diff options
| author | Kaloyan Chehlarski <kaloyan.chehlarski@qt.io> | 2024-08-15 16:27:44 +0200 |
|---|---|---|
| committer | Kaloyan Chehlarski <kaloyan.chehlarski@qt.io> | 2024-08-24 18:19:31 +0200 |
| commit | 8001d8e149b2d109718f6a671c93e3489c4ecd54 (patch) | |
| tree | 60a1e6c087323b3cfed9b806faddb66bbd53fa47 /src/core/api/qwebenginepermission.cpp | |
| parent | bc5cec1a57afd85f0030a04af1ec26af8857c284 (diff) | |
Permission manager: separate tracking of transient permissions
Following the rewrite of the permissions API, transient
(a.k.a non-persistent) permissions still passed through
the persistent store sometimes, but were filtered out when
using user-facing APIs. Unfortunately, thisstill presented some
edge cases in the AskEveryTime permission policy mode.
This change modifies the PermissionManagerQt class to store
a second set of permissions, and associate them with a
RenderFrameHost the way the Chromium API is designed to do
anyway. This way, a permission will be kept around for the
lifetime of a web page, and calling JavaScript APIs that
trigger checks for permission state will work properly
(e.g. navigator.mediaDevices.enumerateDevices).
The new store is regularly cleaned up to make sure expired
permissions are purged before they impact performance.
As a side effect, this change also introduces pre-granting
of non-persistent permissions, which was the biggest
omission in the permissions rewrite. In those cases,
the permissions will be temporarily stored inside the
persistent store, and moved to the transient one the next
time they're queried (and can thus be associated with
a RenderFrameHost).
This also fixes some extremely broken test cases that
relied on invalid web API.
Fixes: QTBUG-127951
Pick-to: 6.8
Change-Id: Ic084af7673ea0b255d98d94382e77323bb5e7ab0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'src/core/api/qwebenginepermission.cpp')
| -rw-r--r-- | src/core/api/qwebenginepermission.cpp | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/src/core/api/qwebenginepermission.cpp b/src/core/api/qwebenginepermission.cpp index 7a5a2ab41..d6f5ed98f 100644 --- a/src/core/api/qwebenginepermission.cpp +++ b/src/core/api/qwebenginepermission.cpp @@ -54,7 +54,7 @@ QWebEnginePermissionPrivate::QWebEnginePermissionPrivate(const QUrl &origin_, QW \l QWebEnginePermission::PermissionType describes all the permission types Qt WebEngine supports. Only some permission types are remembered between browsing sessions; they are \e persistent. Non-persistent permissions query the user every time a - website requests them, and cannot be granted in advance. You can check whether a permission type is persistent at runtime + website requests them. You can check whether a permission type is persistent at runtime using the static method QWebEnginePermission::isPersistent(). Persistent permissions are stored inside the active QWebEngineProfile, and their lifetime depends on the value of @@ -166,8 +166,7 @@ QUrl QWebEnginePermission::origin() const \value Unsupported An unsupported permission type. \note Non-persistent permission types are ones that will never be remembered by the underlying storage, and will trigger - a permission request every time a website tries to use them. They can only be denied/granted as they're needed; - any attempts to pre-grant a non-persistent permission will fail. + a permission request every time a website tries to use them. */ /*! @@ -196,7 +195,7 @@ QWebEnginePermission::PermissionType QWebEnginePermission::permissionType() cons If a permission for the specified \l permissionType() and \l origin() has already been granted or denied, the return value is QWebEnginePermission::Granted, or QWebEnginePermission::Denied, respectively. - When this is the first time the permission is requested, or if the \l permissionType() is non-persistent, + When this is the first time the permission is requested, the return value is QWebEnginePermission::Ask. If the object is in an invalid state, the returned value is QWebEnginePermission::Invalid. @@ -210,8 +209,7 @@ QWebEnginePermission::State QWebEnginePermission::state() const return d_ptr->webContentsAdapter.toStrongRef()->getPermissionState(origin(), permissionType()); if (d_ptr->profileAdapter) return d_ptr->profileAdapter->getPermissionState(origin(), permissionType()); - Q_UNREACHABLE(); - return State::Ask; + Q_UNREACHABLE_RETURN(State::Ask); } /*! @@ -221,9 +219,8 @@ QWebEnginePermission::State QWebEnginePermission::state() const An invalid QWebEnginePermission is either: \list \li One whose \l permissionType() is unsupported; - \li One whose \l permissionType() is non-persistent, and the user has navigated away from the web page that triggered the request; - \li One whose \l permissionType() is persistent, but the associated profile has been destroyed; - \li One whose \l origin() is invalid. + \li One whose \l origin() is invalid; + \li One whose associated profile has been destroyed \endlist \sa isPersistent() @@ -234,9 +231,7 @@ bool QWebEnginePermission::isValid() const return false; if (permissionType() == PermissionType::Unsupported) return false; - if (!isPersistent(permissionType()) && !d_ptr->webContentsAdapter) - return false; - if (!d_ptr->profileAdapter) + if (!d_ptr->profileAdapter && !d_ptr->webContentsAdapter) return false; if (!d_ptr->origin.isValid()) return false; @@ -277,7 +272,7 @@ void QWebEnginePermission::deny() const Removes the permission from the profile's underlying storage. By default, permissions are stored on disk (except for off-the-record profiles, where permissions are stored in memory and are destroyed with the profile). This means that an already granted/denied permission will not be requested twice, but will get automatically - granted/denied every subsequent time a website requests it. Calling reset() allows the query to be asked + granted/denied every subsequent time a website requests it. Calling reset() allows the query to be displayed again the next time the website requests it. Does nothing when \l isValid() evaluates to false. |