouseMovementProperties] windows -[getUserMediaRequest] -windows - [getUserMediaRequestDesktopVideoManyPages] windows diff --git a/tests/auto/widgets/qwebengineview/BLACKLIST b/tests/auto/widgets/qwebengineview/BLACKLIST index 7c86a72d681..9087067f550 100644 --- a/tests/auto/widgets/qwebengineview/BLACKLIST +++ b/tests/auto/widgets/qwebengineview/BLACKLIST @@ -1,6 +1,3 @@ -[doNotSendMouseKeyboardEventsWhenDisabled] -windows - [microFocusCoordinates] osx From d3915634c392f8a350e5ef112f740d4d353daaac Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Wed, 3 Jul 2019 18:36:40 +0200 Subject: [PATCH 036/112] Fully setup replaced QMouseDblClickEvent with source and flags Not fully preserving properties causes event to not be considered synthesized by system and be forwarded into chromium. Receiving one single press event and no release event confuses input event_handler and triggers infinite loop and renderer process crash for pages with multiple nested iframes. Fixes: QTBUG-62106 Change-Id: Iabb8bff78fc3475923b4aa3209b720453a5b6ce5 Reviewed-by: Alexandru Croitor --- .../render_widget_host_view_qt_delegate_widget.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp index 27adef919ee..18f1e97d00a 100644 --- a/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp +++ b/src/webenginewidgets/render_widget_host_view_qt_delegate_widget.cpp @@ -471,7 +471,7 @@ bool RenderWidgetHostViewQtDelegateWidget::event(QEvent *event) // where we can simply ignore the DblClick event. QMouseEvent *dblClick = static_cast(event); QMouseEvent press(QEvent::MouseButtonPress, dblClick->localPos(), dblClick->windowPos(), dblClick->screenPos(), - dblClick->button(), dblClick->buttons(), dblClick->modifiers()); + dblClick->button(), dblClick->buttons(), dblClick->modifiers(), dblClick->source()); press.setTimestamp(dblClick->timestamp()); handled = m_client->forwardEvent(&press); } else From d35cd072c3f56aa285871a151adc30d9d81f3ea3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Tue, 9 Jul 2019 10:41:01 +0200 Subject: [PATCH 037/112] Wait for SelectAll to be enabled in tst_QWebEnginePage::findText Fixes flaky m_view->hasSelection() assertion. Change-Id: Idba17916c38ac76b8002e30bab08d7f9e1064b2a Reviewed-by: Kirill Burtsev Reviewed-by: Peter Varga --- tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp index bfe94ba4ed9..f27dae3c791 100644 --- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp +++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp @@ -1807,6 +1807,7 @@ void tst_QWebEnginePage::findText() QTRY_COMPARE(loadSpy.count(), 1); // Select whole page contents. + QTRY_VERIFY(m_view->page()->action(QWebEnginePage::SelectAll)->isEnabled()); m_view->page()->triggerAction(QWebEnginePage::SelectAll); QTRY_COMPARE(m_view->hasSelection(), true); From bb2a0bbd71019c44a38ba8608f8a7b3cd2106f7e Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Fri, 12 Jul 2019 11:17:40 +0200 Subject: [PATCH 038/112] Fix detection of ozone x11 support Fixes: QTBUG-77011 Change-Id: I0136b360c74970b912124f6f308f598c80eceba3 Reviewed-by: Allan Sandfeld Jensen --- mkspecs/features/configure.prf | 10 +++------- mkspecs/features/functions.prf | 8 -------- src/core/config/linux.pri | 2 +- src/core/configure.json | 20 ++++++++++++++++++-- src/core/core_chromium.pri | 2 +- src/core/ozone/surface_factory_qt.cpp | 4 ++-- 6 files changed, 25 insertions(+), 21 deletions(-) diff --git a/mkspecs/features/configure.prf b/mkspecs/features/configure.prf index 42e5b40c98d..e407ede1763 100644 --- a/mkspecs/features/configure.prf +++ b/mkspecs/features/configure.prf @@ -94,13 +94,9 @@ defineTest(runConfigure) { } } - !qtConfig(webengine-embedded-build): qtConfig(xcb) { - for(package, $$list("libdrm xcomposite xcursor xi xtst")) { - !qtConfig(webengine-system-$$package) { - skipBuild("A suitable version of $$package could not be found.") - return(false) - } - } + !qtConfig(webengine-embedded-build): qtConfig(xcb) : !qtConfig(webengine-ozone-x11) { + skipBuild("Could not find all necessary libraries for qpa-xcb support") + return(false) } } } diff --git a/mkspecs/features/functions.prf b/mkspecs/features/functions.prf index 9efa8958f9c..d3eda85b2d5 100644 --- a/mkspecs/features/functions.prf +++ b/mkspecs/features/functions.prf @@ -121,11 +121,3 @@ defineReplace(pkgConfigHostExecutable) { return($$system_quote($$system_path($$wrapper_name))) } -defineTest(hasX11Dependencies) { - for(package, $$list("libdrm xcomposite xcursor xi xtst")) { - !qtConfig(webengine-system-$$package) { - return(false) - } - } - return(true) -} diff --git a/src/core/config/linux.pri b/src/core/config/linux.pri index e75764239fc..eaecab3c99c 100644 --- a/src/core/config/linux.pri +++ b/src/core/config/linux.pri @@ -175,7 +175,7 @@ host_build { } !packagesExist(libpci): gn_args += use_libpci=false - qtConfig(webengine-system-x11): hasX11Dependencies() { + qtConfig(webengine-ozone-x11) { gn_args += ozone_platform_x11=true packagesExist(xscrnsaver): gn_args += use_xscrnsaver=true } diff --git a/src/core/configure.json b/src/core/configure.json index 6dccd164492..9e4eb62acef 100644 --- a/src/core/configure.json +++ b/src/core/configure.json @@ -642,6 +642,17 @@ "condition": "config.unix && libs.webengine-x11", "output": [ "privateFeature" ] }, + "webengine-ozone-x11" : { + "label": "Support qpa-xcb", + "condition": "config.unix + && features.webengine-system-x11 + && features.webengine-system-libdrm + && features.webengine-system-xcomposite + && features.webengine-system-xcursor + && features.webengine-system-xi + && features.webengine-system-xtst", + "output": [ "privateFeature" ] + }, "webengine-sanitizer" : { "label": "Sanitizer", "autoDetect": "config.sanitizer && tests.webengine-sanitizer", @@ -730,6 +741,11 @@ "webengine-webchannel", "webengine-v8-snapshot", "webengine-kerberos", + { + "type": "feature", + "args": "webengine-ozone-x11", + "condition": "config.unix" + }, { "type": "feature", "args": "webengine-v8-snapshot-support", @@ -802,8 +818,7 @@ "webengine-system-png", "webengine-system-jpeg", "webengine-system-harfbuzz", - "webengine-system-freetype", - "webengine-system-x11" + "webengine-system-freetype" ] }, { @@ -821,6 +836,7 @@ "section": "Required system libraries for qpa-xcb", "condition": "config.unix && !config.macos", "entries": [ + "webengine-system-x11", "webengine-system-libdrm", "webengine-system-xcomposite", "webengine-system-xcursor", diff --git a/src/core/core_chromium.pri b/src/core/core_chromium.pri index 60eaf1f0690..5566dbef7b5 100644 --- a/src/core/core_chromium.pri +++ b/src/core/core_chromium.pri @@ -219,7 +219,7 @@ HEADERS = \ web_event_factory.h -qtConfig(webengine-system-x11): hasX11Dependencies() { +qtConfig(webengine-ozone-x11) { HEADERS += ozone/gl_ozone_glx_qt.h \ ozone/gl_surface_glx_qt.h SOURCES += ozone/gl_surface_glx_qt.cpp \ diff --git a/src/core/ozone/surface_factory_qt.cpp b/src/core/ozone/surface_factory_qt.cpp index 9570852c97a..f69520b70ac 100644 --- a/src/core/ozone/surface_factory_qt.cpp +++ b/src/core/ozone/surface_factory_qt.cpp @@ -41,7 +41,7 @@ #include "qtwebenginecoreglobal_p.h" #include "gl_context_qt.h" #include "gl_ozone_egl_qt.h" -#if QT_CONFIG(webengine_system_x11) +#if QT_CONFIG(webengine_ozone_x11) #include "gl_ozone_glx_qt.h" #endif @@ -58,7 +58,7 @@ namespace QtWebEngineCore { SurfaceFactoryQt::SurfaceFactoryQt() { Q_ASSERT(qApp); -#if QT_CONFIG(webengine_system_x11) +#if QT_CONFIG(webengine_ozone_x11) if (GLContextHelper::getGlXConfig()) { m_impl = gl::kGLImplementationDesktopGL; m_ozone.reset(new ui::GLOzoneGLXQt()); From ddcd947cd36ee282bf8ba4581fcf622c1b589df4 Mon Sep 17 00:00:00 2001 From: Leena Miettinen Date: Fri, 12 Jul 2019 14:26:31 +0200 Subject: [PATCH 039/112] Doc: Update requirements for building on Windows Visual Studio 2017 version 15.8 or later is now required. Task-number: QTBUG-76606 Change-Id: Ib115336acc341d799c7ff0f08e89abc56bc6c6d9 Reviewed-by: Kai Koehne --- src/webengine/doc/src/qtwebengine-platform-notes.qdoc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/webengine/doc/src/qtwebengine-platform-notes.qdoc b/src/webengine/doc/src/qtwebengine-platform-notes.qdoc index fefb477954e..5b7d750ffbb 100644 --- a/src/webengine/doc/src/qtwebengine-platform-notes.qdoc +++ b/src/webengine/doc/src/qtwebengine-platform-notes.qdoc @@ -69,7 +69,12 @@ \section2 Windows - On Windows, Visual Studio 2017 and Windows 10 SDK are required. + On Windows, the following additional tools are required: + + \list + \li Visual Studio 2017 version 15.8 or later + \li Windows 10 SDK + \endlist \QWE can only be built on 64-bit Windows, with a x64-bit toolchain. For building \QWE for x86 applications, you need to configure From 2a0677ec1d3f9e849eb61ec99c5682cf0b87f4b9 Mon Sep 17 00:00:00 2001 From: Alexandru Croitor Date: Fri, 12 Jul 2019 14:16:16 +0200 Subject: [PATCH 040/112] If Qt is configured with ccache feature pass that along to GN This will set the cc_wrapper to ccache when running GN, which in turn will prefix all compiler calls with ccache. This allows a nice way of using ccache and icecream on macOS. Change-Id: I19ca1261aa8ebc4aaf7f8c34b3cb363baa29de01 Reviewed-by: Allan Sandfeld Jensen --- src/core/config/common.pri | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/core/config/common.pri b/src/core/config/common.pri index c8c3d55f6ed..42cf445dff3 100644 --- a/src/core/config/common.pri +++ b/src/core/config/common.pri @@ -114,3 +114,7 @@ qtConfig(webengine-kerberos) { } !msvc: gn_args += enable_iterator_debugging=false + +ccache { + gn_args += cc_wrapper=\"ccache\" +} From 49d4da10920abbe46931e163e3b3d98614cad584 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Tue, 9 Jul 2019 13:05:06 +0200 Subject: [PATCH 041/112] Make enabling full debug information easier Avoids asking customers to edit source files or add CONFIG to qmake on the command line to enable full debug information. Change-Id: Id58388565df88442e74e02687eb3189136e998f3 Reviewed-by: Alexandru Croitor --- src/core/configure.json | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/core/configure.json b/src/core/configure.json index 9e4eb62acef..b9c92044434 100644 --- a/src/core/configure.json +++ b/src/core/configure.json @@ -11,6 +11,7 @@ "options": { "webengine-alsa": "boolean", "webengine-embedded-build": "boolean", + "webengine-full-debug-info": "boolean", "webengine-icu": { "type": "enum", "name": "webengine-system-icu", "values": { "system": "yes", "qt": "no" } }, "webengine-ffmpeg": { "type": "enum", "name": "webengine-system-ffmpeg", "values": { "system": "yes", "qt": "no" } }, "webengine-opus": { "type": "enum", "name": "webengine-system-opus", "values": { "system": "yes", "qt": "no" } }, @@ -675,6 +676,16 @@ "condition": "config.linux && features.webengine-embedded-build && arch.arm && tests.webengine-arm-thumb", "output": [ "privateFeature" ] }, + "webengine-full-debug-info": { + "label": "Full debug information", + "purpose": "Enables debug information for Blink and V8.", + "autoDetect": false, + "condition": "config.debug || features.debug_and_release || features.force_debug_info", + "output": [ + { "type": "privateConfig", "name": "v8base_debug" }, + { "type": "privateConfig", "name": "webcore_debug" } + ] + }, "webengine-noexecstack": { "label": "linker supports -z noexecstack", "condition": "config.unix && tests.webengine-noexecstack", @@ -730,6 +741,7 @@ "section": "Qt WebEngine", "entries": [ "webengine-embedded-build", + "webengine-full-debug-info", "webengine-pepper-plugins", "webengine-printing-and-pdf", "webengine-proprietary-codecs", From a2e47fa8c90be25407268434f60114892c9e500a Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Wed, 19 Jun 2019 11:26:42 +0200 Subject: [PATCH 042/112] Do not proceed with uninitialized resources QRC files can be optimized with CONFIG+=qtquickcompiler and removed, in that case 'size' of resource is zero. Do not process 'empty' resources. Throw warning. Fixes: QTBUG-76403 Change-Id: If21ff698e7985f82e6456500d4d24cb366cff012 Reviewed-by: Kai Koehne --- src/core/net/url_request_qrc_job_qt.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/core/net/url_request_qrc_job_qt.cpp b/src/core/net/url_request_qrc_job_qt.cpp index a2712653dde..4ac45e7c8bf 100644 --- a/src/core/net/url_request_qrc_job_qt.cpp +++ b/src/core/net/url_request_qrc_job_qt.cpp @@ -120,14 +120,14 @@ void URLRequestQrcJobQt::startGetHead() QMimeType mimeType = mimeDatabase.mimeTypeForFile(qrcFileInfo); m_mimeType = mimeType.name().toStdString(); // Open file - if (m_file.open(QIODevice::ReadOnly)) { + if (m_file.open(QIODevice::ReadOnly) && m_file.size() > 0) { m_remainingBytes = m_file.size(); set_expected_content_size(m_remainingBytes); // Notify that the headers are complete NotifyHeadersComplete(); - } else { - NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, ERR_INVALID_URL)); + return; } + qWarning("Resource %s not found or is empty", qUtf8Printable(qrcFilePath)); + NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, ERR_INVALID_URL)); } - } // namespace QtWebEngineCore From b7054e3dc8cbe3dc4583dd75463aac11142d5643 Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Thu, 11 Jul 2019 16:23:49 +0200 Subject: [PATCH 043/112] Fix spellcheck test flaky failure with misspelled word missing Work is done asynchronously by chromium SpellChecker object. Therefore there is no guarantee that on ShowContextMenu event for WebContents there will be a result with misspelled word. Change-Id: I2978ed99e4c14f0a7d9086853c5218f82ea1ab60 Reviewed-by: Michal Klocek --- .../spellchecking/tst_spellchecking.cpp | 43 +++++++++++++++---- 1 file changed, 35 insertions(+), 8 deletions(-) diff --git a/tests/auto/widgets/spellchecking/tst_spellchecking.cpp b/tests/auto/widgets/spellchecking/tst_spellchecking.cpp index b6582083dd4..d02fc78b9eb 100644 --- a/tests/auto/widgets/spellchecking/tst_spellchecking.cpp +++ b/tests/auto/widgets/spellchecking/tst_spellchecking.cpp @@ -174,14 +174,41 @@ void tst_Spellchecking::spellcheck() QString result = evaluateJavaScriptSync(m_view->page(), "text();").toString(); QVERIFY(result == text); - // open menu on misspelled word - m_view->activateMenu(m_view->focusWidget(), rect.center()); - QSignalSpy spyMenuReady(m_view, &WebView::menuReady); - QVERIFY(spyMenuReady.wait()); - - // check if menu is valid - QVERIFY(m_view->data().isValid()); - QVERIFY(m_view->data().isContentEditable()); + bool gotMisspelledWord = false; // clumsy QTRY_VERIFY still execs expr after first success + QString detail; + + // check that spellchecker has done text processing and filled misspelled word + QTRY_VERIFY2([&] () { + detail.clear(); + if (gotMisspelledWord) + return true; + + // open menu on misspelled word + m_view->activateMenu(m_view->focusWidget(), rect.center()); + QSignalSpy spyMenuReady(m_view, &WebView::menuReady); + if (!spyMenuReady.wait()) { + detail = "menu was not shown"; + return false; + } + + if (!m_view->data().isValid()) { + detail = "invalid data"; + return false; + } + + if (!m_view->data().isContentEditable()) { + detail = "content is not editable"; + return false; + } + + if (m_view->data().misspelledWord().isEmpty()) { + detail = "no misspelled word"; + return false; + }; + + gotMisspelledWord = true; + return true; + } (), qPrintable(QString("Context menu: %1").arg(detail))); // check misspelled word QCOMPARE(m_view->data().misspelledWord(), QStringLiteral("lowe")); From fef43d7b6fad44f9ee3de12ea49cc418245b1844 Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Fri, 12 Jul 2019 11:14:07 +0200 Subject: [PATCH 044/112] Fix quick dialog test wrong message on view's LoadStatus changed Change-Id: Ic8eb671409794799bcdad4760dc58e84de3b109f Reviewed-by: Michal Klocek --- tests/auto/quick/dialogs/WebView.qml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/auto/quick/dialogs/WebView.qml b/tests/auto/quick/dialogs/WebView.qml index 4f8b7a0ce52..01f4ac2974c 100644 --- a/tests/auto/quick/dialogs/WebView.qml +++ b/tests/auto/quick/dialogs/WebView.qml @@ -56,11 +56,12 @@ Window { WebEngineView { id: view anchors.fill: parent - onLoadingChanged: function(reqeust) { - if (reqeust.status === WebEngineView.LoadSucceededStatus) { + onLoadingChanged: function(request) { + if (request.status === WebEngineView.LoadSucceededStatus) { handler.ready = true - } else { - console.log("Wooohooo loading page from qrc failed !") + } else if (request.status === WebEngineView.LoadFailedStatus) { + console.log("Page was not successfully loaded from qrc! Status: " + request.status + + ", error [code: " + request.errorCode + "]: '" + request.errorString + "'") } } From 73daf5b669c943d3c7a765533c5b5d61c380a576 Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Fri, 12 Jul 2019 11:23:17 +0200 Subject: [PATCH 045/112] Remove qt.io load from findTextInterruptedByLoad and ensure checks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Load of real website is not really needed, simple html is enough to verify that on load no findText callback is executed from previous query. Ensure callback is not called with timeout and additional check inside it to verify that it's not called twise. Task-number: QTBUG-75541 Change-Id: Iebf207e40d8f4d4f680b46bb0f32480edd72f36d Reviewed-by: Jüri Valdmann Reviewed-by: Peter Varga --- .../auto/quick/qmltests/data/tst_findText.qml | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/tests/auto/quick/qmltests/data/tst_findText.qml b/tests/auto/quick/qmltests/data/tst_findText.qml index dfcfd586f9d..9687d918373 100644 --- a/tests/auto/quick/qmltests/data/tst_findText.qml +++ b/tests/auto/quick/qmltests/data/tst_findText.qml @@ -43,13 +43,21 @@ TestWebEngineView { matchCount = -1 } + function findCallbackCalled() { return matchCount != -1 } + function findTextCallback(matchCount) { + // If this starts to fail then either clear was not called before findText + // or unexpected callback was triggered from some search. + // On c++ side callback id can be checked to verify + testcase.verify(!findCallbackCalled(), 'Unexpected callback call or uncleared state before findText call!') + webEngineView.matchCount = matchCount findFailed = matchCount == 0 } TestCase { + id: testcase name: "WebViewFindText" function getBodyInnerHTML() { @@ -207,13 +215,13 @@ TestWebEngineView { webEngineView.findText("hello", findFlags, webEngineView.findTextCallback); // This should not crash. - webEngineView.url = "https://www.qt.io/"; - if (!webEngineView.waitForLoadSucceeded(12000)) - skip("Couldn't load page from network, skipping test."); + webEngineView.loadHtml("New page with same hello text") + verify(webEngineView.waitForLoadSucceeded()) // The callback is not supposed to be called, see QTBUG-61506. - // Check whether the callback was called (-1 = no, other values = yes). - tryVerify(function() { return webEngineView.matchCount == -1; }, 20000); + expectFailContinue('', 'No unexpected findText callback calls occurred.') + tryVerify(function() { return webEngineView.findCallbackCalled() }) + verify(!webEngineView.findCallbackCalled()) } } } From b4589db4c7cb10cb55b38bab00d80eb1290312b1 Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Mon, 15 Jul 2019 13:03:14 +0200 Subject: [PATCH 046/112] Reset findText reply id on StopFinding to prevent callback later Not updating lastReceivedFindReply caused next findText call after StopFinding to trigger redundant callback call on checking stale query. Fixes: QTBUG-77029 Change-Id: Iad4b71364ecb3ec3db3096b739e77620d12731f9 Reviewed-by: Peter Varga --- src/core/web_contents_adapter.cpp | 2 ++ src/core/web_contents_delegate_qt.cpp | 2 +- src/core/web_contents_delegate_qt.h | 1 + tests/auto/quick/qmltests/data/tst_findText.qml | 4 ++++ 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/core/web_contents_adapter.cpp b/src/core/web_contents_adapter.cpp index 567a76637a2..a342ba30294 100644 --- a/src/core/web_contents_adapter.cpp +++ b/src/core/web_contents_adapter.cpp @@ -987,6 +987,7 @@ quint64 WebContentsAdapter::findText(const QString &subString, bool caseSensitiv // waiting for it forever. // Assume that any unfinished find has been unsuccessful when a new one is started // to cover that case. + m_webContentsDelegate->setLastReceivedFindReply(m_lastFindRequestId); m_adapterClient->didFindText(m_lastFindRequestId, 0); } @@ -1007,6 +1008,7 @@ quint64 WebContentsAdapter::findText(const QString &subString, bool caseSensitiv void WebContentsAdapter::stopFinding() { CHECK_INITIALIZED(); + m_webContentsDelegate->setLastReceivedFindReply(m_lastFindRequestId); m_webContentsDelegate->setLastSearchedString(QString()); m_webContents->StopFinding(content::STOP_FIND_ACTION_KEEP_SELECTION); } diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 83f68b68db1..20de0546f5b 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -510,7 +510,7 @@ void WebContentsDelegateQt::FindReply(content::WebContents *source, int request_ Q_UNUSED(source) Q_UNUSED(selection_rect) Q_UNUSED(active_match_ordinal) - if (final_update) { + if (final_update && request_id > m_lastReceivedFindReply) { m_lastReceivedFindReply = request_id; m_viewClient->didFindText(request_id, number_of_matches); } diff --git a/src/core/web_contents_delegate_qt.h b/src/core/web_contents_delegate_qt.h index 27aac207123..b88b56dc117 100644 --- a/src/core/web_contents_delegate_qt.h +++ b/src/core/web_contents_delegate_qt.h @@ -114,6 +114,7 @@ class WebContentsDelegateQt : public content::WebContentsDelegate QString lastSearchedString() const { return m_lastSearchedString; } void setLastSearchedString(const QString &s) { m_lastSearchedString = s; } int lastReceivedFindReply() const { return m_lastReceivedFindReply; } + void setLastReceivedFindReply(int id) { m_lastReceivedFindReply = id; } QUrl url() const { return m_url; } QString title() const { return m_title; } diff --git a/tests/auto/quick/qmltests/data/tst_findText.qml b/tests/auto/quick/qmltests/data/tst_findText.qml index 9687d918373..93aa48365de 100644 --- a/tests/auto/quick/qmltests/data/tst_findText.qml +++ b/tests/auto/quick/qmltests/data/tst_findText.qml @@ -222,6 +222,10 @@ TestWebEngineView { expectFailContinue('', 'No unexpected findText callback calls occurred.') tryVerify(function() { return webEngineView.findCallbackCalled() }) verify(!webEngineView.findCallbackCalled()) + + webEngineView.clear(); + webEngineView.findText('New page', findFlags, webEngineView.findTextCallback) + tryCompare(webEngineView, 'matchCount', 1) } } } From 662de14ceecee701b31478849ae147c70f3fe00f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Wed, 17 Jul 2019 13:16:23 +0200 Subject: [PATCH 047/112] Fix use-after-free in WebContentsAdapter::load Pass WebContentsAdapter pointer to lambda via QWeakPointer in case the adapter has been deleted already. Fixes: QTBUG-76958 Change-Id: I1962ba3dd1794a27e7013a2ad1b729fe7a08c079 Reviewed-by: Allan Sandfeld Jensen --- src/core/web_contents_adapter.cpp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/core/web_contents_adapter.cpp b/src/core/web_contents_adapter.cpp index a342ba30294..f74f16bc3c9 100644 --- a/src/core/web_contents_adapter.cpp +++ b/src/core/web_contents_adapter.cpp @@ -653,19 +653,23 @@ void WebContentsAdapter::load(const QWebEngineHttpRequest &request) } } - auto navigate = [](WebContentsAdapter *adapter, const content::NavigationController::LoadURLParams ¶ms) { + auto navigate = [](QWeakPointer weakAdapter, const content::NavigationController::LoadURLParams ¶ms) { + WebContentsAdapter *adapter = weakAdapter.data(); + if (!adapter) + return; adapter->webContents()->GetController().LoadURLWithParams(params); // Follow chrome::Navigate and invalidate the URL immediately. adapter->m_webContentsDelegate->NavigationStateChanged(adapter->webContents(), content::INVALIDATE_TYPE_URL); adapter->focusIfNecessary(); }; + QWeakPointer weakThis(sharedFromThis()); if (resizeNeeded) { // Schedule navigation on the event loop. content::BrowserThread::PostTask( - content::BrowserThread::UI, FROM_HERE, base::BindOnce(navigate, this, std::move(params))); + content::BrowserThread::UI, FROM_HERE, base::BindOnce(navigate, std::move(weakThis), std::move(params))); } else { - navigate(this, params); + navigate(std::move(weakThis), params); } } From 002e47692b071400e8917a1604b37039860f86c2 Mon Sep 17 00:00:00 2001 From: Leena Miettinen Date: Thu, 11 Jul 2019 11:47:30 +0200 Subject: [PATCH 048/112] Doc: Edit docs on script injection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Task-number: QTBUG-76489 Change-Id: If489ebed802d273b0015bc6cfc190d948c4896e3 Reviewed-by: Jüri Valdmann --- src/webengine/doc/src/webengineview_lgpl.qdoc | 5 +++-- src/webenginewidgets/api/qwebenginepage.cpp | 2 +- .../api/qwebengineprofile.cpp | 3 ++- src/webenginewidgets/api/qwebenginescript.cpp | 2 ++ .../api/qwebenginescriptcollection.cpp | 2 ++ .../doc/src/qwebenginepage_lgpl.qdoc | 19 +++++++++++-------- 6 files changed, 21 insertions(+), 12 deletions(-) diff --git a/src/webengine/doc/src/webengineview_lgpl.qdoc b/src/webengine/doc/src/webengineview_lgpl.qdoc index d790cccea93..6194a800ed4 100644 --- a/src/webengine/doc/src/webengineview_lgpl.qdoc +++ b/src/webengine/doc/src/webengineview_lgpl.qdoc @@ -396,7 +396,7 @@ runJavaScript("document.title", function(result) { console.log(result); }); \endcode - Only "plain data" can be returned from JavaScript as the result value. + Only plain data can be returned from JavaScript as the result value. Supported data types include all of the JSON data types as well as, for example, \c{Date} and \c{ArrayBuffer}. Unsupported data types include, for example, \c{Function} and \c{Promise}. @@ -407,7 +407,8 @@ \warning Do not execute lengthy routines in the callback function, because it might block the rendering of the web content. - See WebEngineView::userScripts for an alternative API to inject scripts. + For more information about injecting scripts, see \l {Script Injection}. + For an alternative way to inject scripts, see WebEngineView::userScripts. */ /*! diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index 78b89a53c0f..055047341da 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -2183,7 +2183,7 @@ void QWebEnginePage::runJavaScript(const QString& scriptSource, quint32 worldId, In addition, a page might also execute scripts added through QWebEngineProfile::scripts(). - \sa QWebEngineScriptCollection, QWebEngineScript + \sa QWebEngineScriptCollection, QWebEngineScript, {Script Injection} */ QWebEngineScriptCollection &QWebEnginePage::scripts() diff --git a/src/webenginewidgets/api/qwebengineprofile.cpp b/src/webenginewidgets/api/qwebengineprofile.cpp index c8aafa0e8c0..6644af3ffa8 100644 --- a/src/webenginewidgets/api/qwebengineprofile.cpp +++ b/src/webenginewidgets/api/qwebengineprofile.cpp @@ -593,7 +593,8 @@ bool QWebEngineProfile::visitedLinksContainsUrl(const QUrl &url) const Returns the collection of scripts that are injected into all pages that share this profile. - \sa QWebEngineScriptCollection, QWebEngineScript, QWebEnginePage::scripts() + \sa QWebEngineScriptCollection, QWebEngineScript, QWebEnginePage::scripts(), + {Script Injection} */ QWebEngineScriptCollection *QWebEngineProfile::scripts() const { diff --git a/src/webenginewidgets/api/qwebenginescript.cpp b/src/webenginewidgets/api/qwebenginescript.cpp index d1e996b3ac3..af6b9aa8d33 100644 --- a/src/webenginewidgets/api/qwebenginescript.cpp +++ b/src/webenginewidgets/api/qwebenginescript.cpp @@ -67,6 +67,8 @@ using QtWebEngineCore::UserScript; Use QWebEnginePage::scripts() and QWebEngineProfile::scripts() to access the collection of scripts associated with a single page or a number of pages sharing the same profile. + + \sa {Script Injection} */ /*! \enum QWebEngineScript::InjectionPoint diff --git a/src/webenginewidgets/api/qwebenginescriptcollection.cpp b/src/webenginewidgets/api/qwebenginescriptcollection.cpp index 5ef0ffd44cd..8cbeeb804cd 100644 --- a/src/webenginewidgets/api/qwebenginescriptcollection.cpp +++ b/src/webenginewidgets/api/qwebenginescriptcollection.cpp @@ -55,6 +55,8 @@ using QtWebEngineCore::UserScript; Use QWebEnginePage::scripts() and QWebEngineProfile::scripts() to access the collection of scripts associated with a single page or a number of pages sharing the same profile. + + \sa {Script Injection} */ /*! diff --git a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc index 15e57e90485..2bf4d041329 100644 --- a/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc +++ b/src/webenginewidgets/doc/src/qwebenginepage_lgpl.qdoc @@ -759,10 +759,15 @@ \fn void QWebEnginePage::runJavaScript(const QString &scriptSource, const QWebEngineCallback &resultCallback) \since 5.7 - Runs the JavaScript code contained in \a scriptSource in the world specified by \a worldId. - The world ID values are the same as provided by QWebEngineScript::ScriptWorldId, and between \c 0 - and \c 256. Using the \e runJavaScript() versions without the world ID is the same as running the - script in the \c MainWorld. + Runs the JavaScript code contained in \a scriptSource without checking + whether the DOM of the page has been constructed. If you need more + control over how the script is run, consider using \l scripts() instead. + + To avoid conflicts with other scripts executed on the page, the world in + which the script is run is specified by \a worldId. The world ID values are + the same as provided by QWebEngineScript::ScriptWorldId, and between \c 0 + and \c 256. If you leave out the \c world ID, the script is run in the + \c MainWorld. When the script has been executed, \a resultCallback is called with the result of the last executed statement. \c resultCallback can be any of a function pointer, a functor or a lambda, @@ -772,7 +777,7 @@ page.runJavaScript("document.title", [](const QVariant &v) { qDebug() << v.toString(); }); \endcode - Only "plain data" can be returned from JavaScript as the result value. + Only plain data can be returned from JavaScript as the result value. Supported data types include all of the JSON data types as well as, for example, \c{Date} and \c{ArrayBuffer}. Unsupported data types include, for example, \c{Function} and \c{Promise}. @@ -784,9 +789,7 @@ during page destruction. When QWebEnginePage is deleted, the callback is triggered with an invalid value and it is not safe to use the corresponding QWebEnginePage or QWebEngineView instance inside it. - See scripts() for an alternative API to inject scripts. - - \sa QWebEngineScript::ScriptWorldId + \sa scripts(), QWebEngineScript::ScriptWorldId, {Script Injection} */ /*! From 76a66c886156012ec85250904b64587960e733f3 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Mon, 22 Jul 2019 14:03:01 +0200 Subject: [PATCH 049/112] Update Chromium Pulls in following changes: * 0a0221c [Backport] CVE-2019-5839 * 3c46be6 [Backport] CVE-2019-5837 4/4 * c23cb87 [Backport] CVE-2019-5837 3/4 * f123d13 [Backport] CVE-2019-5837 2/4 * 10d98e6 [Backport] CVE-2019-5837 1/4 * 