| Age | Commit message (Collapse) | Author |
|---|
|
In ffc29ee043ae7336d9b9dcc029a05bf7a3f994e8 (part of v1.0.0), a
qute://settings/set URL was added to change settings.
Contrary to what I apparently believed at the time, it *is* possible for
websites to access `qute://*` URLs (i.e., neither QtWebKit nor QtWebEngine
prohibit such requests, other than the usual cross-origin rules).
In other words, this means a website can e.g. have an `<img>` tag which loads a
`qute://settings/set` URL, which then sets `editor.command` to a bash script.
The result of that is arbitrary code execution.
Fixes #4060
See #2332
(cherry picked from commit 43e58ac865ff862c2008c510fc5f7627e10b4660)
|
|
This also satisfies pylint.
(cherry picked from commit b67733b781b644616989965cc530ecc408569f8a)
|
|
(cherry picked from commit b61c99687d2c673c5911c245b9f6f82bf563f795)
|
|
(cherry picked from commit ddfbe255e78032c3ec03a2c675142548eae3e888)
|
|
|
|
(cherry picked from commit 66fc3a30dd710712fa5b6d9dc2f6fa92689be021)
|
|
(cherry picked from commit 0864ad406927a0810aaca307909f8665778e4713)
|
|
Apparently this is still needed on some PyQt versions.
(cherry picked from commit 9a5439e5d09c0840918ad37c72e25f9edaef8b2d)
|
|
Looks like FreeBSD doesn't have QtQuickWidgets packaged at all, so let's do the
same without requiring it...
This reverts commit e5405f0ae940a62d7be756acb1ae9549108742a3.
(cherry picked from commit c87757a9134b9940409ef78f838c8832c076a0a4)
|
|
|
|
Fixes #4011
(cherry picked from commit 5a7869f2feaa346853d2a85413d6527c87ef0d9f)
|
|
Some distributions (at least FreeBSD) don't package that module, so let's not
rely on it.
(cherry picked from commit 62d8b5b57497da86ddbfda359ef248e2fe706695)
|
|
Looks like this wasn't properly fixed in Qt for some reason.
Fixes #3693
See #2728 and bef372e5f5dd811eacd959de28f17355407cb7e2
(cherry picked from commit 3399f2df9698a3c7bb7b9da3cfa34467f01efcb7)
|
|
(cherry picked from commit e5405f0ae940a62d7be756acb1ae9549108742a3)
|
|
When we click a QTBUG link (to open in a new tab) from Qt's codereview, we get
two RWHV objects which both are visible.
Experimenting with .setEnabled(False) it looks like it's (hopefully always...)
the last one which is the one to use.
(cherry picked from commit 67c67db23074e28d85d46f5a4c02073bc51444c5)
|
|
Otherwise, when commenting out the focusProxy way above, and using "foo !npm"
with DuckDuckGo, we get two children (one visible, one invisible).
(cherry picked from commit b63e06561de5d442a8ce84e167b874a788bef63d)
|
|
|
|
(cherry picked from commit 7949335a2ba1efae5bf76c7db54776f3fad4815e)
|
|
This was broken in d32d541ac0e3c00e5c17a7a04710567c61e5aaac because now
apparently PyQt knows it's a QQuickWidget.
(cherry picked from commit ec88c1539099b6d4d2c67fa0896d2509b41976f8)
|
|
(cherry picked from commit d32d541ac0e3c00e5c17a7a04710567c61e5aaac)
|
|
(cherry picked from commit cc497bf2ea59e23604bad0d4d6b980feaa9126e5)
|
|
(cherry picked from commit 9725d9ce3349a86a9272ba36011da739bd12c52f)
|
|
(cherry picked from commit 1531961aebfb799f9c04d056de62d69cf55f2ec0)
|
|
Equivalent commit on master: 91b4106dcf4e4ba775200a4d9b2f80b8a780249f
This was broken in 900efe4a3654b1f4b63ff9afffa29ab6f95bddda
|
|
(cherry picked from commit 4614ad5063b0dc41faac18aa6073b53730f77c7c)
|
|
It looks like chrome-error://chromewebdata/ triggers another invalid scheme
load which is why the endless loop happens. When we install a custom scheme
handler for chrome-error:// we can at least show an error page.
