qt/qtwebengine.git - Qt WebEngine

	Commit message (Collapse)	Author	Age	Files	Lines
*	Associate permissions with frames	Kaloyan Chehlarski	2025-08-20	1	-27/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Previously, permisions were associated with the originating WebContents, as the PermissionManager API uses those in its function calls. This is insufficient, however, as it results in iframes not receiving the correct permissions (because they were instead granted to the root frame instead. This change modifies the internals of PermissionManagerQt to use GlobalRenderFrameHostTokens, and modifies relevant functions across the codebase to pass those around instead of WebContents. Media and mouse lock permissions now also query the permission manager before issuing a request, which avoids some cases of the same request being sent multiple times in a row. As a side effect, the behavior of non-persistent permissions (as well as the behavior of ALL permissions when running in AskEveryTime mode) is standardized so that a permission is remembered as long as the associated frame is alive. Fixes: QTBUG-134637 Fixes: QTBUG-135787 Pick-to: 6.10 6.9 Change-Id: I650e3328ef3830d06206acafc3305566d3a10d86 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
*	CRA mark src/core/api	Moss Heim	2025-08-12	1	-0/+1
\| \| \| \| \| \| \| \|	QUIP: 23 Fixes: QTBUG-138720 Pick-to: 6.10 6.9 6.8 Change-Id: I9c064bef911e36c12553fc6cebb7408fb02bcc0b Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
*	QWebEnginePermission: fix move ctor and QESDP macro use	Marc Mutz	2024-08-28	1	-5/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Unless you =default also ~Public(), the _WITH_EXPORT version of QT_DECLARE_QESDP_SPECIALIZATION_DTOR is not needed, and could cause problems with linker scripts that try to keep private API out of the ABI. For an inline move ctor, the export isn't needed, because the compiler never calls the d_ptr dtor (even though it must be present during compilation). Also fix the move ctor to be inline, noexcept and =default'ed. That's the whole point of using the QESDP macros, after all. Found in API-review. Pick-to: 6.8 Change-Id: Id4092e98931cbbd7334a7cfe763696b8b9b4948a Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> Reviewed-by: Kaloyan Chehlarski <kaloyan.chehlarski@qt.io>
*	Permission manager: separate tracking of transient permissions	Kaloyan Chehlarski	2024-08-24	1	-13/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Following the rewrite of the permissions API, transient (a.k.a non-persistent) permissions still passed through the persistent store sometimes, but were filtered out when using user-facing APIs. Unfortunately, thisstill presented some edge cases in the AskEveryTime permission policy mode. This change modifies the PermissionManagerQt class to store a second set of permissions, and associate them with a RenderFrameHost the way the Chromium API is designed to do anyway. This way, a permission will be kept around for the lifetime of a web page, and calling JavaScript APIs that trigger checks for permission state will work properly (e.g. navigator.mediaDevices.enumerateDevices). The new store is regularly cleaned up to make sure expired permissions are purged before they impact performance. As a side effect, this change also introduces pre-granting of non-persistent permissions, which was the biggest omission in the permissions rewrite. In those cases, the permissions will be temporarily stored inside the persistent store, and moved to the transient one the next time they're queried (and can thus be associated with a RenderFrameHost). This also fixes some extremely broken test cases that relied on invalid web API. Fixes: QTBUG-127951 Pick-to: 6.8 Change-Id: Ic084af7673ea0b255d98d94382e77323bb5e7ab0 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
*	QWebEnginePermission: Simplify copy constructor and assignment	Kaloyan Chehlarski	2024-08-19	1	-5/+2
\| \| \| \| \| \| \| \|	Found during API review Pick-to: 6.8 Change-Id: I958fd3d1b719eedb72970c2718ab9d35a2d887e8 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
*	QWebEnginePermission: Add move constructor and nullptr checks	Kaloyan Chehlarski	2024-07-17	1	-2/+12
\| \| \| \| \| \| \| \| \| \| \| \| \|	A move assignment existed for the class, but not a move constructor. Since both of those can leave a QWebEnginePermission object in a state where the d_ptr is null, this change also adds checks to ensure using a moved-from object won't crash the application. Found in API review. Pick-to: 6.8 Change-Id: I977927c18094d06ea63840bb80c88b50c4b19b73 Reviewed-by: Michal Klocek <michal.klocek@qt.io> Reviewed-by: Moss Heim <moss.heim@qt.io>
*	QWebEnginePermission: fix the name of comparison helper	Ivan Solovev	2024-07-15	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Do not use comparesEqual() as a name of a 1-arg member function, as it is used in the C++20 comparison framework and should be a 2-arg hidden friend. Rename the exported member function to equals(), thus leaving the possibility to use the comparison helper macros later, if needed. Amends 00d7de830a43a84a431511a55525f04c21b8ba49. Found in Qt 6.8 API review. Pick-to: 6.8 Change-Id: I0ed9bf9ee08418da2f489ed328aecee412486fd0 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
*	QWebEnginePermission: Post-API review	Kaloyan Chehlarski	2024-07-03	1	-81/+90
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This commit contains fixes for the issues found during the API review of the new permissions API. In particular: - All new enums are now scoped - Replaced isTransient with its opposite, isPersistent - Renamed Feature to PermissionType - Made origin() return a non-const QUrl - Renamed PersistentPermissionsPolicy members to be more concise - Fixed a couple of bugs in the implementation - Updated documentation Change-Id: Idf84e1c9ba3ae803ef4686e1caa7f3e6c198c87d Reviewed-by: Michal Klocek <michal.klocek@qt.io>
*	Fix QWEPermission related warnings	Martin Negyokru	2024-06-24	1	-0/+2
\| \| \| \| \| \| \| \| \|	Fix compiler warnings that are related to QWebEnginePermission. Pick-to: 6.8 Change-Id: Icac1352e4934f73a205b85896b6f83171b759dd3 Reviewed-by: Kaloyan Chehlarski <kaloyan.chehlarski@qt.io> Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
*	Add QWebEnginePermission and rewrite permissions API	Kaloyan Chehlarski	2024-06-03	1	-0/+307
	With the addition of permission persistence, it's now important for us to have an API for querying previously granted/denied permissions, so that they can be revoked at a later point. This change does the bulk of the work to get us there, by introducing a new type representing a single permission for a given URL/Feature pair. This type holds no information about the permission's state; it is simply an accessor object which allows its user to query the current status of the permission, grant/deny it, or reset it back to its initial state (so, delete it from storage). This provides application developers an easy way to store/modify lists of permissions without having to define their own custom types. A subsequent change will expand the API to provide a list of all permissions for a given profile. The current API (in QWebEnginePage and QQuickWebEngineView) has been marked as deprecated, but has not been disabled to ensure a smooth transition for developers. [ChangeLog][QtWebEngineCore][QWebEnginePage] Deprecated old permissions API [ChangeLog][QtWebEngineQuick][WebEngineView] Deprecated old permissions API [ChangeLog][QtWebEngineCore] Added new API for querying and modifying website permissions. [ChangeLog][QtWebEngineQuick] Added new API for querying and modifying website permissions. Pick-to: 6.8 Change-Id: I8661cdc26bbd6dcde6403d29cc083bcea1a49ccc Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>