8ffc041 [Backport] CVE-2019-5832 * a97fa0a [Backport] CVE-2019-5831 * ec89d97 [Backport] CVE-2019-5829 * 2323dc9 Fix segfaults with arm 32bit on metrics * 6f3c15d Bump V8 patch level * e8eec84 Fix changing should_override_user_agent_in_new_tabs_ Task-number: QTBUG-76207 Change-Id: Ifc6b76ae4b253a7ea385398bfdc1bc0fcf699de7 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index bd792030e19..0a0221c488e 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit bd792030e194a0bcce4defbf2298041244b54121 +Subproject commit 0a0221c488ec808b850b66c849af1659d5ee2163 From 9dce1c5b12db094cdc469d7d68eb3124f9393dc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Mon, 22 Jul 2019 11:33:46 +0200 Subject: [PATCH 050/112] Fix use-after-free of HostResolver Create one HostResolver per profile to avoid use-after-free in NetworkHintsMessageFilter (5.12) or NetworkContext (5.13). Fixes: QTBUG-75884 Change-Id: Ic1a2973b4fb0aed6bd0fa1bb9a1d7c3012c30fe0 Reviewed-by: Allan Sandfeld Jensen --- src/core/profile_io_data_qt.cpp | 3 ++- src/core/profile_io_data_qt.h | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/core/profile_io_data_qt.cpp b/src/core/profile_io_data_qt.cpp index dd363f74dee..99a6f6db0bc 100644 --- a/src/core/profile_io_data_qt.cpp +++ b/src/core/profile_io_data_qt.cpp @@ -200,9 +200,11 @@ content::ResourceContext *ProfileIODataQt::resourceContext() void ProfileIODataQt::initializeOnIOThread() { m_networkDelegate.reset(new NetworkDelegateQt(this)); + m_hostResolver = net::HostResolver::CreateDefaultResolver(NULL); m_urlRequestContext.reset(new net::URLRequestContext()); m_urlRequestContext->set_network_delegate(m_networkDelegate.get()); m_urlRequestContext->set_enable_brotli(base::FeatureList::IsEnabled(features::kBrotliEncoding)); + m_urlRequestContext->set_host_resolver(m_hostResolver.get()); // this binds factory to io thread m_weakPtr = m_weakPtrFactory.GetWeakPtr(); QMutexLocker lock(&m_mutex); @@ -289,7 +291,6 @@ void ProfileIODataQt::generateStorage() ct_verifier->AddLogs(ct_logs); m_storage->set_cert_transparency_verifier(std::move(ct_verifier)); m_storage->set_ct_policy_enforcer(base::WrapUnique(new net::DefaultCTPolicyEnforcer())); - m_storage->set_host_resolver(net::HostResolver::CreateDefaultResolver(NULL)); m_storage->set_ssl_config_service(std::make_unique()); if (!m_httpAuthPreferences) { m_httpAuthPreferences.reset(new net::HttpAuthPreferences()); diff --git a/src/core/profile_io_data_qt.h b/src/core/profile_io_data_qt.h index 2d4706bf434..8ce6185b5ab 100644 --- a/src/core/profile_io_data_qt.h +++ b/src/core/profile_io_data_qt.h @@ -120,6 +120,7 @@ class ProfileIODataQt { std::unique_ptr m_httpAuthPreferences; std::unique_ptr m_jobFactory; std::unique_ptr m_transportSecurityPersister; + std::unique_ptr m_hostResolver; base::WeakPtr m_weakPtr; scoped_refptr m_cookieDelegate; content::URLRequestInterceptorScopedVector m_requestInterceptors; From c3c37b4e93a26748497bec1a0dc29b8358408157 Mon Sep 17 00:00:00 2001 From: Tamas Zakor Date: Thu, 11 Jul 2019 10:44:05 +0200 Subject: [PATCH 051/112] Fix tooltip text wrapping Also set the hiding delay to a reasonable time. Fixes: QTBUG-76122 Change-Id: Id971edbd9fb87cc96df53f73f2e7c61bde5855ef Reviewed-by: Allan Sandfeld Jensen --- src/webengine/ui/ToolTip.qml | 8 +++++--- src/webenginewidgets/api/qwebenginepage.cpp | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/webengine/ui/ToolTip.qml b/src/webengine/ui/ToolTip.qml index 96033e8f1be..2bfe9eaf5b6 100644 --- a/src/webengine/ui/ToolTip.qml +++ b/src/webengine/ui/ToolTip.qml @@ -47,8 +47,9 @@ Item { visible: false property alias text: toolTip.text - property int delayTimerInterval: 1000 - property int hideTimerInterval: 1500 + property int delayTimerInterval: 500 + property int hideTimerInterval: 10000 + property int toolTipMaxWidth: 400 Timer { id: delayTimer @@ -77,7 +78,8 @@ Item { Text { id: toolTip anchors {fill: parent; margins: 5} - wrapMode: Text.WrapAnywhere + wrapMode: Text.Wrap + width: Math.min(toolTipMaxWidth, (toolTip.text.length +1) * 8) } } diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index 055047341da..35fe542e875 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -1887,7 +1887,7 @@ void QWebEnginePagePrivate::setToolTip(const QString &toolTipText) } // Update tooltip if text was changed. - QString wrappedTip = QLatin1String("

") + QString wrappedTip = QLatin1String("

") % toolTipText.toHtmlEscaped().left(MaxTooltipLength) % QLatin1String("

"); if (view->toolTip() != wrappedTip) From b21d5123408a70496fb6e574fcbaace8453dea96 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 25 Jul 2019 10:23:54 +0200 Subject: [PATCH 052/112] Update Chromium Pulls in following changes: * c5c158eb [Backport] Security bug 958689 * a33c416a [Backport] Security bug 959193 1/2 * e339bd3a [Backport] Security bug 959193 2/2 * 44d5ec60 [Backport] Security bug 961597 * 33647d6f [Backport] Security bug 939644 * dd0c0a92 [Backport] Security bug 948228 Task-number: QTBUG-76207 Change-Id: I4ba94d0ee4fac31ea36688dcfa5d12905c9ec5f2 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 0a0221c488e..c5c158ebe75 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 0a0221c488ec808b850b66c849af1659d5ee2163 +Subproject commit c5c158ebe7553b461ea92225524bc2c18cef33f8 From 252c0a71c572aa0d33bdb0c159b9c25255836e82 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 25 Jul 2019 10:27:42 +0200 Subject: [PATCH 053/112] Update Chromium Pulls in following changes: * 7a9ec163 [Backport] Security bug 962083 * 7242b69e [Backport] Security bug 948944 * a0218a0c [Backport] Security bug 952849 * 3d7891fd [Backport] Security bug 956625 * 7b993cc6 [Backport] Security bug 958457 Task-number: QTBUG-76207 Change-Id: I5753e64d396098a481da8d06a47560e4ba46bfb1 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index c5c158ebe75..7a9ec163308 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit c5c158ebe7553b461ea92225524bc2c18cef33f8 +Subproject commit 7a9ec16330860e9baac40b9895d13e33b3bbc0b1 From a2c365cb1f22431845380159c29048da76c2b2a9 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 25 Jul 2019 14:47:39 +0200 Subject: [PATCH 054/112] Update Chromium Pulls in following changes: * f7765bc8 [Backport] Security bug 959518 * 3b775d71 [Backport] CVE-2019-5842 * 05e857bc [Backport] Security bug 934161 * a57309fa [Backport] Security bug 950005 * b0859392 [Backport] Security bug 948172 Task-number: QTBUG-76207 Change-Id: I54fb67a97564b24f34c58b93b048b347f01dc306 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 7a9ec163308..f7765bc8531 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 7a9ec16330860e9baac40b9895d13e33b3bbc0b1 +Subproject commit f7765bc85318b9f7cb8090b85d268238fa5a4cfa From 5c579b95c81388c9b596b209380a1a061718f5c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Wed, 21 Aug 2019 16:12:52 +0200 Subject: [PATCH 055/112] Update Chromium This pulls in the following changes: a90e18d2d30 [Backport] Security bug 983938 0699308555b [Backport] Security bug 976050 852040586ec [Backport] Security bug 983850 a9f2f201ec6 [Backport] Security bug 973893 4bc95ce8486 [Backport] Security bug 958717 456aa9409ea [Backport] CVE-2019-5856 8ad3193acea [Backport] CVE-2019-5852 c1a19035306 [Backport] CVE-2019-5854 de78692c035 [Backport] CVE-2019-5855 ac7d5d7df5a [Backport] CVE-2019-5851 81417ff67b7 [Backport] Critical security issue 977057 ffbd836a7c8 [Backport] CVE-2019-5857 6693cf14341 [Backport] CVE-2019-5860 134a78ac91b [Backport] Security bug 981602 e981e2326a8 [Backport] CVE-2019-5865 b814b7b7d71 [Backport] CVE-2019-5862 1/4 dbb531a8212 [Backport] CVE-2019-5862 2/4 8502a1f7be2 [Backport] CVE-2019-5862 3/4 b71efe4a834 [Backport] CVE-2019-5862 4/4 d377f182ec3 [Backport] CVE-2019-5861 1/2 e13a9847f21 [Backport] CVE-2019-5861 2/2 4d84676d74a [Backport] Security bug 974627 d0d509db8c7 [Backport] Security bug 961674 691d632f7af [Backport] Security bug 960785 bdb7acb5afd [Backport] Security bug 964002 6e2562dd1ef Fix build with recent linux kernel. 7a779d01607 Fix skcms build with avx Fixes: QTBUG-77402 Change-Id: Ib9fe63c806149c299714bb1f76e4adf2877389d5 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index f7765bc8531..7a779d01607 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit f7765bc85318b9f7cb8090b85d268238fa5a4cfa +Subproject commit 7a779d0160771dcf6b4a644bc11137753c25982c From c75c3670e44bb848b043918fb742a86e5fba780d Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Fri, 12 Jul 2019 13:14:13 +0200 Subject: [PATCH 056/112] Fix WebEngineView.findText with a callback doc parameter description Change-Id: I6415ccd9486433d6c449ea0d18b65f354e4bcd42 Reviewed-by: Leena Miettinen Reviewed-by: Peter Varga --- src/webengine/doc/src/webengineview_lgpl.qdoc | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/webengine/doc/src/webengineview_lgpl.qdoc b/src/webengine/doc/src/webengineview_lgpl.qdoc index 6194a800ed4..a4f07ddd94b 100644 --- a/src/webengine/doc/src/webengineview_lgpl.qdoc +++ b/src/webengine/doc/src/webengineview_lgpl.qdoc @@ -438,14 +438,13 @@ To clear the search highlight, just pass an empty string. - The \a resultCallback must take a boolean parameter. It will be called with - a value of true if the \a subString was found; otherwise the callback value - will be false. + The \a resultCallback must take an integer parameter. It will be called with + the number of found occurrences of the \a subString. \code - findText("Qt", WebEngineView.FindCaseSensitively, function(success) { - if (success) - console.log("Qt was found!"); + findText("Qt", WebEngineView.FindCaseSensitively, function(matchCount) { + if (matchCount > 0) + console.log("'Qt' tokens found:", matchCount); }); \endcode */ From dbc0d09be2bbc3dce01ace956f534c4012402fba Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Tue, 20 Aug 2019 13:16:25 +0300 Subject: [PATCH 057/112] Add changes file for Qt 5.12.5 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: I68aae7202d853802bd67bd11c41a037de93554b9 Reviewed-by: Jüri Valdmann --- dist/changes-5.12.5 | 80 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 dist/changes-5.12.5 diff --git a/dist/changes-5.12.5 b/dist/changes-5.12.5 new file mode 100644 index 00000000000..15f0bcde679 --- /dev/null +++ b/dist/changes-5.12.5 @@ -0,0 +1,80 @@ +Qt 5.12.5 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.4. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.5 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-62106] Fixed possible crash after rapid tapping. + - [QTBUG-75884] Fixed crash on setHttpUserAgent. + - [QTBUG-76249] Fixed user-agent on some new windows. + - [QTBUG-76268] Fixed tab key send on minimize. + - [QTBUG-76347] Fixed duplicate events being send from tablets. + - [QTBUG-76828] Clear shared context on exit. + - [QTBUG-76958] Fixed possible crash when loading in background. + +Chromium +-------- + + - Security fixes from Chromium up to version 76.0.3809.87, including: + + - CVE-2019-5829 + - CVE-2019-5831 + - CVE-2019-5832 + - CVE-2019-5837 + - CVE-2019-5839 + - CVE-2019-5842 + - CVE-2019-5851 + - CVE-2019-5852 + - CVE-2019-5854 + - CVE-2019-5855 + - CVE-2019-5856 + - CVE-2019-5857 + - CVE-2019-5860 + - CVE-2019-5861 + - CVE-2019-5862 + - CVE-2019-5865 + - Critical security issue 977057 + - Security bug 934161 + - Security bug 939644 + - Security bug 948172 + - Security bug 948228 + - Security bug 948944 + - Security bug 950005 + - Security bug 952849 + - Security bug 956625 + - Security bug 958457 + - Security bug 958689 + - Security bug 959193 + - Security bug 959518 + - Security bug 958717 + - Security bug 960785 + - Security bug 961674 + - Security bug 961597 + - Security bug 962083 + - Security bug 964002 + - Security bug 973893 + - Security bug 974627 + - Security bug 976050 + - Security bug 981602 + - Security bug 983850 + - Security bug 983938 From 83c5182c998b74858c5c28fcf2feb1d4e07754bb Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Wed, 14 Aug 2019 18:37:35 +0200 Subject: [PATCH 058/112] Fix reporting overridable flag for QML WebEngineCertificateError type MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also remove confusion inside CertificateErrorController constructor and overridable method by matching documentation for AllowCertificateError method of ContentBrowserClient api. Change-Id: I7e10ef71a4429dcf5acc4b714a8a45f67a2ec684 Reviewed-by: Jüri Valdmann --- src/core/certificate_error_controller.cpp | 6 +++--- src/core/certificate_error_controller_p.h | 4 ++-- src/core/content_browser_client_qt.cpp | 2 +- src/webenginewidgets/api/qwebenginepage.cpp | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/core/certificate_error_controller.cpp b/src/core/certificate_error_controller.cpp index a747451df4a..3309db8f1ad 100644 --- a/src/core/certificate_error_controller.cpp +++ b/src/core/certificate_error_controller.cpp @@ -79,14 +79,14 @@ CertificateErrorControllerPrivate::CertificateErrorControllerPrivate(int cert_er const net::SSLInfo& ssl_info, const GURL &request_url, content::ResourceType resource_type, - bool _overridable, + bool fatal_error, bool strict_enforcement, const base::Callback& cb ) : certError(CertificateErrorController::CertificateError(cert_error)) , requestUrl(toQt(request_url)) , resourceType(CertificateErrorController::ResourceType(resource_type)) - , overridable(_overridable) + , fatalError(fatal_error) , strictEnforcement(strict_enforcement) , callback(cb) { @@ -118,7 +118,7 @@ QUrl CertificateErrorController::url() const bool CertificateErrorController::overridable() const { - return d->overridable; + return !d->fatalError && !d->strictEnforcement; } bool CertificateErrorController::strictEnforcement() const diff --git a/src/core/certificate_error_controller_p.h b/src/core/certificate_error_controller_p.h index abde9a7d541..3b4d0f3bf64 100644 --- a/src/core/certificate_error_controller_p.h +++ b/src/core/certificate_error_controller_p.h @@ -59,7 +59,7 @@ QT_BEGIN_NAMESPACE class CertificateErrorControllerPrivate { public: - CertificateErrorControllerPrivate(int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, content::ResourceType resource_type, bool overridable, bool strict_enforcement, const base::Callback& callback); + CertificateErrorControllerPrivate(int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, content::ResourceType resource_type, bool fatal_error, bool strict_enforcement, const base::Callback& callback); void accept(bool accepted); @@ -68,7 +68,7 @@ class CertificateErrorControllerPrivate { QDateTime validStart; QDateTime validExpiry; CertificateErrorController::ResourceType resourceType; - bool overridable; + bool fatalError; bool strictEnforcement; const base::Callback callback; }; diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp index 0a51cc2614f..acd652b15ce 100644 --- a/src/core/content_browser_client_qt.cpp +++ b/src/core/content_browser_client_qt.cpp @@ -355,7 +355,7 @@ void ContentBrowserClientQt::AllowCertificateError(content::WebContents *webCont ssl_info, request_url, resource_type, - !IsCertErrorFatal(cert_error), + IsCertErrorFatal(cert_error), strict_enforcement, callback))); contentsDelegate->allowCertificateError(errorController); diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index 35fe542e875..d7f65c23bf7 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -1787,7 +1787,7 @@ void QWebEnginePagePrivate::allowCertificateError(const