diff options
author | Florian Bruhin <me@the-compiler.org> | 2022-06-22 11:26:31 +0200 |
---|---|---|
committer | Florian Bruhin <me@the-compiler.org> | 2022-06-22 17:41:12 +0200 |
commit | 72db4fa05248765a39420fadc9a3a611d272d79c (patch) | |
tree | 995ef1bf684b5de301486e655dc9665689336d17 | |
parent | 601d9d780bb8f628c024645bd43af484fc11bfd3 (diff) | |
download | qutebrowser-72db4fa05248765a39420fadc9a3a611d272d79c.tar.gz qutebrowser-72db4fa05248765a39420fadc9a3a611d272d79c.zip |
qt6: Add macOS sandboxing warning
See #7278
-rw-r--r-- | qutebrowser/app.py | 10 | ||||
-rw-r--r-- | qutebrowser/browser/qutescheme.py | 3 | ||||
-rw-r--r-- | qutebrowser/html/warning-sandboxing.html | 16 |
3 files changed, 29 insertions, 0 deletions
diff --git a/qutebrowser/app.py b/qutebrowser/app.py index 778ff49c0..6b5c35914 100644 --- a/qutebrowser/app.py +++ b/qutebrowser/app.py @@ -46,6 +46,7 @@ import datetime import argparse from typing import Iterable, Optional +from qutebrowser.qt import machinery from qutebrowser.qt.widgets import QApplication, QWidget from qutebrowser.qt.gui import QDesktopServices, QPixmap, QIcon from qutebrowser.qt.core import pyqtSlot, QUrl, QObject, QEvent, pyqtSignal, Qt @@ -354,6 +355,15 @@ def _open_special_pages(args): ('session-warning-shown', True, 'qute://warning/sessions'), + + ('sandboxing-warning-shown', + ( + hasattr(sys, "frozen") and + utils.is_mac and + machinery.IS_QT6 and + os.environ.get("QTWEBENGINE_DISABLE_SANDBOX") == "1" + ), + 'qute://warning/sandboxing'), ] if 'quickstart-done' not in general_sect: diff --git a/qutebrowser/browser/qutescheme.py b/qutebrowser/browser/qutescheme.py index 402a096b2..322066c3f 100644 --- a/qutebrowser/browser/qutescheme.py +++ b/qutebrowser/browser/qutescheme.py @@ -583,6 +583,9 @@ def qute_warning(url: QUrl) -> _HandlerRet: title='Qt 5.15 sessions warning', datadir=standarddir.data(), sep=os.sep) + elif path == '/sandboxing': + src = jinja.render('warning-sandboxing.html', + title='Qt 6 macOS sandboxing warning') else: raise NotFoundError("Invalid warning page {}".format(path)) return 'text/html', src diff --git a/qutebrowser/html/warning-sandboxing.html b/qutebrowser/html/warning-sandboxing.html new file mode 100644 index 000000000..186d938e7 --- /dev/null +++ b/qutebrowser/html/warning-sandboxing.html @@ -0,0 +1,16 @@ +{% extends "styled.html" %} + +{% block content %} +<h1>{{ title }}</h1> +<span class="note">Note this warning will only appear once. Use <span class="mono">:open +qute://warning/sandboxing</span> to show it again at a later time.</span> + +<p> + Due to a <a href="https://github.com/pyinstaller/pyinstaller/pull/6903">PyInstaller issue</a>, + Chromium's <a href="https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox_faq.md">sandboxing</a> + is currently disabled for macOS builds with Qt 6. This means that there will be no additional layer of protection + in case of Chromium security bugs. Thus, it's advised to + <b>not use this build in production</b>. Hopefully, this situation will be + resolved before the final 3.0.0 release. +</p> +{% endblock %} |