From 4d289aed54778f1ebd0d950c2a46c98db1a814be Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 18 Nov 2019 16:20:12 +0100 Subject: Reject screen sharing requests automatically on Qt < 5.13.2 It looks like there are two APIs for screen sharing: =============================================================================== Old, unstandardized ------------------- navigator[.mediaDevices].getUserMedia( {video: {mandatory: {chromeMediaSource: 'screen'}}, ...) Permission enum added in Qt 5.10. Seems to be behind a feature switch (--enable-usermedia-screen-capturing) ever since it's been added to Chromium. Demo pages: https://html5-demos.appspot.com/static/getusermedia/screenshare.html https://www.webrtc-experiment.com/screen-sharing/ New --- navigator.mediaDevices.getDisplayMedia(...) Added in Chromium 72, i.e. Qt 5.13: https://www.chromestatus.com/feature/6744724455030784 Demo page: https://www.webrtc-experiment.com/Pluginfree-Screen-Sharing/ =============================================================================== While the old API was in theory supported since Qt 5.10, it's unlikely to ever have worked, as it was hidden behind the feature switch. However, I'm not aware of any crashes related to it, so let's just let Qt handle things in that case. With Qt 5.13, the new API is supported, however, using it causes a segfault on Qt 5.13.0 and 5.13.1: https://bugreports.qt.io/browse/QTBUG-78016 Fix for Qt 5.13.2: https://codereview.qt-project.org/c/qt/qtwebengine/+/276998 Given those circumstances, disable screen capturing automatically and log a warning on Qt 5.13.0 and 5.13.1. With Qt 5.13.2, screen capturing doesn't crash anymore and works fine on Windows, but does nothing on Linux. Looks like this is getting fixed in Qt 5.14: https://bugreports.qt.io/browse/QTBUG-80055 https://codereview.qt-project.org/c/qt/qtwebengine/+/281549 (cherry picked from commit a733fa9fd0af5438057fc791f6bd78b8a75a8ef5) --- doc/changelog.asciidoc | 18 +++++++++++++++++ qutebrowser/browser/webengine/webenginetab.py | 29 ++++++++++++++++++--------- 2 files changed, 38 insertions(+), 9 deletions(-) diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index e51ef6d01..f4825d0af 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -18,6 +18,24 @@ breaking changes (such as renamed commands) can happen in minor releases. v1.9.0 (unreleased) ------------------- +Changed +~~~~~~~ + +- The `qute-pass` userscript now has a new `--extra-url-suffixes` (`-s`) + argument which passes extra URL suffixes to the tldextract library. +- A stack is now used for `:tab-focus last` rather than just saving one tab. + Additionally, `:tab-focus` now understands `stack-prev` and `stack-next` + arguments to traverse that stack. +- `:hint` now has a new `right-click` target which allows right-clicking + elements via hints. +- The Terminus font has been removed from the default monospace fonts since it + caused trouble with HighDPI setups. To get it back, add either + `"xos4 Terminus"` or `Terminus` (depending on fontconfig version) to the + beginning of the `fonts.monospace` setting. +- As a workaround for a Qt bug causing a segfault, desktop sharing is now + automatically rejected on Qt versions before 5.13.2. Note that screen sharing + still won't work on Linux until Qt 5.14. + Fixed ~~~~~ diff --git a/qutebrowser/browser/webengine/webenginetab.py b/qutebrowser/browser/webengine/webenginetab.py index d79ad7a92..68ffa4196 100644 --- a/qutebrowser/browser/webengine/webenginetab.py +++ b/qutebrowser/browser/webengine/webenginetab.py @@ -820,25 +820,36 @@ class _WebEnginePermissions(QObject): def _on_feature_permission_requested(self, url, feature): """Ask the user for approval for geolocation/media/etc..""" page = self._widget.page() + grant_permission = functools.partial( + page.setFeaturePermission, url, feature, + QWebEnginePage.PermissionGrantedByUser) + deny_permission = functools.partial( + page.setFeaturePermission, url, feature, + QWebEnginePage.PermissionDeniedByUser) if feature not in self._options: log.webview.error("Unhandled feature permission {}".format( debug.qenum_key(QWebEnginePage, feature))) - page.setFeaturePermission(url, feature, - QWebEnginePage.PermissionDeniedByUser) + deny_permission() return - yes_action = functools.partial( - page.setFeaturePermission, url, feature, - QWebEnginePage.PermissionGrantedByUser) - no_action = functools.partial( - page.setFeaturePermission, url, feature, - QWebEnginePage.PermissionDeniedByUser) + if ( + hasattr(QWebEnginePage, 'DesktopVideoCapture') and + feature in [QWebEnginePage.DesktopVideoCapture, + QWebEnginePage.DesktopAudioVideoCapture] and + qtutils.version_check('5.13', compiled=False) and + not qtutils.version_check('5.13.2', compiled=False) + ): + # WORKAROUND for https://bugreports.qt.io/browse/QTBUG-78016 + log.webview.warning("Ignoring desktop sharing request due to " + "crashes in Qt < 5.13.2") + deny_permission() + return question = shared.feature_permission( url=url.adjusted(QUrl.RemovePath), option=self._options[feature], msg=self._messages[feature], - yes_action=yes_action, no_action=no_action, + yes_action=grant_permission, no_action=deny_permission, abort_on=[self._tab.abort_questions]) if question is not None: -- cgit v1.2.3-54-g00ecf