QSharedPointererror(), controller->url(), controller->overridable() && !controller->strictEnforcement(), controller->errorString()); + QWebEngineCertificateError error(controller->error(), controller->url(), controller->overridable(), controller->errorString()); accepted = q->certificateError(error); if (error.isOverridable()) From d5d0cd81cc770d696b19305717cc827ec1a89bd4 Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Wed, 14 Aug 2019 18:45:36 +0200 Subject: [PATCH 059/112] Reject certificate error for non-overridable errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On certificate validation error page load is just halted meaning that no progress or load result are reported and no default error page for certificate errors is shown. Even though documentation states that 'By default, an invalid certificate will be automatically rejected' and that aligns with default implementation of certificateError method within Page and non-deferred errors in quick View, page or view silently stays in an intermediate state for non-overridable errors. Fix this inconsistent behavior by automatically rejecting certificate for every invalid case (non-overridable error, not deferred or not implemented overridable method). Change-Id: Id1cee2ee5cc45bdcb5f262a6c99c84274e6ca374 Reviewed-by: Jüri Valdmann --- src/webengine/api/qquickwebengineview.cpp | 2 +- src/webenginewidgets/api/qwebenginepage.cpp | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/webengine/api/qquickwebengineview.cpp b/src/webengine/api/qquickwebengineview.cpp index c8ba64f499e..8097689ade7 100644 --- a/src/webengine/api/qquickwebengineview.cpp +++ b/src/webengine/api/qquickwebengineview.cpp @@ -294,7 +294,7 @@ void QQuickWebEngineViewPrivate::allowCertificateError(const QSharedPointernewQObject(quickController); Q_EMIT q->certificateError(quickController); - if (!quickController->deferred() && !quickController->answered()) + if (!quickController->overridable() || (!quickController->deferred() && !quickController->answered())) quickController->rejectCertificate(); else m_certificateErrorControllers.append(errorController); diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index d7f65c23bf7..aeed6ce85a9 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -1789,9 +1789,7 @@ void QWebEnginePagePrivate::allowCertificateError(const QSharedPointererror(), controller->url(), controller->overridable(), controller->errorString()); accepted = q->certificateError(error); - - if (error.isOverridable()) - controller->accept(accepted); + controller->accept(error.isOverridable() && accepted); } void QWebEnginePagePrivate::selectClientCert(const QSharedPointer &controller) From 99b27e9654bcaf6af0719e33989ba0c956af1c3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Wed, 4 Sep 2019 13:34:55 +0200 Subject: [PATCH 060/112] Update Chromium This pulls in the following change: 111349f18a4 Rename Chromium bootstrap name to prevent collisions Change-Id: I7003c35c5bad96f32b69900d507e637252a4950d Fixes: QTBUG-77938 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 7a779d01607..111349f18a4 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 7a779d0160771dcf6b4a644bc11137753c25982c +Subproject commit 111349f18a4d352d40c1c106a6f8e98a9f843894 From 15b7a43417e6ae2a3922010524881405ef6b7474 Mon Sep 17 00:00:00 2001 From: Peter Varga Date: Fri, 6 Sep 2019 11:18:20 +0200 Subject: [PATCH 061/112] Fix WebEngineView flashing when closing popup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closing a popup (eg. HTML select element) might cause WebEngineView to flash on macOS. This seems to be related to the window's NSPanel destruction and seems to appear only if the Qt::ToolTip window flag is set. Fixes: QTBUG-77072 Fixes: QTBUG-78084 Change-Id: I72af67ee97304278870b312482f8f9058ecd1233 Reviewed-by: Jüri Valdmann (cherry picked from commit 2f72083601fb6a4fcc66b6440222291fc334cb3f) --- .../render_widget_host_view_qt_delegate_quickwindow.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/webengine/render_widget_host_view_qt_delegate_quickwindow.cpp b/src/webengine/render_widget_host_view_qt_delegate_quickwindow.cpp index d3c88148eab..7db223ad9a8 100644 --- a/src/webengine/render_widget_host_view_qt_delegate_quickwindow.cpp +++ b/src/webengine/render_widget_host_view_qt_delegate_quickwindow.cpp @@ -47,7 +47,7 @@ namespace QtWebEngineCore { RenderWidgetHostViewQtDelegateQuickWindow::RenderWidgetHostViewQtDelegateQuickWindow(RenderWidgetHostViewQtDelegate *realDelegate) : m_realDelegate(realDelegate) { - setFlags(Qt::ToolTip | Qt::FramelessWindowHint | Qt::WindowDoesNotAcceptFocus); + setFlags(Qt::Tool | Qt::FramelessWindowHint | Qt::WindowDoesNotAcceptFocus); } RenderWidgetHostViewQtDelegateQuickWindow::~RenderWidgetHostViewQtDelegateQuickWindow() From 75d121b9e07bbaf3eeea44da776a45c03bb6af47 Mon Sep 17 00:00:00 2001 From: Frederik Gladhorn Date: Wed, 30 Oct 2019 13:22:17 +0100 Subject: [PATCH 062/112] Bump version --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 65f02f1b4eb..5310dd04e35 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.5 +MODULE_VERSION = 5.12.6 From ce515c418871b24b6f38878c560c360414a936a9 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Tue, 29 Oct 2019 13:32:23 +0100 Subject: [PATCH 063/112] Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changes: 4055f1498d Fix building with pulseaudio 13 b0fb9f38d9f [Backport] Fix security issue 957160 70036bae331 [Backport] Fix CVE-2019-5869 e6902ac08d4 Add missing semicolon to fix build with icu 65.1 55e2f9a305c [Backport] CVE-2019-5870 a0d7bfaee7d [Backport] CVE-2019-13659 4e154694fbc [Backport] CVE-2019-13660 cdee285b9b2 [Backport] CVE-2019-5875 bf4fb03c7c4 Fix building with VS2019 5ab4355f5e9 [Backport] CVE-2019-5876 5f1b74a907d [Backport] CVE-2019-13687 d4780d1a68b [Backport] CVE-2019-13688 Change-Id: I418e5b0ddb3a0e482330ac5560a2383d5d389b6d Reviewed-by: Jüri Valdmann --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 111349f18a4..d4780d1a68b 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 111349f18a4d352d40c1c106a6f8e98a9f843894 +Subproject commit d4780d1a68bf370514fb5fe6f8bf01104f764e38 From e0c11f482184e4278f30eabaa2ad8593cb53bfd5 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Thu, 31 Oct 2019 11:16:38 +0100 Subject: [PATCH 064/112] Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changes: c0ad7bb1842 [Backport] CVE-2019-13691 3dbf3a4c21f [Backport] CVE-2019-13692 3d89c990655 [Backport] CVE-2019-13693 cda3a507f68 [Backport] CVE-2019-13694 a6fbcf5a98d [Backport] CVE-2019-13695 635b163527b [Backport] CVE-2019-13697 fcb382834f9 [Backport] Security issue 986727 [1/2] 593acfce0ca [Backport] Security issue 986727 [2/2] Change-Id: I275b9d3031bfbea8796507dd1669e772be446fe2 Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index d4780d1a68b..217ab69596f 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit d4780d1a68bf370514fb5fe6f8bf01104f764e38 +Subproject commit 217ab69596fd1ca51af2d8e6292b579f86f13f25 From f6ff5b17edfcd72c1536b46d8db1c9a30f70a6ba Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 1 Nov 2019 14:26:07 +0100 Subject: [PATCH 065/112] Update Chromium Pulls in remaining security patches from 77 and one from 78 under active attack. Changes: 4fb070d2eb3 [Backport] Fix for CVE-2019-13720 9f720e99462 [Backport] CVE-2019-13664 96cdfdfc635 [Backport] CVE-2019-13665 8a7e8fca86d [Backport] Security issue 946351 bf49c9261e8 [Backport] Security issue 964938 af3f9345ac4 [Backport] Security issue 990234 24a674a2ce8 [Backport] CVE-2019-13674 50dda9e6fda [Backport] CVE-2019-13675 e8fcf3a6a28 [Backport] Security issue 960354 db783cf5684 [Backport] Security issue 979373 89644ad92fe [Backport] Security issue 981459 Task-number: QTBUG-79193 Change-Id: I6ad20783c27cc3c4464923d6b0b7a629ebe51840 Reviewed-by: Michal Klocek --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 217ab69596f..89644ad92fe 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 217ab69596fd1ca51af2d8e6292b579f86f13f25 +Subproject commit 89644ad92fee38706430c1adb1e29b9756193b4f From 14e2814f95cbb1759100a2b974bc61ef39dfb9c2 Mon Sep 17 00:00:00 2001 From: Frederik Gladhorn Date: Thu, 7 Nov 2019 13:08:02 +0100 Subject: [PATCH 066/112] Bump version --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 5310dd04e35..2058bb5d6f6 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.6 +MODULE_VERSION = 5.12.7 From 636b32c7f22c96e9562270219cedca52d5203737 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Thu, 7 Nov 2019 10:56:07 +0100 Subject: [PATCH 067/112] Add changes file for Qt 5.12.6 Change-Id: Ib5f32dff2db201bc85f714b50937bad9093a92c6 Reviewed-by: Allan Sandfeld Jensen --- dist/changes-5.12.6 | 64 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 dist/changes-5.12.6 diff --git a/dist/changes-5.12.6 b/dist/changes-5.12.6 new file mode 100644 index 00000000000..386eac2338d --- /dev/null +++ b/dist/changes-5.12.6 @@ -0,0 +1,64 @@ +Qt 5.12.6 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.5. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.6 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-77072,QTBUG-78084] Fixed flashing when closing popup on macOS. + - [QTBUG-78733] Fixed building with Visual Studio 2019. + - [QTBUG-77037] Fixed building with Pulseaudio 13. + - Fixed building with system ICU 65. + +Chromium +-------- + + - Security fixes from Chromium up to version 77.0.3865.120, including: + + - CVE-2019-5869 + - CVE-2019-5870 + - CVE-2019-5875 + - CVE-2019-5876 + - CVE-2019-13659 + - CVE-2019-13660 + - CVE-2019-13664 + - CVE-2019-13665 + - CVE-2019-13674 + - CVE-2019-13675 + - CVE-2019-13687 + - CVE-2019-13688 + - CVE-2019-13691 + - CVE-2019-13692 + - CVE-2019-13693 + - CVE-2019-13694 + - CVE-2019-13695 + - CVE-2019-13697 + - Security issue 946351 + - Security issue 957160 + - Security issue 960354 + - Security issue 964938 + - Security issue 979373 + - Security issue 981459 + - Security issue 986727 + - Security issue 990234 + + - Security fix from Chrome 78: CVE-2019-13720. From 5f05d9d1a3e0f30d4e7cccfe2d70387437fcccf3 Mon Sep 17 00:00:00 2001 From: Tamas Zakor Date: Mon, 4 Nov 2019 16:32:23 +0100 Subject: [PATCH 068/112] Fix pepper flash plugin permission Fixes: QTBUG-78280 Fixes: QTBUG-80696 Change-Id: Ic202314bb7935741791fa8c747e255b10dc7dc61 Reviewed-by: Allan Sandfeld Jensen Reviewed-by: Florian Bruhin (cherry picked from commit e72fd5136c5a7a848d9156334cf8f067eb1a1a10) --- src/core/content_client_qt.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/content_client_qt.cpp b/src/core/content_client_qt.cpp index df1bc303de2..61194bae080 100644 --- a/src/core/content_client_qt.cpp +++ b/src/core/content_client_qt.cpp @@ -125,7 +125,8 @@ static QString getLocalAppDataDir() static const int32_t kPepperFlashPermissions = ppapi::PERMISSION_DEV | ppapi::PERMISSION_PRIVATE | ppapi::PERMISSION_BYPASS_USER_GESTURE | - ppapi::PERMISSION_FLASH; + ppapi::PERMISSION_FLASH | + ppapi::PERMISSION_SOCKET; namespace switches { const char kPpapiFlashPath[] = "ppapi-flash-path"; From 8b6f4924a1a8564987a9f0110060cc9b3a2d89bf Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 19 Dec 2019 15:09:34 +0100 Subject: [PATCH 069/112] Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pulls in following changes: * d88a4a62100 [Backport] CVE-2019-13700 * d835d057c27 [Backport] CVE-2019-13701 * 9e816ff0eb4 Fix compiling on Xcode 11. * 7d0edd2bed2 Fix use of deprecated method for scanning wifi networks * 5be6616bfe2 [Backport] CVE-2019-15903 * 63902dffe13 [Backport] CVE-2019-13714 * c8ec40bb38c [Backport] CVE-2019-13715 * 61ba046fc61 [Backport] CVE-2019-13718 * 300c4402c06 [Backport] Security bug 1011551 * e0369af7ae7 [Backport] Secuirty bug 1006544 * c9d697a2959 [Backport] Security bug 993266 * a7a50a7adf3 [Backport] Security bug 1018406 * 246773b5a07 [Backport] Security bug 955191 * fc95242615b Revert "[Backport] CVE-2019-13701" Change-Id: I4ac3fe4acecc1d1193ecbf5c7966e8aad43cb68a Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 89644ad92fe..fc95242615b 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 89644ad92fee38706430c1adb1e29b9756193b4f +Subproject commit fc95242615b5b2abdcd06f806e6d1ecfca770ca5 From 7d82dafa46a356b80c8e55fda7e57f28ff1bc423 Mon Sep 17 00:00:00 2001 From: Peter Varga Date: Wed, 8 Jan 2020 11:05:22 +0100 Subject: [PATCH 070/112] Fixup Update Chromium Wrong hash: * fc95242615b -> 0bf0431f9fe Revert "[Backport] CVE-2019-13701" Change-Id: I05e2e6511df628c79d2d13e8c00139d53774134e Reviewed-by: Michal Klocek --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index fc95242615b..0bf0431f9fe 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit fc95242615b5b2abdcd06f806e6d1ecfca770ca5 +Subproject commit 0bf0431f9fea75fdad4ab519788ca807fd86e3c7 From 5fa161b5f273ec60e77bbdcfdd0f87dd42a5a0bc Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 21 Jan 2020 16:48:11 +0100 Subject: [PATCH 071/112] Update Chromium Pulls in following patches: * 42b5c26a6af [Backport] Avoid leaking GamepadService in tests * c7196fc6a85 [Backport] Security bug 1017020 * 8fafaa17b3b [Backport] Security bug 1017961 * 9d6e9a7ca2d [Backport] CVE-2019-13736 * f11302cbaab [Backport] CVE-2019-13737 * 990546181b6 [Backport] Fix for CVE-2019-13730: Type Confusion in V8 * f33ba482f60 [Backport] Fix for CVE-2019-13732: Use after free in WebAudio * f0f6703e7d3 [Backport] Fix for CVE-2019-13764: Type Confusion in V8 * 67232758405 [Backport] Dependency for fixing CVE-2019-13734 (1/5) * 520f5e48c7b [Backport] Dependency for fixing CVE-2019-13734 (2/5) * b4b8e7c5a3c [Backport] Dependency for fixing CVE-2019-13734 (3/5) * 17bda0b1daf [Backport] Dependency for fixing CVE-2019-13734 (4/5) * 437d404bd6d [Backport] Dependency for fixing CVE-2019-13734 (5/5) * bcba12fa82a [Backport] CVE-2019-13741: Insufficient validation of untrusted input in Blink * b07274b9d31 [Backport] CVE-2019-13762: Insufficient policy enforcement in downloads. * c445a9bcf07 [Backport] CVE-2019-13734: Out of bounds write in SQLite * 0dde1aba1cd [Backport] Fix up for dependency for CVE-2019-13734 (3/5) Task-number: QTBUG-80736 Change-Id: I53af6ffbe3975c8ab601eabba79c31acaf434482 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 0bf0431f9fe..0dde1aba1cd 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 0bf0431f9fea75fdad4ab519788ca807fd86e3c7 +Subproject commit 0dde1aba1cdfa3034176b47ef778cc99791843e7 From d268d9bba5589b7cc33e158b8563eae2ad67caff Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Wed, 22 Jan 2020 19:04:52 +0100 Subject: [PATCH 072/112] Update Chromium Pulls in following patches: * 1d84b1d66de [Backport] CVE-2020-6377 * a0a756490e5 [Backport] CVE-2019-13761: Incorrect security UI in Omnibox. * 1735d7de2e2 [Backport] Security bug 1027905 * 20d31c84457 [Backport] CVE-2019-13747: Uninitialized Use in rendering. * b154c1e99b3 [Backport] Security bug 1025089 * 95f69c52f85 [Backport] CVE-2019-13757: Incorrect security UI in Omnibox (1/2) * 0026972c101 [Backport] CVE-2019-13757: Incorrect security UI in Omnibox (2/2) * f527b66b1e3 [Backport] Security bug 889276 * 37330fd70ee [Backport] Security bug 1033260 Task-number: QTBUG-80736 Change-Id: Ie98271999713f07e4c2fab86df28e86310e1a44b Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 0dde1aba1cd..37330fd70ee 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 0dde1aba1cdfa3034176b47ef778cc99791843e7 +Subproject commit 37330fd70ee942d1ed55ab6bb4fbfd1d4c6f82e9 From 13fd53ae994ada3fca89c0d39b17df5395b712bf Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Fri, 24 Jan 2020 