(cherry picked from commit b1506274c52f2ea84562407a72c3678868c180b3)
|
|
Otherwise, this breaks the tests on Qt 5.10
(cherry picked from commit 596041c40e2107c3993a8fab4fff3c84cd1ec179)
|
|
This issue was probably introduced in 545539f28d86c162f0e7f803480ad7fe24b6870f
- with JavaScript, we can't "click" on an external link.
There might be a better solution using
QWebEngineSettings::setUnknownUrlSchemePolicy(QWebEngineSettings::AllowAllUnknownUrlSchemes)
temporarily when using hints with PyQt 5.11.
Fixes #2833
(cherry picked from commit 89f4333df15d21f223a61abbf6efa6c25e2fa899)
|
|
See #3661
(cherry picked from commit 0c0d204fd41230291739e09f8e03f6781c4fa67f)
|
|
Qt 5.11 just loads about:blank and doesn't let us catch this in
acceptNavigationRequest, but the same happens in Chromium as well.
See #3661
(cherry picked from commit 999513d5d8cc790b7b072f5c44f06042bd3b82e7)
|
|
This is to avoid triggering QTBUG-63378 which fails differently with a custom
scheme.
See #3661
(cherry picked from commit d059197bc96f82d25c06089d177975397ce38dfd)
|
|
Fixes #3661
(cherry picked from commit eb6478dd3e34586a899f92a173300df8f296cf88)
|
|
Looks like we can't use an <a> tag with download-attribute to trigger a failed
download in the test on Qt 5.11...
See #2298, #3661
(cherry picked from commit 8cc380411976f805a65d1ba6c8b72985a585c22a)
|
|
(cherry picked from commit 456fdc55ccff4597227de195d6e8e60ffa737a1e)
|
|
(cherry picked from commit 7e31897dcc5b1b5e49719d2d0d1dc6908be36205)
|
|
This fixes the scenario where we just get a grey view when opening a link in a
tab from DuckDuckGo.
(cherry picked from commit 5147fc832c7320d7f06a07b93e7cea2b2ed20491)
|
|
(cherry picked from commit ec6c5ebb699c5cf3cdc56f0f9f48c2e5af0e9a29)
|
|
Fixes #3920 - hopefully properly this time...
(cherry picked from commit cee88cd7ca0a630d79beeca0ed98b9d3b4aeb59e)
|
|
See #3661
(cherry picked from commit 6fc3546923b32490d38febe7586d4fcc57b0c317)
|
|
Otherwise, Warehouse (new PyPI) refuses the upload...
(cherry picked from commit 52c44d3da623573170e6f40070bef9e2f6e84427)
|
|
|
|
|
|
(cherry picked from commit 12e0edbcd0520c530ff18e2ddf054e570c34c35a)
|
|
(cherry picked from commit 17cfb0d39c9c726bdabb53ffa98095ac4405fbd4)
|
|
It reads nicer, and this is also speculative fix for #3896 as PyQt5 is
hopefully better at disconnecting partial-objects from dead objects than it is
with lambdas.
(cherry picked from commit 7162f15348219d3736a8d17785d9b6e2dff49f8f)
|
|
Turns out str.isdigit() also handles ² as a digit, but int('²') causes a
ValueError.
Here we use `string.digits` instead, which is '0123456789'.
Fixes #3743
(cherry picked from commit 29ad252278a3dab5f7d11181f93f65ef7b728d80)
|
|
Please let this be the last attempt... :D
Fixes #3939
Supersedes #3921
Reverts ae295a7f652ed851ac8b258aa10500d72e6a52b6
See #3661
This should not regress #3872. Might affect #3834 in some way.
(cherry picked from commit 71ad8bdb47a4cd6a8321eb189533741ef6f806a4)
|
|
(cherry picked from commit 6ccd69dad200682f7f4ace9d093a444c14825499)
|
|
Fixes #3920
(cherry picked from commit 44d26f77a5007177a4a7df4c811b0b2cf084dbc6)
|
|
(cherry picked from commit 20efaeff197f1cb0d8b5957e0cf61cb1759f321b)
|
