Allow unique initiator requests to qute://testdata

In tests/unit/browser/test_caret.py in the test TestFollowSelected::test_follow_selected_with_link we follow a link from qute://testdata/data/caret.html to qute://testdata/data/hello.txt. For some reason, Qt 5.12 treats that as an unique/opaque origin with Qt 5.12, causing the request to be blocked and the test to fail. To avoid this, we now allow all opaque requests to qute://testdata URLs. This isn't a problem because a qute://testdata handler is only registered inside tests anyways. See #4478
2019-02-17 16:32:09 +01:00 · 2019-02-17 16:32:09 +01:00 · 4c54ebf70f
commit 4c54ebf70f
parent 152abb0d64
1 changed files with 17 additions and 2 deletions
--- a/qutebrowser/browser/webengine/webenginequtescheme.py
+++ b/qutebrowser/browser/webengine/webenginequtescheme.py
@ -62,18 +62,33 @@ class QuteSchemeHandler(QWebEngineUrlSchemeHandler):
        """
        try:
            initiator = job.initiator()
+            request_url = job.requestUrl()
        except AttributeError:
            # Added in Qt 5.11
            return True

-        if initiator == QUrl('null') and not qtutils.version_check('5.12'):
+        # https://codereview.qt-project.org/#/c/234849/
+        is_opaque = initiator == QUrl('null')
+        target = request_url.scheme(), request_url.host()
+
+        if is_opaque and not qtutils.version_check('5.12'):
            # WORKAROUND for https://bugreports.qt.io/browse/QTBUG-70421
+            # When we don't register the qute:// scheme, all requests are
+            # flagged as opaque.
+            return True
+
+        if (target == ('qute', 'testdata') and
+                is_opaque and
+                qtutils.version_check('5.12')):
+            # Allow requests to qute://testdata, as this is needed in Qt 5.12
+            # for all tests to work properly. No qute://testdata handler is
+            # installed outside of tests.
            return True

        if initiator.isValid() and initiator.scheme() != 'qute':
            log.misc.warning("Blocking malicious request from {} to {}".format(
                initiator.toDisplayString(),
-                job.requestUrl().toDisplayString()))
+                request_url.toDisplayString()))
            job.fail(QWebEngineUrlRequestJob.RequestDenied)
            return False