19:16:13 +0100 Subject: [PATCH 073/112] Update Chromium Pulls in following patches: * 28d34c9574b [Backport] CVE-2019-13738 * b94dccc951a [Backport] CVE-2019-13739 * f2ad81650e5 [Backport] CVE-2019-13735: Out of bounds write in V8 * 502cf4dc5a4 [Backport] Dependency of fix for CVE-2019-13758 (1/3) * f59df0d5773 [Backport] Dependency of fix for CVE-2019-13758 (2/3) * aedfb4f4114 [Backport] Dependency of fix for CVE-2019-13758 (3/3) * e3130b222f6 [Backport] CVE-2019-13758: Insufficient policy enforcement in navigation. * a3c60650eae [Backport] CVE-2019-13728: Out of bounds write in V8 Task-number: QTBUG-80736 Change-Id: Id00bb34174b6f8313e6512bfd5f5928f6413a142 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 37330fd70ee..a3c60650eae 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 37330fd70ee942d1ed55ab6bb4fbfd1d4c6f82e9 +Subproject commit a3c60650eae7a568e1e32b62ba3f7f51946f2ebd From 85e542f9376fd9bc8430c34b86ac05d13ed8d3f8 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Fri, 24 Jan 2020 19:57:35 +0100 Subject: [PATCH 074/112] Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pulls in following patches: * f4f2d564d94 [Backport] CVE-2020-0601 * f91f6b41907 [Backport] Security bug 1035371 and 1034695 * 5ca6ac0f951 [Backport] Security bugs 1029506, 1029210, 1029027, 1029002, 1028722 Task-number: QTBUG-80736 Change-Id: I2680d5a4d9af95b0ee1e8b27f98749332250b04c Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index a3c60650eae..5ca6ac0f951 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit a3c60650eae7a568e1e32b62ba3f7f51946f2ebd +Subproject commit 5ca6ac0f951adec1f816b42f1c862d699e56a645 From 41cef6e19364d785bd77c42e45ef7ca32e601410 Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Thu, 16 Jan 2020 15:22:27 +0200 Subject: [PATCH 075/112] Add changes file for Qt 5.12.7 + 14e2814f95cbb1759100a2b974bc61ef39dfb9c2 Bump version + 5f05d9d1a3e0f30d4e7cccfe2d70387437fcccf3 Fix pepper flash plugin permission + 8b6f4924a1a8564987a9f0110060cc9b3a2d89bf Update Chromium + 7d82dafa46a356b80c8e55fda7e57f28ff1bc423 Fixup Update Chromium + a4b598d1633e8278776c922faae012681018cdc9 Merge remote-tracking branch 'origin/5.12.6' into 5.12 + 5fa161b5f273ec60e77bbdcfdd0f87dd42a5a0bc Update Chromium + d268d9bba5589b7cc33e158b8563eae2ad67caff Update Chromium + 13fd53ae994ada3fca89c0d39b17df5395b712bf Update Chromium + 85e542f9376fd9bc8430c34b86ac05d13ed8d3f8 Update Chromium Change-Id: Iffa4dbd79f9bc3777c2f1a70519b8893e99c9758 Reviewed-by: Allan Sandfeld Jensen --- dist/changes-5.12.7 | 78 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 dist/changes-5.12.7 diff --git a/dist/changes-5.12.7 b/dist/changes-5.12.7 new file mode 100644 index 00000000000..4fdbb17d08d --- /dev/null +++ b/dist/changes-5.12.7 @@ -0,0 +1,78 @@ +Qt 5.12.7 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.6. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.7 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-78280, QTBUG-80696] Fix pepper flash plugin permission + +Chromium +-------- + + - Security fixes from Chromium up to version 79.0.3945.130, including: + + - CVE-2019-13700 + - CVE-2019-13714 + - CVE-2019-13715 + - CVE-2019-13718 + - CVE-2019-13728 + - CVE-2019-13730 + - CVE-2019-13732 + - CVE-2019-13734 + - CVE-2019-13735 + - CVE-2019-13736 + - CVE-2019-13737 + - CVE-2019-13738 + - CVE-2019-13739 + - CVE-2019-13741 + - CVE-2019-13747 + - CVE-2019-13750 + - CVE-2019-13751 + - CVE-2019-13752 + - CVE-2019-13753 + - CVE-2019-13757 + - CVE-2019-13758 + - CVE-2019-13761 + - CVE-2019-13762 + - CVE-2019-13764 + - CVE-2019-15903 + - CVE-2020-0601 + - CVE-2020-6377 + - Security bug 889276 + - Security bug 955191 + - Security bug 993266 + - Security bug 1006544 + - Security bug 1011551 + - Security bug 1017020 + - Security bug 1017961 + - Security bug 1018406 + - Security bug 1025089 + - Security bug 1027905 + - Security bug 1028722 + - Security bug 1029002 + - Security bug 1029027 + - Security bug 1029210 + - Security bug 1029506 + - Security bug 1033260 + - Security bug 1034695 + - Security bug 1035371 From 13e2924f054170f399ea213cabbae2027831ceba Mon Sep 17 00:00:00 2001 From: Alexandru Croitor Date: Tue, 28 Jan 2020 11:58:01 +0100 Subject: [PATCH 076/112] Bump version --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 2058bb5d6f6..075e95ecca3 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.7 +MODULE_VERSION = 5.12.8 From 2f56fd4a6b9b6f806334ba64b3689151a78d1d90 Mon Sep 17 00:00:00 2001 From: Peter Varga Date: Tue, 21 Jan 2020 16:32:24 +0100 Subject: [PATCH 077/112] Update navigation actions when load finishes in a subframe Fixes: QTBUG-81521 Change-Id: I8ca82224cd834b667471d1e96a44430164d3669e Reviewed-by: Allan Sandfeld Jensen --- src/core/web_contents_delegate_qt.cpp | 4 +- .../qwebenginepage/tst_qwebenginepage.cpp | 37 ++++++++++++++----- 2 files changed, 31 insertions(+), 10 deletions(-) diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 20de0546f5b..c840b7f43be 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -409,8 +409,10 @@ void WebContentsDelegateQt::DidFinishLoad(content::RenderFrameHost* render_frame return; } - if (render_frame_host->GetParent()) + if (render_frame_host->GetParent()) { + m_viewClient->updateNavigationActions(); return; + } if (!m_faviconManager->hasCandidate()) m_viewClient->iconChanged(QUrl()); diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp index f27dae3c791..080bba6434e 100644 --- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp +++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp @@ -1327,20 +1327,39 @@ void tst_QWebEnginePage::textEditing() void tst_QWebEnginePage::backActionUpdate() { QWebEngineView view; + view.resize(640, 480); + view.show(); + QWebEnginePage *page = view.page(); + QSignalSpy loadSpy(page, &QWebEnginePage::loadFinished); QAction *action = page->action(QWebEnginePage::Back); QVERIFY(!action->isEnabled()); - QSignalSpy loadSpy(page, SIGNAL(loadFinished(bool))); - QUrl url = QUrl("qrc:///resources/framedindex.html"); - page->load(url); - QTRY_COMPARE(loadSpy.count(), 1); + + page->load(QUrl("qrc:///resources/framedindex.html")); + QTRY_COMPARE_WITH_TIMEOUT(loadSpy.count(), 1, 20000); QVERIFY(!action->isEnabled()); - QTest::mouseClick(&view, Qt::LeftButton, 0, QPoint(10, 10)); - QEXPECT_FAIL("", "Behavior change: Load signals are emitted only for the main frame in QtWebEngine.", Continue); - QTRY_COMPARE_WITH_TIMEOUT(loadSpy.count(), 2, 100); - QEXPECT_FAIL("", "FIXME: Mouse events aren't passed from the QWebEngineView down to the RWHVQtDelegateWidget", Continue); - QVERIFY(action->isEnabled()); + auto firstAnchorCenterInFrame = [](QWebEnginePage *page, const QString &frameName) { + QVariantList rectList = evaluateJavaScriptSync(page, + "(function(){" + "var frame = document.getElementsByName('" + frameName + "')[0];" + "var anchor = frame.contentDocument.getElementsByTagName('a')[0];" + "var rect = anchor.getBoundingClientRect();" + "return [(rect.left + rect.right) / 2, (rect.top + rect.bottom) / 2];" + "})()").toList(); + + if (rectList.count() != 2) { + qWarning("firstAnchorCenterInFrame failed."); + return QPoint(); + } + + return QPoint(rectList.at(0).toInt(), rectList.at(1).toInt()); + }; + + QVERIFY(evaluateJavaScriptSync(page, "document.getElementsByName('frame_b')[0].contentDocument == undefined").toBool()); + QTest::mouseClick(view.focusProxy(), Qt::LeftButton, 0, firstAnchorCenterInFrame(page, "frame_c")); + QTRY_VERIFY(evaluateJavaScriptSync(page, "document.getElementsByName('frame_b')[0].contentDocument != undefined").toBool()); + QTRY_VERIFY(action->isEnabled()); } #if defined(QWEBENGINEPAGE_SETTINGS) From d7a7663c58fa81b04b2acc63c3e672fce2f46116 Mon Sep 17 00:00:00 2001 From: Szabolcs David Date: Mon, 10 Feb 2020 17:28:11 +0100 Subject: [PATCH 078/112] Fix crashes in urlChanged signal handlers If a user initiates page load from a urlChanged signal handler after a failed navigation while still being in NavigationRequest::OnRequestFailedInternal(), the new page load can discard the pending navigation entry and delete the NavigationRequest instance before finishing execution of OnRequestFailedInternal(). Fix crash by returning to the event loop before emitting urlChanged signal. Task-number: QTBUG-78490 Change-Id: I849a609f5524d715769079f6c5cabf8db6b45944 Reviewed-by: Michal Klocek --- src/webengine/api/qquickwebengineview.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/webengine/api/qquickwebengineview.cpp b/src/webengine/api/qquickwebengineview.cpp index 8097689ade7..60aaead671a 100644 --- a/src/webengine/api/qquickwebengineview.cpp +++ b/src/webengine/api/qquickwebengineview.cpp @@ -356,7 +356,9 @@ void QQuickWebEngineViewPrivate::urlChanged(const QUrl &url) { Q_Q(QQuickWebEngineView); Q_UNUSED(url); - Q_EMIT q->urlChanged(); + QTimer::singleShot(0, q, [q]() { + Q_EMIT q->urlChanged(); + }); } void QQuickWebEngineViewPrivate::iconChanged(const QUrl &url) From 3befcb16308f3b87a8c7b2dd1db69b69e2074c12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Fri, 20 Mar 2020 09:28:18 +0100 Subject: [PATCH 079/112] Update Chromium Pulls in the following changes: 2c37da9ad4f [Backport] Allow restricted clock_nanosleep in Linux sandbox 1119bc1c945 [Backport] Security bug 1040700 7ce30813cdc [Backport] CVE-2020-6381 - Integer overflow in Javascript 50d216266c1 [Backport] CVE-2020-6418 - Type confusion in V8 f4ee4fe130c [Backport] CVE-2020-6383 - Type confusion in V8 7cfa13add28 [Backport] CVE-2020-6384: Use after free in WebAudio a75e60afb7c [Backport] Security bug 1029865 24e36e97107 [Backport] Security bug 1044570 acb02559c02 [Backport] CVE-2020-6389 - Out of bounds write in WebRTC 807a82b2e28 [Backport] CVE-2020-6420: Insufficient policy enforcement in media 30040b36f90 [Backport] Security bug 1031909 9dfaed8eab0 [Backport] CVE-2020-6406 - Use after free in audio ca0ca819983 [Backport] CVE-2020-6393 - Insufficient policy enforcement in Blink Task-number: QTBUG-81910 Change-Id: Ib3c90cabf2151d652de2a4742f7b0422bf730419 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 5ca6ac0f951..ca0ca819983 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 5ca6ac0f951adec1f816b42f1c862d699e56a645 +Subproject commit ca0ca81998398fd8f777651e29b2bd414ad1b77e From c6d4d262cb42887bcc209087ab4270407f80e738 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Tue, 24 Mar 2020 09:23:10 +0100 Subject: [PATCH 080/112] Update Chromium Pulls in the following changes: cecd1a67e96 [Backport] CVE-2020-6394 - Insufficient policy enforcement in Blink 9a821b38b3f [Backport] CVE-2020-6398 - Uninitialized use in PDFium 3abef6fa271 [Backport] CVE-2020-6401 (1/3) and CVE-2020-6411 581ef6c8ccf [Backport] CVE-2020-6401 (2/3) c0a826b58f7 [Backport] CVE-2020-6401 (3/3) 55b7cedcc65 [Backport] Security bug 1018629 873da842e3d [Backport] CVE-2020-6410 - Insufficient policy enforcement in navigation dec516df711 [Backport] CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox 4b2fb2f933f [Backport] CVE-2020-6413 - Inappropriate implementation in Blink 86959566c4b [Backport] Security bug 1020031 442f3b6715d [Backport] Security bug 1016506 09277a67339 [Backport] Security bug 1026293 1bdf6178d9a [Backport] Security bug 1047097 6bf234cfacc [Backport] Security bug 1025442 02e9407022a [Backport] Security bug 1016038 f7524c75783 [Backport] CVE-2020-6388 - Out of bounds memory access in WebAudio 604ef94f4f9 [Backport] CVE-2019-20503: Out of bounds read in usersctplib Task-number: QTBUG-81910 Change-Id: I5b36f3f65852af99cc551cbad2a6da60a1007176 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index ca0ca819983..604ef94f4f9 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit ca0ca81998398fd8f777651e29b2bd414ad1b77e +Subproject commit 604ef94f4f9e82a555109d87532bff6fb6739f41 From 09287cb18d2d41a5b18c5cf7b1e8e07183618ff2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Wed, 25 Mar 2020 10:42:37 +0100 Subject: [PATCH 081/112] Update Chromium Pulls in the following changes: 1a2d6d8df67 [Backport] Dependency for CVE-2020-6391 4ceb67df8cd [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (1/3) bca907a58b5 [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (2/3) 479882836f3 [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (3/3) f616cecf23c [Backport] CVE-2020-6399 - Insufficient policy enforcement in AppCache 62ca8dad9bb [Backport] Security bug 1035723 0ee1af65d4e [Backport] Fix multiple CVEs and security bugs in sqlite 7483e059d88 [Backport] CVE-2019-18197 - Multiple vulnerabilities in XML Change-Id: I9d8992b1aa28f4fb5704b37d8493cd6964bcf4ed Fixes: QTBUG-81910 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 604ef94f4f9..7483e059d88 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 604ef94f4f9e82a555109d87532bff6fb6739f41 +Subproject commit 7483e059d887136a989185d6056ccb79cf4ddd19 From 175b8129d1b0e6d9372de8ce9e1b45ab49fef336 Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Mon, 16 Mar 2020 13:57:44 +0200 Subject: [PATCH 082/112] Add changes file for Qt 5.12.8 + 13e2924f054170f399ea213cabbae2027831ceba Bump version + 2f56fd4a6b9b6f806334ba64b3689151a78d1d90 Update navigation actions when load finishes in a subframe + d7a7663c58fa81b04b2acc63c3e672fce2f46116 Fix crashes in urlChanged signal handlers + 3befcb16308f3b87a8c7b2dd1db69b69e2074c12 Update Chromium + c6d4d262cb42887bcc209087ab4270407f80e738 Update Chromium + 09287cb18d2d41a5b18c5cf7b1e8e07183618ff2 Update Chromium Change-Id: I5dd5ae4c57aacea4717e36d77e84cac12cd2a3e8 Reviewed-by: Allan Sandfeld Jensen --- dist/changes-5.12.8 | 73 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 dist/changes-5.12.8 diff --git a/dist/changes-5.12.8 b/dist/changes-5.12.8 new file mode 100644 index 00000000000..5a474e9c08c --- /dev/null +++ b/dist/changes-5.12.8 @@ -0,0 +1,73 @@ +Qt 5.12.8 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.7. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.8 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-81313] Enabled running with glibc 2.30 in Linux sandbox + - [QTBUG-81521] Update navigation actions when load finishes in a subframe + - [QTBUG-78490] Fixed crash when initiaing loads from urlChanged handlers + +Chromium +-------- + + - Security fixes from Chromium up to version 80.0.3987.149, including: + + - CVE-2019-18197 - Multiple vulnerabilities in XML + - CVE-2019-19923 - Out of bounds memory access in SQLite + - CVE-2019-19925 - Multiple vulnerabilities in SQLite + - CVE-2019-19926 - Inappropriate implementation in SQLite + - CVE-2019-20503 - Out of bounds read in usersctplib + - CVE-2020-6381 - Integer overflow in Javascript + - CVE-2020-6383 - Type confusion in V8 + - CVE-2020-6384 - Use after free in WebAudio + - CVE-2020-6388 - Out of bounds memory access in WebAudio + - CVE-2020-6389 - Out of bounds write in WebRTC + - CVE-2020-6391 - Insufficient validation of untrusted input in Blink + - CVE-2020-6393 - Insufficient policy enforcement in Blink + - CVE-2020-6394 - Insufficient policy enforcement in Blink + - CVE-2020-6398 - Uninitialized use in PDFium + - CVE-2020-6399 - Insufficient policy enforcement in AppCache + - CVE-2020-6401 + - CVE-2020-6405 - Out of bounds read in SQLite + - CVE-2020-6406 - Use after free in audio + - CVE-2020-6410 - Insufficient policy enforcement in navigation + - CVE-2020-6411 + - CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox + - CVE-2020-6413 - Inappropriate implementation in Blink + - CVE-2020-6418 - Type confusion in V8 + - CVE-2020-6420 - Insufficient policy enforcement in media + - Security bug 1016038 + - Security bug 1016506 + - Security bug 1018629 + - Security bug 1020031 + - Security bug 1025442 + - Security bug 1026293 + - Security bug 1029865 + - Security bug 1031909 + - Security bug 1033461 + - Security bug 1035723 + - Security bug 1040700 + - Security bug 1044570 + - Security bug 1047097 + From ed23d9f54b2c8735a6d4e8f4f171a5cd6700dd90 Mon Sep 17 00:00:00 2001 From: Alexandru Croitor Date: Wed, 22 Apr 2020 16:32:52 +0200 Subject: [PATCH 083/112] Bump version Change-Id: I61e1eca3a3841f698b566d0c52985a5e28d85544 --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 075e95ecca3..6d88c717b79 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.8 +MODULE_VERSION = 5.12.9 From 1dae478232ac22a92637d919287fbbf11c32b7c7 Mon Sep 17 00:00:00 2001 From: Peter Varga Date: Tue, 7 Apr 2020 10:09:37 +0200 Subject: [PATCH 084/112] Fix macOS build after 10.15.4 QMAKE_MAC_SDK_VERSION is set by /usr/bin/xcrun --sdk macosx --show-sdk-version in qtbase/mkpecs/features/mac/sdk.prf From 10.15.4, xcrun outputs the SDK version in Major.Minor.Patch format instead of Major.Minor. mac_sdk_min gn arg is expected to be in Major.Minor format, therefor pass only the first 2 revision numbers to gn. Fixes: QTBUG-83318 Change-Id: I3af523dd5df8149fb5cd57b259c2bed889db88b5 Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit 5d2026cb04ef8fd408e5722a84e2affb5b9a3119) --- src/core/config/mac_osx.pri | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/core/config/mac_osx.pri b/src/core/config/mac_osx.pri index 4426901cf71..7b77a8bf7f4 100644 --- a/src/core/config/mac_osx.pri +++ b/src/core/config/mac_osx.pri @@ -9,6 +9,10 @@ isEmpty(QMAKE_MAC_SDK_VERSION) { isEmpty(QMAKE_MAC_SDK_VERSION): error("Could not resolve SDK version for \'$${QMAKE_MAC_SDK}\'") } +# chromium/build/mac/find_sdk.py expects the SDK version (mac_sdk_min) in Major.Minor format. +# If Patch version is provided it fails with "Exception: No Major.Minor.Patch+ SDK found" +QMAKE_MAC_SDK_VERSION_MAJOR_MINOR = $$section(QMAKE_MAC_SDK_VERSION, ".", 0, 1) + QMAKE_CLANG_DIR = "/usr" QMAKE_CLANG_PATH = $$eval(QMAKE_MAC_SDK.macx-clang.$${QMAKE_MAC_SDK}.QMAKE_CXX) !isEmpty(QMAKE_CLANG_PATH) { @@ -27,7 +31,7 @@ gn_args += \ clang_base_path=\"$${QMAKE_CLANG_DIR}\" \ clang_use_chrome_plugins=false \ mac_deployment_target=\"$${QMAKE_MACOSX_DEPLOYMENT_TARGET}\" \ - mac_sdk_min=\"$${QMAKE_MAC_SDK_VERSION}\" \ + mac_sdk_min=\"$${QMAKE_MAC_SDK_VERSION_MAJOR_MINOR}\" \ mac_views_browser=false \ toolkit_views=false \ use_external_popup_menu=false From f3b941f98b61e205423f666c41f6922deff60d0a Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Fri, 5 Jun 2020 11:34:34 +0200 Subject: [PATCH 085/112] Update Chromium Pulls in following patches: * cab2fe0edbe Disable Empty Base Class Layout Optimization for MSVC * e7cf409b07f [Backport] CVE-2020-6452 * d91969c6230 [Backport] CVE-2020-6450 * a54c653a3b8 [Backport] CVE-2020-6451 * 19363411c41 [Backport] Security Bug 1065094 1/2 * becfaac2ceb [Backport] Security Bug 1065094 2/2 * f11657ed645 [Backport] Fix for CVE-2020-6423 * 4cdf74a64d3 Fixup: msvc undefined type HandleScopeImplementer Task-number: QTBUG-84633 Change-Id: Ia621d7d04ce7bdedbdb57d6ef0472c896bb2f215 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 7483e059d88..4cdf74a64d3 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 7483e059d887136a989185d6056ccb79cf4ddd19 +Subproject commit 4cdf74a64d389d09c17377638d0e8164260aff67 From 6a6c89adf37dcaa47542ddc8b240c25f5b9d0e6d Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Mon, 8 Jun 2020 14:15:09 +0200 Subject: [PATCH 086/112] Skip all url interceptor unit tests It is well known issue that url interceptors on 5.12 has race condition on destruction, this is fixed in 5.13.1 and later. Since this is just next end life LTS (having only security patches), simply blacklist the tests to avoid flakiness on CI. Change-Id: I20a493a42495f1a923cd56bc2b11f9485f50cdd7 Reviewed-by: Allan Sandfeld Jensen --- .../tst_qwebengineurlrequestinterceptor.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp index 653a1e421b8..7c99100eb40 100644 --- a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp +++ b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp @@ -83,6 +83,7 @@ void tst_QWebEngineUrlRequestInterceptor::cleanup() void tst_QWebEngineUrlRequestInterceptor::initTestCase() { + QSKIP("Interceptor has race condition in 5.12, skipping the test."); } void tst_QWebEngineUrlRequestInterceptor::cleanupTestCase() From ad0e5a70736d23299fe73be78612e7e2ef84e00c Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 9 Jun 2020 09:59:19 +0200 Subject: [PATCH 087/112] Update Chromium Pulls in following patches: * d7755040dde Update sqlite, fixing CVE-2020-6455 * d009d836cfb [Backport] CVE-2020-6431 * bfc495cdeae [Backport] Fix for CVE-2020-6441 * 130150732b6 [Backport] Fix for CVE-2020-6443 * 3269720fc8a [Backport] Fix for security issue 1050090 * b96587fcf2c [Backport] CVE-2020-6432 * 47b2198c4ef [Backport] CVE-2020-6460 Task-number: QTBUG-84633 Change-Id: I9d45b6cc40cccbe4a8dc7931619cad60d6551217 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 4cdf74a64d3..47b2198c4ef 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 4cdf74a64d389d09c17377638d0e8164260aff67 +Subproject commit 47b2198c4ef00bee89c4b6c90bb2c0abdd8c1750 From 4215018f9b5f912785cf309b5bd8652cddc78ac4 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Wed, 10 Jun 2020 08:24:01 +0200 Subject: [PATCH 088/112] Update Chromium Pulls in following changes: * 04567666dae [Backport] Fix for security issue 1066893 * 8dc8aecf84b [Backport] When suspending context, don't clear handlers * 8ad03010124 [Backport] Security bug 1025740 1/2 * c8b517eb447 [Backport] Security bug 1025740 2/2 * 717395cfce0 [Backport] CVE-2020-6461: Use after free in storage * b3b4d5af3a1 Fixup: add missing gn include Task-number: QTBUG-84633 Change-Id: Ia56b018ea93caa091212b574947b26dd83ca52f3 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 47b2198c4ef..b3b4d5af3a1 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 47b2198c4ef00bee89c4b6c90bb2c0abdd8c1750 +Subproject commit b3b4d5af3a1f0560cc60b29787919144e1641ffc From 1c1dddaf9aa35449096c75c26c93fc614a98b322 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Wed, 10 Jun 2020 16:38:21 +0200 Subject: [PATCH 089/112] Update Chormium Pulls in following changes: * 7c34012060d [Backport] Fix for CVE-2020-6464 * c3a4dada23b [Backport] CVE-2020-6468 * 8d8aa95903c [Backport] Security bug 1075907 * e7c84adad1b [Backport] Security bug 1025302 * d686675960c [Backport] CVE-2020-6493 * 3a8febfdab7 Fixup for [Backport] Security bug 1025740 1/2 Task-number: QTBUG-84633 Change-Id: I9ad7da07ca0cdc4656cb936eef5a4e7445b31949 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index b3b4d5af3a1..3a8febfdab7 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit b3b4d5af3a1f0560cc60b29787919144e1641ffc +Subproject commit 3a8febfdab725bf92b453dcd61cda85203a745e8 From e9b7199363ff3f0c8f84b96eee175292fafffb2c Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Thu, 11 Jun 2020 08:54:01 +0200 Subject: [PATCH 090/112] Update Chromium MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pulls in security issues: * 1def46aafc2 [Backport] Security Bug 1070012 1/5 * 54a56516088 [Backport] Security Bug 1070012 2/5 * fbc701311c1 [Backport] Security Bug 1070012 3/5 * ebc9d4ba625 [Backport] Security Bug 1070012 4/5 * 04e8b821b36 [Backport] Security Bug 1070012 5/5 * 8a53e97dba1 [Backport] CVE-2020-6467 Task-number: QTBUG-84633 Change-Id: I24367d2f3249f900202b2f847a762aefd0ef4072 Reviewed-by: Michael Brüning --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 3a8febfdab7..8a53e97dba1 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 3a8febfdab725bf92b453dcd61cda85203a745e8 +Subproject commit 8a53e97dba1ec531727914b0189db93d21f977b8 From a5017ad1987d3368c1cbccb5085475055c3b74a5 Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Wed, 3 Jun 2020 13:51:20 +0300 Subject: [PATCH 091/112] Add changes file for Qt 5.12.9 Change-Id: I96949ad2a7be414c126b6a661bc5cceeeceaac7d Reviewed-by: Michal Klocek --- dist/changes-5.12.9 | 55 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 dist/changes-5.12.9 diff --git a/dist/changes-5.12.9 b/dist/changes-5.12.9 new file mode 100644 index 00000000000..57badb1a30d --- /dev/null +++ b/dist/changes-5.12.9 @@ -0,0 +1,55 @@ +Qt 5.12.9 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.8. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.9 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-83318] Fix macOS build after 10.15.4 + +Chromium +-------- + + - Security fixes from Chromium up to version 83.0.4103.97, including: + + - CVE-2020-6423 + - CVE-2020-6431 + - CVE-2020-6432 + - CVE-2020-6441 + - CVE-2020-6443 + - CVE-2020-6450 + - CVE-2020-6451 + - CVE-2020-6452 + - CVE-2020-6455 + - CVE-2020-6460 + - CVE-2020-6461 + - CVE-2020-6464 + - CVE-2020-6467 + - CVE-2020-6468 + - CVE-2020-6493 + - Security Bug 1025302 + - Security Bug 1025740 + - Security Bug 1050090 + - Security Bug 1065094 + - Security Bug 1066893 + - Security Bug 1070012 + - Security Bug 1075907 From 21a49fe1bdfdf78c464a2fad89113d30247f0c34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Fri, 3 Jul 2020 01:16:07 +0200 Subject: [PATCH 092/112] [macOS] Add utf-8 character set meta tag for HTML clipboard content MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This prevents unicode characters from becoming garbled when pasting the clipboard content into an application that uses the HTML content instead of the text data. This mirrors the behavior of Chromium's clipboard adaptation for macOS Fixes: QTBUG-75391 Change-Id: I033819a2caf3410509e90c9bc38c9830d184149d Reviewed-by: Jüri Valdmann (cherry picked from commit 7b5cb517da57f76437872a891c07fffd1779b6a4) --- src/core/clipboard_qt.cpp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/core/clipboard_qt.cpp b/src/core/clipboard_qt.cpp index 44756bdfe93..c3724d4090f 100644 --- a/src/core/clipboard_qt.cpp +++ b/src/core/clipboard_qt.cpp @@ -235,7 +235,14 @@ void ClipboardQt::WriteText(const char* text_data, size_t text_len) void ClipboardQt::WriteHTML(const char* markup_data, size_t markup_len, const char* url_data, size_t url_len) { - getUncommittedData()->setHtml(QString::fromUtf8(markup_data, markup_len)); + QString markup_string = QString::fromUtf8(markup_data, markup_len); +#if defined (Q_OS_MACOS) + // We need to prepend the charset on macOS to prevent garbled Unicode characters + // when pasting to certain applications (e.g. Notes, TextEdit) + // Mirrors the behavior in ui/base/clipboard/clipboard_mac.mm in Chromium. + markup_string.prepend(QLatin1String("")); +#endif + getUncommittedData()->setHtml(markup_string); } void ClipboardQt::WriteRTF(const char* rtf_data, size_t data_len) From 09015f8ee5e48e2211c60b69e7b76b8ce2ac8285 Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 7 Jul 2020 10:41:45 +0200 Subject: [PATCH 093/112] Update Chormium Pulls in following changes: * 9b01ea0194d [Backport] CVE-2020-6459 * 5d89aa45a7e [Backport] CVE-2020-6470 * 73765c84da6 [Backport] CVE-2020-6474 * c66812623ff [Backport] CVE-2020-6481 * 86482726e15 [Backport] Security Bug 1058515 * 120e629cb56 [Backport] Security Bug 1057369 * 4bd9fab8c65 [Backport] Security Bug 1051439 * cf563cfdb42 Add missing headers for build with linux-clang 10 spec * 1417835f7de Fixup: Fix live editing * cf70b8331ce [macOS] Add CoreProfile to the valid configurations for GPU switching Task-number: QTBUG-84633 Change-Id: I16b148a6742c683dbc5eaab37bfbc4ddd3aebb0c Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 8a53e97dba1..cf70b8331ce 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 8a53e97dba1ec531727914b0189db93d21f977b8 +Subproject commit cf70b8331ced814ac6f0ba5f81f9d5d0b4943e59 From fd483945e2c86aa0c3fc1465d179d7be39ec86bc Mon Sep 17 00:00:00 2001 From: Peter Varga Date: Mon, 4 May 2020 14:08:47 +0200 Subject: [PATCH 094/112] Fix AltGr on Windows Fixes: QTBUG-83710 Change-Id: Iaf5a33c0aeb53348d36cb7dda60602041299cd50 Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit 53498cb73392a222a113ae257f24f91e6d912518) --- src/core/web_event_factory.cpp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/core/web_event_factory.cpp b/src/core/web_event_factory.cpp index fc6287dd9b1..8042c091478 100644 --- a/src/core/web_event_factory.cpp +++ b/src/core/web_event_factory.cpp @@ -171,8 +171,15 @@ static QString qtTextForKeyEvent(const QKeyEvent *ev, int qtKey, Qt::KeyboardMod { QString text = ev->text(); - if ((qtModifiers & Qt::ControlModifier) && keyboardDriver() == KeyboardDriver::Xkb) + if (keyboardDriver() == KeyboardDriver::Xkb && (qtModifiers & Qt::ControlModifier)) { text.clear(); + } + + // Keep text for Ctrl+Alt key combinations on Windows. It is an alternative for AltGr. + if (keyboardDriver() == KeyboardDriver::Windows + && (qtModifiers & Qt::ControlModifier) && !(qtModifiers & Qt::AltModifier)) { + text.clear(); + } return text; } From 0db0898f6a1d0e2292590946d0c8eea3b0847099 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Wed, 29 Jul 2020 14:52:20 +0200 Subject: [PATCH 095/112] Update Chromium Pulls in the changes: a2c0edd19d4 [Backport] CVE-2020-6511: Side-channel information leakage in CSP (1/2) b16fddc243a [Backport] CVE-2020-6511: Side-channel information leakage in CSP (2/2) 279102920a7 [Backport] CVE-2020-6513: Heap buffer overflow in PDFium 0521cd0d584 [Backport] CVE-2020-6514: Inappropriate implementation in WebRTC 53ab90f118d [Backport] CVE-2020-6523: Out of bounds write in Skia 618f960a12c [Backport] CVE-2020-6524: Heap buffer overflow in WebAudio 9c52e6b3360 [Backport] CVE-2020-6529: Inappropriate implementation in WebRTC 572a93d8f14 [Backport] CVE-2020-6535: Insufficient data validation in WebUI 2004c48a47e [Backport] Security bug 1054229 6a3ff8c66a9 [Backport] CVE-2020-6518: Use after free in developer tools d06276e6183 [Backport] CVE-2020-6512: Type Confusion in V8 (1/3) d8a0b1b22c1 [Backport] CVE-2020-6512: Type Confusion in V8 (2/3) 83793149bf5 [Backport] CVE-2020-6512: Type Confusion in V8 (3/3) b97c5f89481 [Backport] Dependency for CVE-2020-6534 (1/4) de381abe2ff [Backport] Dependency for CVE-2020-6534 (2/4) 8b2ba2a1e56 [Backport] Dependency for CVE-2020-6534 (3/4) 199df5c9049 [Backport] Dependency for CVE-2020-6534 (4/4) bc33e1bbfaf [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC 58f5e3f57e5 [Backport] CVE-2020-6490 c3003924faf [Backport] Security bug 1052492 1e1f4b33fa0 Security bugs 1087629 and 1029569 Task-number: QTBUG-85613 Change-Id: Ib2d3ed71b4f21cf3fa02474ace735a3c9c6c5126 Reviewed-by: Michal Klocek --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index cf70b8331ce..1e1f4b33fa0 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit cf70b8331ced814ac6f0ba5f81f9d5d0b4943e59 +Subproject commit 1e1f4b33fa024754d4db963531ab8e65c41d479f From 9e356585680e45271d7691aedad211d0e8cadf32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Thu, 20 Aug 2020 14:56:28 +0200 Subject: [PATCH 096/112] Update Chromium Pulls in the changes: 01257ab4c14 [Backport] CVE-2020-6489 e425d1134b9 [Backport] CVE-2020-6532: Use after free in SCTP 39d164c7113 [Backport] Security bug 1102408 72e1b27f06f [Backport] CVE-2020-6541: Use after free in WebUSB bf12bcbd03c [Backport] Security bug 1065122 0561a33d0f5 [Backport] Security bug 1065731 ee1811a7e86 [Backport] CVE-2020-6540: Heap buffer overflow in Skia a09bfbb191d [Backport] CVE-2020-6542: Use after free in ANGLE 2f38d2ab5b7 [Backport] CVE-2020-6543: Use after free in task scheduling 5ff9249f692 [Backport] CVE-2020-6544: Use after free in media 78121f30724 [Backport] CVE-2020-6545: Use after free in audio cc48de17c5d [Backport] CVE-2020-6548: Heap buffer overflow in Skia e490120c6b6 [Backport] CVE-2020-6549: Use after free in media ca61def88f8 [Backport] CVE-2020-6462: Use after free in task scheduling Task-number: QTBUG-85613 Change-Id: I3b3242d35a444b696ae89f9be454c800dbd2eba4 Reviewed-by: Michal Klocek --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 1e1f4b33fa0..ca61def88f8 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 1e1f4b33fa024754d4db963531ab8e65c41d479f +Subproject commit ca61def88f8207d681846f576bc0d28a7b73afbc From 8060a6ab6535e93e3baa4f0df48ea98dab1adc8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Mon, 12 Oct 2020 21:28:32 +0200 Subject: [PATCH 097/112] Update Chromium Pulls in the changes: b59af853f7b [Backport] CVE-2020-6559: Use after free in presentation API d7c2cf25399 [Backport] Security issue 1102137 82a0e2faa2a [Backport] CVE-2020-6562: Insufficient policy enforcement in Blink 46dbf8fb796 [Backport] CVE-2020-6569: Integer overflow in WebUSB 844c2922f46 [Backport] CVE-2020-6573: Use after free in video 872be05931a [Backport] CVE-2020-15962: Insufficient policy enforcement in serial b769634b87a [Backport] Security bug 1111149 a4599b61975 [Backport] CVE-2020-6571: Incorrect security UI in Omnibox c89a12ce788 [Backport] CVE-2020-15964: Insufficient data validation in media 30570c933fc [Backport] Security issue 1098860 d6e06841443 [Backport] CVE-2020-15965: Out of bounds write in V8 Task-number: QTBUG-85613 Change-Id: I5a013d1020a903775dec3682866269eb754b7d08 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index ca61def88f8..d6e06841443 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit ca61def88f8207d681846f576bc0d28a7b73afbc +Subproject commit d6e06841443a40c99efd209bce6c96c8a7659c34 From eac0b7e9fc3e0fad609a86f418358f1d56bf2a87 Mon Sep 17 00:00:00 2001 From: Jani Heikkinen Date: Wed, 14 Oct 2020 10:29:21 +0300 Subject: [PATCH 098/112] Bump version Change-Id: I70d552fcc53d97ff8f44618f6c152d08dca7a9c0 --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 6d88c717b79..fffea1245fe 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.9 +MODULE_VERSION = 5.12.10 From 8db7eab24c063f19bf00b40c816a97580a2d395c Mon Sep 17 00:00:00 2001 From: Antti Kokko Date: Thu, 15 Oct 2020 09:53:18 +0300 Subject: [PATCH 099/112] Add changes file for Qt 5.12.10 Change-Id: Id180c2ea2fefed919b4c623d20da392ad5db27d1 Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit 78b44a26b256fdaa70832455d8d4711bbe7fa17a) Reviewed-by: Qt Cherry-pick Bot --- dist/changes-5.12.10 | 86 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 dist/changes-5.12.10 diff --git a/dist/changes-5.12.10 b/dist/changes-5.12.10 new file mode 100644 index 00000000000..12e0c46d8ef --- /dev/null +++ b/dist/changes-5.12.10 @@ -0,0 +1,86 @@ +Qt 5.12.10 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.9. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + + https://doc.qt.io/qt-5.12/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + + https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Library * +**************************************************************************** + +General +------- + + - [QTBUG-75391] Fix pasting Unicode characters copied from WebEngine on macOS + - [QTBUG-83710] Fix input of keys requiring AltGr on Windows + - [QTBUG-84337] Fixed GPU switching with CoreProfile on macOS (for e.g. AirPlay) + - Fixed build with the linux-clang 10 spec + +Chromium +-------- + + - Security fixes from Chromium up to version 86.0.4240.75, including: + + - CVE-2020-6459 + - CVE-2020-6462: Use after free in task scheduling + - CVE-2020-6470 + - CVE-2020-6474 + - CVE-2020-6481 + - CVE-2020-6489 + - CVE-2020-6490 + - CVE-2020-6511: Side-channel information leakage in CSP + - CVE-2020-6512: Type Confusion in V8 + - CVE-2020-6513: Heap buffer overflow in PDFium + - CVE-2020-6514: Inappropriate implementation in WebRTC + - CVE-2020-6518: Use after free in developer tools + - CVE-2020-6523: Out of bounds write in Skia + - CVE-2020-6524: Heap buffer overflow in WebAudio + - CVE-2020-6529: Inappropriate implementation in WebRTC + - CVE-2020-6532: Use after free in SCTP + - CVE-2020-6535: Insufficient data validation in WebUI + - CVE-2020-6534: Heap buffer overflow in WebRTC + - CVE-2020-6540: Heap buffer overflow in Skia + - CVE-2020-6541: Use after free in WebUSB + - CVE-2020-6542: Use after free in ANGLE + - CVE-2020-6543: Use after free in task scheduling + - CVE-2020-6544: Use after free in media + - CVE-2020-6545: Use after free in audio + - CVE-2020-6548: Heap buffer overflow in Skia + - CVE-2020-6549: Use after free in media + - CVE-2020-6559: Use after free in presentation API + - CVE-2020-6561: Inappropriate implementation in Content Security Policy + - CVE-2020-6562: Insufficient policy enforcement in Blink + - CVE-2020-6569: Integer overflow in WebUSB + - CVE-2020-6571: Incorrect security UI in Omnibox + - CVE-2020-6573: Use after free in video + - CVE-2020-15962: Insufficient policy enforcement in serial + - CVE-2020-15964: Insufficient data validation in media + - CVE-2020-15965: Out of bounds write in V8 + - CVE-2020-15968: Use after free in Blink + - CVE-2020-15969: Use after free in WebRTC. + - Security Bug 1051439 + - Security bug 1052492 + - Security bug 1054229 + - Security Bug 1057369 + - Security Bug 1058515 + - Security bug 1065122 + - Security bug 1065731 + - Security bugs 1087629 and 1029569 + - Security issue 1098860 + - Security issue 1102137 + - Security bug 1102408 + - Security bug 1111149 + From 7c68b7a409a72f5c2f016a491b3ea91be3a2cdae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Mon, 19 Oct 2020 23:17:26 +0200 Subject: [PATCH 100/112] Update changes file for 5.12.10 Change-Id: I01d63f447647c46fecf8df14c8c4df21189fd594 Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit 457c8baa8a3f577be1e999d06c32504d35862c64) Reviewed-by: Qt Cherry-pick Bot --- dist/changes-5.12.10 | 1 + 1 file changed, 1 insertion(+) diff --git a/dist/changes-5.12.10 b/dist/changes-5.12.10 index 12e0c46d8ef..5c27d328668 100644 --- a/dist/changes-5.12.10 +++ b/dist/changes-5.12.10 @@ -27,6 +27,7 @@ General - [QTBUG-75391] Fix pasting Unicode characters copied from WebEngine on macOS - [QTBUG-83710] Fix input of keys requiring AltGr on Windows - [QTBUG-84337] Fixed GPU switching with CoreProfile on macOS (for e.g. AirPlay) + - [QTBUG-86018] Fixed build with Bison 3.7 - Fixed build with the linux-clang 10 spec Chromium From 58ca9409c8d8fc09899bba11f382a66c483e64f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Tue, 20 Oct 2020 11:16:55 +0200 Subject: [PATCH 101/112] Update changes file for 5.12.10 Change-Id: I11963ce31e082188b3dc39237bb530c915171898 Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit bc14b2ae1d9f757c0040cf6fb1d6333efc89c25d) Reviewed-by: Qt Cherry-pick Bot --- dist/changes-5.12.10 | 1 + 1 file changed, 1 insertion(+) diff --git a/dist/changes-5.12.10 b/dist/changes-5.12.10 index 5c27d328668..a67744f70d2 100644 --- a/dist/changes-5.12.10 +++ b/dist/changes-5.12.10 @@ -72,6 +72,7 @@ Chromium - CVE-2020-15965: Out of bounds write in V8 - CVE-2020-15968: Use after free in Blink - CVE-2020-15969: Use after free in WebRTC. + - CVE-2020-15999: Heap buffer overflow in freetype - Security Bug 1051439 - Security bug 1052492 - Security bug 1054229 From c9727f9153e4ae2f3612aa8eeff3449f344c3b2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Thu, 22 Oct 2020 13:40:45 +0200 Subject: [PATCH 102/112] Update changes file for 5.12.10 Change-Id: Ifaccaed80bc0c45e7284ef85afa4a598d6d16aeb Reviewed-by: Allan Sandfeld Jensen (cherry picked from commit 07fcac049e7b362b703f31ec559f5097f804588e) Reviewed-by: Qt Cherry-pick Bot --- dist/changes-5.12.10 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dist/changes-5.12.10 b/dist/changes-5.12.10 index a67744f70d2..3f706d6b11c 100644 --- a/dist/changes-5.12.10 +++ b/dist/changes-5.12.10 @@ -33,7 +33,7 @@ General Chromium -------- - - Security fixes from Chromium up to version 86.0.4240.75, including: + - Security fixes from Chromium up to version 86.0.4240.111, including: - CVE-2020-6459 - CVE-2020-6462: Use after free in task scheduling @@ -73,6 +73,9 @@ Chromium - CVE-2020-15968: Use after free in Blink - CVE-2020-15969: Use after free in WebRTC. - CVE-2020-15999: Heap buffer overflow in freetype + - CVE-2020-16001: Use after free in media. + - CVE-2020-16002: Use after free in PDFium. + - CVE-2020-16003: Use after free in printing. - Security Bug 1051439 - Security bug 1052492 - Security bug 1054229 From 92719afc80d4e62b9bc444cf52ccf853223304f2 Mon Sep 17 00:00:00 2001 From: Keith Kyzivat Date: Thu, 29 Oct 2020 15:16:28 -0400 Subject: [PATCH 103/112] Look for resources in macOS standard Resources dir MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When on macOS, with a frameworkless build, WebEngine resources are stored in a Resources directory named with a capital R. This is the standard directory name for resources on macOS, however Qt WebEngine was expecting to find resources in a directory named `resources` (no capitalized first letter). Task-number: QTBUG-72368 Change-Id: I2106a50a63c6d812dc6ad649645e3b6b9e0471e2 Reviewed-by: Michael Brüning (cherry picked from commit 3a4e3c807c667491e133d04e3dcbadd0dad19826) Reviewed-by: Qt Cherry-pick Bot --- src/core/web_engine_library_info.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/web_engine_library_info.cpp b/src/core/web_engine_library_info.cpp index 3899ced2529..75fd947a27b 100644 --- a/src/core/web_engine_library_info.cpp +++ b/src/core/web_engine_library_info.cpp @@ -290,6 +290,8 @@ QString resourcesDataPath() static QString potentialResourcesPath = #if defined(OS_MACOSX) && defined(QT_MAC_FRAMEWORK_BUILD) getResourcesPath(frameworkBundle()); +#elif defined(OS_MACOSX) + QLibraryInfo::location(QLibraryInfo::DataPath) % QLatin1String("/Resources"); #else QLibraryInfo::location(QLibraryInfo::DataPath) % QLatin1String("/resources"); #endif From fb171df0f34d216b1189b5277966c231729b63e0 Mon Sep 17 00:00:00 2001 From: Jani Heikkinen Date: Fri, 6 Nov 2020 09:34:46 +0200 Subject: [PATCH 104/112] Bump version Change-Id: I2fd487f244c0741aa6f4ce9a21cf1b0f3db4fb02 --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index fffea1245fe..48a76f58ea6 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.10 +MODULE_VERSION = 5.12.11 From 646df9fb4ea8d01b62ad8c8e8a992612f595e43a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Wed, 28 Oct 2020 14:01:50 +0100 Subject: [PATCH 105/112] Update Chromium Pulls in the changes 95bf758e9e5 [Backport] CVE-2020-15968: Use after free in Blink 0f55630c2f4 [Backport] CVE-2020-15969: Use after free in WebRTC. 5a8e372fc7e [Backport] CVE-2020-6561: Inappropriate implementation in Content Security Policy 4e06eb9f1cc Fix bison 3.7 1357b9be19f [Backport] CVE-2020-15999: Heap buffer overflow in freetype 1456539bd05 [Backport] CVE-2020-16003: Use after free in printing. 6475589b7ed [Backport] CVE-2020-16001: Use after free in media. 92253f4cc04 [Backport] CVE-2020-16002: Use after free in PDFium. 5df1bd044c6 [Backport] CVE-2020-15979: Inappropriate implementation in V8 7138ac3ddcf [Backport] CVE-2020-15978 Insufficient data validation in navigation 5ede8738ccb [Backport] CVE-2020-15992 Insufficient policy enforcement in networking a8f95043550 [Backport] CVE-2020-15987: Use after free in WebRTC (1/2) e5adc243d57 [Backport] CVE-2020-15987: Use after free in WebRTC (2/2) 6411f535efd Fix potential leak after fix for CVE-2020-15987 e5c6b3de888 [Backport] CVE-2020-15989: Uninitialized Use in PDFium 811208e7b60 [Backport] Security bug 1125199 42a1a175af1 [Backport] CVE-2020-16008: Stack buffer overflow in WebRTC aef97e76545 [Backport] CVE-2020-16011: Heap buffer overflow in UI on Windows. ade0aef290c [Backport] Security bug 1137608 8e776e6e6f5 [Backport] CVE-2020-16014: Use after free in PPAPI 765a0ff57eb [Backport] CVE-2020-16022: Insufficient policy enforcement in networking 117abfcce74 [Backport] Dependency for CVE-2020-16024 05386001f90 [Backport] CVE-2020-16024: Heap buffer overflow in UI 275dca60b70 [Backport] CVE-2020-16028: Heap buffer overflow in WebRTC 053316ce37e [Backport] Security bug 1137603 cef4d6d73cd [Backport] Security bug 1142020 026b0132f6d Fix CVE-2020-16034 by disabling chrome://webrtc-internals 878d0697c48 [Backport] mac: make find_sdk.py work when the sdk goes to 11 4689c3d74c5 [Backport] CVE-2020-16040: Insufficient data validation in V8 a0c71808baf [Backport] CVE-2020-16016: Inappropriate implementation in base. 10cb7cc9b11 [Backport] Security bug 1123035 0fdd19c558e [Backport] CVE-2020-16027: Insufficient policy enforcement in developer tools. 2b0be93dc42 [Backport] Dependency for CVE-2020-16030 c1cc6046fbc [Backport] CVE-2020-16030: Insufficient data validation in Blink 72f67be024a [Backport] CVE-2020-16042: Uninitialized Use in V8 Updates test expectations for loading chrome://webrtc-internals in tst_qwebengineview. Fixes: QTBUG-87787 Task-number: QTBUG-89191 Change-Id: I7e04b3f225affa9912dce1b1dd13f0dc8dba754b Reviewed-by: Michal Klocek --- src/3rdparty | 2 +- tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/3rdparty b/src/3rdparty index d6e06841443..72f67be024a 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit d6e06841443a40c99efd209bce6c96c8a7659c34 +Subproject commit 72f67be024afbbeadab26e9c3f3f848827c85e18 diff --git a/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp b/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp index b9337cbee01..f579506bfca 100644 --- a/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp +++ b/tests/auto/widgets/qwebengineview/tst_qwebengineview.cpp @@ -3075,7 +3075,7 @@ void tst_QWebEngineView::webUIURLs_data() QTest::newRow("usb-internals") << QUrl("chrome://usb-internals") << false; QTest::newRow("user-actions") << QUrl("chrome://user-actions") << false; QTest::newRow("version") << QUrl("chrome://version") << false; - QTest::newRow("webrtc-internals") << QUrl("chrome://webrtc-internals") << true; + QTest::newRow("webrtc-internals") << QUrl("chrome://webrtc-internals") << false; QTest::newRow("webrtc-logs") << QUrl("chrome://webrtc-logs") << false; } From 82eae6c457c85c9f51d08d5430d58e8359449576 Mon Sep 17 00:00:00 2001 From: Kirill Burtsev Date: Tue, 26 Jan 2021 19:35:27 +0100 Subject: [PATCH 106/112] Match render pass structures check to actual tree traversal loop Mismatch in render tree on update may lead to crash when: * less scenegraph nodes are updated than created - hence crash on rendering since not all textures are replaced and old ones are deleted on previous run in scope of 'commit' method * more quads are processed than were on new tree create - hence crash on an attempt to setup non-existent node in DelegatedNodeTreeUpdater. Match logic of 'areRenderPassStructuresEqual' to main 'commit' method loop. Fixes: QTBUG-76181 Fixes: QTBUG-85802 Change-Id: Ib0c6dbec8100a068948a4ca8c385ba516ba5c504 Reviewed-by: Allan Sandfeld Jensen --- src/core/delegated_frame_node.cpp | 69 +++++++++++++++++++------------ 1 file changed, 42 insertions(+), 27 deletions(-) diff --git a/src/core/delegated_frame_node.cpp b/src/core/delegated_frame_node.cpp