diff options
| author | Axel Spoerl <axel.spoerl@qt.io> | 2025-11-11 14:19:39 +0000 |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2025-11-11 14:33:35 +0000 |
| commit | e432eacd55728f07a6bbd0b55ad9cb3f763b46ad (patch) | |
| tree | c5aa8d6e06b6a451ece0c0a1c8ca5559bfb07884 | |
| parent | dc4c5de16803cf5566bd6d9339f711bfa24ddf9d (diff) | |
Revert "Allow redirecting fetch() to cross origin resources"
This reverts commit 48ba78f27354a0252d09410203ce4191d6129d57.
Reason for revert: <New test is flaky>
Change-Id: I563e53390999f76ff5582de5750f102eb7d42964
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
5 files changed, 0 insertions, 70 deletions
diff --git a/src/core/net/proxying_url_loader_factory_qt.cpp b/src/core/net/proxying_url_loader_factory_qt.cpp index f9e3498ae..08bcbc394 100644 --- a/src/core/net/proxying_url_loader_factory_qt.cpp +++ b/src/core/net/proxying_url_loader_factory_qt.cpp @@ -403,18 +403,6 @@ void InterceptedRequest::ContinueAfterIntercept() if (!current_response_) current_response_ = createResponse(request_); current_response_->encoded_data_length = 0; - - if (!current_response_->headers) { - current_response_->headers = base::MakeRefCounted<net::HttpResponseHeaders>(""); - // Assuming that the users of request interceptor API are aware of the security - // risks - current_response_->headers->AddHeader( - network::cors::header_names::kAccessControlAllowOrigin, - url::Origin::Create(request_.url).Serialize()); - current_response_->headers->AddHeader( - network::cors::header_names::kAccessControlAllowCredentials, "true"); - } - target_client_->OnReceiveRedirect(redirectInfo, std::move(current_response_)); return; } diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/CMakeLists.txt b/tests/auto/core/qwebengineurlrequestinterceptor/CMakeLists.txt index 3219c44b9..76db8b7e2 100644 --- a/tests/auto/core/qwebengineurlrequestinterceptor/CMakeLists.txt +++ b/tests/auto/core/qwebengineurlrequestinterceptor/CMakeLists.txt @@ -19,8 +19,6 @@ set(tst_qwebengineurlrequestinterceptor_resource_files "resources/content.html" "resources/content2.html" "resources/content3.html" - "resources/cors.html" - "resources/cors.js" "resources/favicon.html" "resources/firstparty.html" "resources/fontawesome.woff" diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/resources/cors.html b/tests/auto/core/qwebengineurlrequestinterceptor/resources/cors.html deleted file mode 100644 index b0fb2cfd9..000000000 --- a/tests/auto/core/qwebengineurlrequestinterceptor/resources/cors.html +++ /dev/null @@ -1,8 +0,0 @@ -<html> - <head> - <link rel="icon" href="data:," /> - </head> - <script src="http://www.qt.io/cors.js"></script> - > - <body></body> -</html> diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/resources/cors.js b/tests/auto/core/qwebengineurlrequestinterceptor/resources/cors.js deleted file mode 100644 index edd338415..000000000 --- a/tests/auto/core/qwebengineurlrequestinterceptor/resources/cors.js +++ /dev/null @@ -1,17 +0,0 @@ -async function getData() -{ - const url = "https://qt.io/content.html"; - try { - const response = await fetch(url); - if (!response.ok) { - throw new Error(`Response status: ${response.status}`); - } - - const result = await response.json(); - console.log(result); - } catch (error) { - console.error(error.message); - } -} - -getData(); diff --git a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp index 81d654066..ad9f91a93 100644 --- a/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp +++ b/tests/auto/core/qwebengineurlrequestinterceptor/tst_qwebengineurlrequestinterceptor.cpp @@ -54,7 +54,6 @@ private Q_SLOTS: void profilePreventsPageInterception_data(); void profilePreventsPageInterception(); void download(); - void redirect(); }; tst_QWebEngineUrlRequestInterceptor::tst_QWebEngineUrlRequestInterceptor() @@ -1144,35 +1143,5 @@ void tst_QWebEngineUrlRequestInterceptor::download() QCOMPARE(interceptor.requestInfos.at(0).download, true); } -void tst_QWebEngineUrlRequestInterceptor::redirect() -{ - HttpServer server; - server.setResourceDirs({ ":/resources" }); - QVERIFY(server.start()); - - TestRequestInterceptor interceptor; - interceptor.onIntercept = [&](QWebEngineUrlRequestInfo &info) { - const auto url = server.url(info.requestUrl().path()); - if (info.requestUrl() != url) { - qDebug() << "FROM" << info.requestUrl() << "TO" << url; - info.redirect(url); - return false; - } - return true; - }; - - QWebEnginePage page; - page.setUrlRequestInterceptor(&interceptor); - QSignalSpy loadSpy(&page, SIGNAL(loadFinished(bool))); - - const auto url = QUrl(server.url("/cors.html")); - page.load(url); - QTRY_COMPARE(loadSpy.size(), 1); - // We expect 3 requests: cors.html, cors.js and content.html - // redirected requests are not counted - // We will only get 2 because the request to fetch content.html will never happen - QCOMPARE(interceptor.requestInfos.size(), 3); -} - QTEST_MAIN(tst_QWebEngineUrlRequestInterceptor) #include "tst_qwebengineurlrequestinterceptor.moc" |