summaryrefslogtreecommitdiffstats
path: root/src/core/api/qwebenginepermission.cpp
diff options
context:
space:
mode:
authorKaloyan Chehlarski <kaloyan.chehlarski@qt.io>2025-03-19 10:48:31 +0100
committerKaloyan Chehlarski <kaloyan.chehlarski@qt.io>2025-08-20 15:06:23 +0200
commitbbbe5014e51d2b2c7abce1e63cc971713f9b2540 (patch)
treec29ac36122e0e7528e0cebb80adcc0a6776dd83d /src/core/api/qwebenginepermission.cpp
parent4dfc6e4598310641b94a9c16764d2561883f1046 (diff)
Associate permissions with frames
Previously, permisions were associated with the originating WebContents, as the PermissionManager API uses those in its function calls. This is insufficient, however, as it results in iframes not receiving the correct permissions (because they were instead granted to the root frame instead. This change modifies the internals of PermissionManagerQt to use GlobalRenderFrameHostTokens, and modifies relevant functions across the codebase to pass those around instead of WebContents. Media and mouse lock permissions now also query the permission manager before issuing a request, which avoids some cases of the same request being sent multiple times in a row. As a side effect, the behavior of non-persistent permissions (as well as the behavior of ALL permissions when running in AskEveryTime mode) is standardized so that a permission is remembered as long as the associated frame is alive. Fixes: QTBUG-134637 Fixes: QTBUG-135787 Pick-to: 6.10 6.9 Change-Id: I650e3328ef3830d06206acafc3305566d3a10d86 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'src/core/api/qwebenginepermission.cpp')
-rw-r--r--src/core/api/qwebenginepermission.cpp39
1 files changed, 12 insertions, 27 deletions
diff --git a/src/core/api/qwebenginepermission.cpp b/src/core/api/qwebenginepermission.cpp
index ec62f0e4c..1d1b12b7e 100644
--- a/src/core/api/qwebenginepermission.cpp
+++ b/src/core/api/qwebenginepermission.cpp
@@ -20,11 +20,12 @@ QWebEnginePermissionPrivate::QWebEnginePermissionPrivate()
/*! \internal */
QWebEnginePermissionPrivate::QWebEnginePermissionPrivate(const QUrl &origin_, QWebEnginePermission::PermissionType permissionType_,
- QSharedPointer<QtWebEngineCore::WebContentsAdapter> webContentsAdapter_, QtWebEngineCore::ProfileAdapter *profileAdapter_)
+ QtWebEngineCore::ProfileAdapter *profileAdapter_, int childId_, const std::string &serializedToken_)
: QSharedData()
, origin(origin_)
, permissionType(permissionType_)
- , webContentsAdapter(webContentsAdapter_)
+ , childId(childId_)
+ , serializedToken(serializedToken_)
, profileAdapter(profileAdapter_)
{
}
@@ -114,15 +115,12 @@ bool QWebEnginePermission::equals(const QWebEnginePermission &other) const
return false;
if (!isPersistent(d_ptr->permissionType)) {
- if (d_ptr->webContentsAdapter != other.d_ptr->webContentsAdapter)
+ if (d_ptr->childId != other.d_ptr->childId
+ && d_ptr->serializedToken != other.d_ptr->serializedToken)
return false;
} else {
- QtWebEngineCore::ProfileAdapter *thisProfile = d_ptr->webContentsAdapter
- ? d_ptr->webContentsAdapter.toStrongRef()->profileAdapter()
- : d_ptr->profileAdapter.get();
- QtWebEngineCore::ProfileAdapter *otherProfile = d_ptr->webContentsAdapter
- ? other.d_ptr->webContentsAdapter.toStrongRef()->profileAdapter()
- : other.d_ptr->profileAdapter.get();
+ QtWebEngineCore::ProfileAdapter *thisProfile = d_ptr->profileAdapter.get();
+ QtWebEngineCore::ProfileAdapter *otherProfile = other.d_ptr->profileAdapter.get();
if (thisProfile != otherProfile)
return false;
@@ -201,11 +199,7 @@ QWebEnginePermission::State QWebEnginePermission::state() const
{
if (!isValid())
return State::Invalid;
- if (d_ptr->webContentsAdapter)
- return d_ptr->webContentsAdapter.toStrongRef()->getPermissionState(origin(), permissionType());
- if (d_ptr->profileAdapter)
- return d_ptr->profileAdapter->getPermissionState(origin(), permissionType());
- Q_UNREACHABLE_RETURN(State::Ask);
+ return d_ptr->profileAdapter->getPermissionState(origin(), permissionType(), d_ptr->childId, d_ptr->serializedToken);
}
/*!
@@ -227,7 +221,7 @@ bool QWebEnginePermission::isValid() const
return false;
if (permissionType() == PermissionType::Unsupported)
return false;
- if (!d_ptr->profileAdapter && !d_ptr->webContentsAdapter)
+ if (!d_ptr->profileAdapter)
return false;
if (!d_ptr->origin.isValid())
return false;
@@ -243,10 +237,7 @@ void QWebEnginePermission::grant() const
{
if (!isValid())
return;
- if (d_ptr->webContentsAdapter)
- d_ptr->webContentsAdapter.toStrongRef()->setPermission(origin(), permissionType(), State::Granted);
- else if (d_ptr->profileAdapter)
- d_ptr->profileAdapter->setPermission(origin(), permissionType(), State::Granted);
+ d_ptr->profileAdapter->setPermission(origin(), permissionType(), State::Granted, d_ptr->childId, d_ptr->serializedToken);
}
/*!
@@ -258,10 +249,7 @@ void QWebEnginePermission::deny() const
{
if (!isValid())
return;
- if (d_ptr->webContentsAdapter)
- d_ptr->webContentsAdapter.toStrongRef()->setPermission(origin(), permissionType(), State::Denied);
- else if (d_ptr->profileAdapter)
- d_ptr->profileAdapter->setPermission(origin(), permissionType(), State::Denied);
+ d_ptr->profileAdapter->setPermission(origin(), permissionType(), State::Denied, d_ptr->childId, d_ptr->serializedToken);
}
/*!
@@ -279,10 +267,7 @@ void QWebEnginePermission::reset() const
{
if (!isValid())
return;
- if (d_ptr->webContentsAdapter)
- d_ptr->webContentsAdapter.toStrongRef()->setPermission(origin(), permissionType(), State::Ask);
- else if (d_ptr->profileAdapter)
- d_ptr->profileAdapter->setPermission(origin(), permissionType(), State::Ask);
+ d_ptr->profileAdapter->setPermission(origin(), permissionType(), State::Ask, d_ptr->childId, d_ptr->serializedToken);
}
/*!
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-16 23:11:47 +0000