index 8ac82dbf186..e2c6e316563 100644 --- a/src/core/delegated_frame_node.cpp +++ b/src/core/delegated_frame_node.cpp @@ -768,7 +768,7 @@ static bool areSharedQuadStatesEqual(const viz::SharedQuadState *layerState, // *structurally* equivalent to the one of the previous frame. // If it is, we will just reuse and update the old nodes where necessary. static bool areRenderPassStructuresEqual(viz::CompositorFrame *frameData, - viz::CompositorFrame *previousFrameData) + viz::CompositorFrame *previousFrameData, const gfx::Rect &viewportRect) { if (!previousFrameData) return false; @@ -776,6 +776,8 @@ static bool areRenderPassStructuresEqual(viz::CompositorFrame *frameData, if (previousFrameData->render_pass_list.size() != frameData->render_pass_list.size()) return false; + auto rootRenderPass = frameData->render_pass_list.back().get(); + for (unsigned i = 0; i < frameData->render_pass_list.size(); ++i) { viz::RenderPass *newPass = frameData->render_pass_list.at(i).get(); viz::RenderPass *prevPass = previousFrameData->render_pass_list.at(i).get(); @@ -786,6 +788,13 @@ static bool areRenderPassStructuresEqual(viz::CompositorFrame *frameData, if (newPass->quad_list.size() != prevPass->quad_list.size()) return false; + auto &&scissorRect = newPass == rootRenderPass ? viewportRect : newPass->output_rect; + auto &&prevScissorRect = newPass == rootRenderPass ? viewportRect : prevPass->output_rect; + if (newPass != rootRenderPass) { + if (scissorRect.IsEmpty() != prevScissorRect.IsEmpty()) + return false; + } + viz::QuadList::ConstBackToFrontIterator it = newPass->quad_list.BackToFrontBegin(); viz::QuadList::ConstBackToFrontIterator end = newPass->quad_list.BackToFrontEnd(); viz::QuadList::ConstBackToFrontIterator prevIt = prevPass->quad_list.BackToFrontBegin(); @@ -803,18 +812,25 @@ static bool areRenderPassStructuresEqual(viz::CompositorFrame *frameData, return false; #endif // GL_OES_EGL_image_external #endif // QT_NO_OPENGL - if (!areSharedQuadStatesEqual(quad->shared_quad_state, prevQuad->shared_quad_state)) + + auto sharedState = quad->shared_quad_state, prevSharedState = prevQuad->shared_quad_state; + if (!areSharedQuadStatesEqual(sharedState, prevSharedState)) + return false; + + auto &&transform = quad->shared_quad_state->quad_to_target_transform; + + gfx::Rect targetRect1 = cc::MathUtil::MapEnclosingClippedRect(transform, quad->visible_rect); + if (sharedState->is_clipped) + targetRect1.Intersect(sharedState->clip_rect); + targetRect1.Intersect(scissorRect); + + gfx::Rect targetRect2 = cc::MathUtil::MapEnclosingClippedRect(transform, prevQuad->visible_rect); + if (prevSharedState->is_clipped) + targetRect2.Intersect(prevSharedState->clip_rect); + targetRect2.Intersect(scissorRect); + + if (targetRect1.IsEmpty() != targetRect2.IsEmpty()) return false; - if (quad->shared_quad_state->is_clipped && quad->visible_rect != prevQuad->visible_rect) { - gfx::Rect targetRect1 = - cc::MathUtil::MapEnclosingClippedRect(quad->shared_quad_state->quad_to_target_transform, quad->visible_rect); - gfx::Rect targetRect2 = - cc::MathUtil::MapEnclosingClippedRect(quad->shared_quad_state->quad_to_target_transform, prevQuad->visible_rect); - targetRect1.Intersect(quad->shared_quad_state->clip_rect); - targetRect2.Intersect(quad->shared_quad_state->clip_rect); - if (targetRect1.IsEmpty() != targetRect2.IsEmpty()) - return false; - } } } return true; @@ -854,11 +870,20 @@ void DelegatedFrameNode::commit(ChromiumCompositorData *chromiumCompositorData, } frameData->resource_list.clear(); - QScopedPointer nodeHandler; + + // The RenderPasses list is actually a tree where a parent RenderPass is connected + // to its dependencies through a RenderPassId reference in one or more RenderPassQuads. + // The list is already ordered with intermediate RenderPasses placed before their + // parent, with the last one in the list being the root RenderPass, the one + // that we displayed to the user. + // All RenderPasses except the last one are rendered to an FBO. + viz::RenderPass *rootRenderPass = frameData->render_pass_list.back().get(); const QSizeF viewportSizeInPt = apiDelegate->screenRect().size(); const QSizeF viewportSizeF = viewportSizeInPt * devicePixelRatio; const QSize viewportSize(std::ceil(viewportSizeF.width()), std::ceil(viewportSizeF.height())); + gfx::Rect viewportRect(toGfx(viewportSize)); + viewportRect += rootRenderPass->output_rect.OffsetFromOrigin(); // We first compare if the render passes from the previous frame data are structurally // equivalent to the render passes in the current frame data. If they are, we are going @@ -867,10 +892,11 @@ void DelegatedFrameNode::commit(ChromiumCompositorData *chromiumCompositorData, // Additionally, because we clip (i.e. don't build scene graph nodes for) quads outside // of the visible area, we also have to rebuild the tree whenever the window is resized. const bool buildNewTree = - !areRenderPassStructuresEqual(frameData, &m_chromiumCompositorData->previousFrameData) || m_sceneGraphNodes.empty() || - viewportSize != m_previousViewportSize; + viewportSize != m_previousViewportSize || + !areRenderPassStructuresEqual(frameData, &m_chromiumCompositorData->previousFrameData, viewportRect); + QScopedPointer nodeHandler; m_chromiumCompositorData->previousFrameData = viz::CompositorFrame(); SGObjects previousSGObjects; QVector > textureStrongRefs; @@ -889,20 +915,12 @@ void DelegatedFrameNode::commit(ChromiumCompositorData *chromiumCompositorData, qSwap(m_sgObjects.textureStrongRefs, textureStrongRefs); nodeHandler.reset(new DelegatedNodeTreeUpdater(&m_sceneGraphNodes)); } - // The RenderPasses list is actually a tree where a parent RenderPass is connected - // to its dependencies through a RenderPassId reference in one or more RenderPassQuads. - // The list is already ordered with intermediate RenderPasses placed before their - // parent, with the last one in the list being the root RenderPass, the one - // that we displayed to the user. - // All RenderPasses except the last one are rendered to an FBO. - viz::RenderPass *rootRenderPass = frameData->render_pass_list.back().get(); - gfx::Rect viewportRect(toGfx(viewportSize)); for (unsigned i = 0; i < frameData->render_pass_list.size(); ++i) { viz::RenderPass *pass = frameData->render_pass_list.at(i).get(); QSGNode *renderPassParent = 0; - gfx::Rect scissorRect; + auto &&scissorRect = pass != rootRenderPass ? pass->output_rect : viewportRect; if (pass != rootRenderPass) { QSharedPointer rpLayer; if (buildNewTree) { @@ -927,11 +945,8 @@ void DelegatedFrameNode::commit(ChromiumCompositorData *chromiumCompositorData, rpLayer->setFormat(pass->has_transparent_background ? GL_RGBA : GL_RGB); rpLayer->setHasMipmaps(pass->generate_mipmap); rpLayer->setMirrorVertical(true); - scissorRect = pass->output_rect; } else { renderPassParent = this; - scissorRect = viewportRect; - scissorRect += rootRenderPass->output_rect.OffsetFromOrigin(); } if (scissorRect.IsEmpty()) { From 67194333916289ae7dd3ece6b0e2131f665c1916 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Mon, 12 Apr 2021 10:14:28 +0200 Subject: [PATCH 107/112] Update Chromium Submodule src/3rdparty 72f67be0..4e224e5a: > Fixup [Backport] CVE-2021-21160: Heap buffer overflow in WebAudio > Fixup for [Backport] Security bug 1161048 > [Backport] CVE-2021-21156: Heap buffer overflow in V8 > [Backport] CVE-2021-21188: Use after free in Blink. > [Backport] Security bug 1161847 > [Backport] CVE-2021-21195: Use after free in V8 > [Backport] CVE-2021-21198: Out of bounds read in IPC > [Backport] Security bug 1185482 > [Backport] Security bug 1062941 > [Backport] CVE-2021-21175: Inappropriate implementation in Site isolation > [Backport] Security bug 1161048 > [Backport] CVE-2021-21193: Use after free in Blink > [Backport] CVE-2021-21190: Uninitialized Use in PDFium > [Backport] CVE-2021-21160: Heap buffer overflow in WebAudio > [Backport] CVE-2021-21165: Object lifecycle issue in audio > [Backport] Security bug 1180871 > [Backport] CVE-2021-21157: Use after free in Web Sockets > [Backport] CVE-2021-21148: Heap buffer overflow in V8 > [Backport] CVE-2021-21137: Inappropriate implementation in DevTools > [Backport] Security bug 1135594 > [Backport] CVE-2021-21153: Stack overflow in GPU Process > [Backport] CVE-2021-21138: Use after free in DevTools > [Backport] Security bug 1097499 > [Backport] Security bug 1144646 > [Backport] WebRTC bug 12105 > [Backport] CVE-2021-21119: Use after free in Media > [Backport] CVE-2021-21140: Uninitialized Use in USB [2/2] > [Backport] CVE-2021-21140: Uninitialized Use in USB [1/2] > [Backport] CVE-2021-21120: Use after free in WebSQL > [Backport] Security bug 1162198 > [Backport] CVE-2020-16044: Use after free in WebRTC [3/3] > [Backport] CVE-2020-16044: Use after free in WebRTC [2/3] > [Backport] CVE-2020-16044: Use after free in WebRTC [1/3] > [Backport] CVE-2021-21146: Use after free in Navigation > [Backport] Security bug 1152645 > [Backport] Security bug 1148309 > [Backport] CVE-2021-21114: Use after free in audio Task-number: QTBUG-91422 Task-number: QTBUG-92456 Change-Id: I43eb42057fd9123d7a870f294936633ac235333e Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 72f67be024a..4e224e5af48 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 72f67be024afbbeadab26e9c3f3f848827c85e18 +Subproject commit 4e224e5af48f9268d8f72b0f8adf4e9a1a470ca6 From 428a2001ca91efc82823bebdc1a34e43cff08375 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Thu, 6 May 2021 15:30:02 +0200 Subject: [PATCH 108/112] Update Chromium Submodule src/3rdparty 4e224e5a..bda00397: > [Backport] CVE-2021-21231: Insufficient data validation in V8 > [Backport] CVE-2021-21207: Use after free in IndexedDB > [Backport] CVE-2021-21230: Type Confusion in V8 > [Backport] CVE-2021-21227: Insufficient data validation in V8 > [Backport] Security bug 1192552 > [Backport] CVE-2021-21223: Integer overflow in Mojo > [Backport] Security bugs 1175522 and 1181276 > [Backport] CVE-2021-21203: Use after free in Blink > [Backport] CVE-2021-21204: Use after free in Blink. > [Backport] CVE-2021-21202: Use after free in extensions. > [Backport] CVE-2021-21214: Use after free in Network API > [Backport] CVE-2021-21221: Insufficient validation of untrusted input in Mojo > [Backport] CVE-2021-21206: Use after free in Blink > [Backport] CVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64 Task-number: QTBUG-93566 Change-Id: I9f67eb1df61710b44bdf670f669196afc47f7ac1 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 4e224e5af48..bda00397362 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 4e224e5af48f9268d8f72b0f8adf4e9a1a470ca6 +Subproject commit bda00397362bf03ff7b8d88fa54625524f604c7e From 9dfb4348feb612ea6405428c3c64f48328083e94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Tue, 11 May 2021 00:13:04 +0200 Subject: [PATCH 109/112] Update Chromium Submodule src/3rdparty bda00397..1b284e5b: > Fix up [Backport] Security bug 1175503 > Fix up [Backport] CVE-2021-30513: Type Confusion in V8. > [Backport] Security bug 1190525 > [Backport] CVE-2021-30518: Heap buffer overflow in Reader Mode. > [Backport] CVE-2021-30513: Type Confusion in V8. > [Backport] CVE-2021-30515: Use after free in File API. > [Backport] Security bug 1175503 Task-number: QTBUG-93566 Change-Id: I41956c76cd2ff5f3b005f62a8ba406354d1063c5 Reviewed-by: Michal Klocek Reviewed-by: Qt CI Bot --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index bda00397362..1b284e5be03 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit bda00397362bf03ff7b8d88fa54625524f604c7e +Subproject commit 1b284e5be03a82d966a84ef0c2d09c7e3d894ccc From cb733a4831c9fc0b027e24a78391ab0e869eb357 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Thu, 2 May 2019 14:21:12 +0200 Subject: [PATCH 110/112] Skip tst_QWebEngineProfile::qtbug_71895 if network load fails Fix also bug id which is incorrect. Fixes: QTBUG-96925 Task-number: QTBUG-71895 (cherry picked from commit 27a2a77d2abed034129077db74302194f042e8da) Change-Id: I0daf14c4ec31dfb867d9d7f531b9fdc6f7244e1b Reviewed-by: Allan Sandfeld Jensen --- .../widgets/qwebengineprofile/tst_qwebengineprofile.cpp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp index 3fc8fb45a28..e4fc8ec532b 100644 --- a/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp +++ b/tests/auto/widgets/qwebengineprofile/tst_qwebengineprofile.cpp @@ -62,7 +62,7 @@ private Q_SLOTS: void changePersistentPath(); void initiator(); void badDeleteOrder(); - void qtbug_72299(); // this should be the last test + void qtbug_71895(); // this should be the last test }; void tst_QWebEngineProfile::initTestCase() @@ -649,7 +649,7 @@ void tst_QWebEngineProfile::badDeleteOrder() delete view; } -void tst_QWebEngineProfile::qtbug_72299() +void tst_QWebEngineProfile::qtbug_71895() { QWebEngineView view; QSignalSpy loadSpy(view.page(), SIGNAL(loadFinished(bool))); @@ -659,8 +659,9 @@ void tst_QWebEngineProfile::qtbug_72299() view.page()->profile()->setHttpCacheType(QWebEngineProfile::NoCache); view.page()->profile()->cookieStore()->deleteAllCookies(); view.page()->profile()->setPersistentCookiesPolicy(QWebEngineProfile::NoPersistentCookies); - QTRY_COMPARE_WITH_TIMEOUT(loadSpy.count(), 1, 20000); - QVERIFY(loadSpy.front().front().toBool()); + bool gotSignal = loadSpy.count() || loadSpy.wait(20000); + if (!gotSignal) + QSKIP("Couldn't load page from network, skipping test."); } From 0c3d887c66b4079b57e3a244c46bb7f5a96492cb Mon Sep 17 00:00:00 2001 From: Jani Heikkinen Date: Mon, 4 Oct 2021 11:46:37 +0300 Subject: [PATCH 111/112] Bump version Change-Id: I97dd43738457d684c3f31ca02e93c729b8d13030 --- .qmake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.qmake.conf b/.qmake.conf index 48a76f58ea6..6b2ef0b4398 100644 --- a/.qmake.conf +++ b/.qmake.conf @@ -5,4 +5,4 @@ QTWEBENGINE_OUT_ROOT = $$shadowed($$PWD) load(qt_build_config) CONFIG += warning_clean -MODULE_VERSION = 5.12.11 +MODULE_VERSION = 5.12.12 From c3b0847c0fb09df197554fed7bba1683191b9c12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Thu, 11 Nov 2021 00:23:09 +0100 Subject: [PATCH 112/112] Update Chromium Submodule src/3rdparty 1b284e5b..b249cd9b: > [Backport] CVE-2021-30553: Use after free in Network service > [Backport] Security bug 1184294 > [Backport] CVE-2021-30569, security bugs 1198216, 1204814 and 1197786 > [Backport] CVE-2021-30560: Use after free in Blink XSLT > [Backport] Security bug 1252858 > [Backport] Security bug 1242257 > [Backport] CVE-2021-30627: Type Confusion in Blink layout > [Backport] CVE-2021-30618: Inappropriate implementation in DevTools > [Backport] CVE-2021-30603: Race in WebAudio > [Backport] CVE-2021-30585: Use after free in sensor handling > [Backport] CVE-2021-30559: Out of bounds write in ANGLE > [Backport] CVE-2021-30547: Out of bounds write in ANGLE > [Backport] Security bug 1202534 > [Backport] CVE-2021-30522: Use after free in WebAudio > Revert "[Backport] CVE-2021-21227: Insufficient data validation in V8" > Revert "[Backport] CVE-2021-30513: Type Confusion in V8." > Revert "[Backport] CVE-2021-21231: Insufficient data validation in V8" Change-Id: I61c36404e160864bf4daa730cef62aec747996c7 Reviewed-by: Allan Sandfeld Jensen --- src/3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/3rdparty b/src/3rdparty index 1b284e5be03..b249cd9b645 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 1b284e5be03a82d966a84ef0c2d09c7e3d894ccc +Subproject commit b249cd9b6455cafacb8f7c99d300cefc59881cc2