rnhmjoj/qutebrowser
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow unique initiator requests to qute://testdata

Browse Source 
In tests/unit/browser/test_caret.py in the test
TestFollowSelected::test_follow_selected_with_link we follow a link from
qute://testdata/data/caret.html to qute://testdata/data/hello.txt.

For some reason, Qt 5.12 treats that as an unique/opaque origin with Qt 5.12,
causing the request to be blocked and the test to fail.

To avoid this, we now allow all opaque requests to qute://testdata URLs. This
isn't a problem because a qute://testdata handler is only registered inside
tests anyways.

See #4478
This commit is contained in:
Florian Bruhin 2019-02-17 16:32:09 +01:00
parent 152abb0d64
commit 4c54ebf70f
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
qutebrowser/browser/webengine/webenginequtescheme.py
View File

@ -62,18 +62,33 @@ class QuteSchemeHandler(QWebEngineUrlSchemeHandler):
""" """
try: try:
initiator = job.initiator() initiator = job.initiator()
request_url = job.requestUrl()
except AttributeError: except AttributeError:
# Added in Qt 5.11 # Added in Qt 5.11
return True return True
if initiator == QUrl('null') and not qtutils.version_check('5.12'): # https://codereview.qt-project.org/#/c/234849/
is_opaque = initiator == QUrl('null')
target = request_url.scheme(), request_url.host()
if is_opaque and not qtutils.version_check('5.12'):
# WORKAROUND for https://bugreports.qt.io/browse/QTBUG-70421 # WORKAROUND for https://bugreports.qt.io/browse/QTBUG-70421
# When we don't register the qute:// scheme, all requests are
# flagged as opaque.
return True
if (target == ('qute', 'testdata') and
is_opaque and
qtutils.version_check('5.12')):
# Allow requests to qute://testdata, as this is needed in Qt 5.12
# for all tests to work properly. No qute://testdata handler is
# installed outside of tests.
return True return True
if initiator.isValid() and initiator.scheme() != 'qute': if initiator.isValid() and initiator.scheme() != 'qute':
log.misc.warning("Blocking malicious request from {} to {}".format( log.misc.warning("Blocking malicious request from {} to {}".format(
initiator.toDisplayString(), initiator.toDisplayString(),
job.requestUrl().toDisplayString())) request_url.toDisplayString()))
job.fail(QWebEngineUrlRequestJob.RequestDenied) job.fail(QWebEngineUrlRequestJob.RequestDenied)
return False return False