delta/qt5/qtwebkit.git - code.qt.io: qt/qtwebkit.git

diff options

author	Jan Kundrát <jkt@kde.org>	2014-10-21 00:07:07 +0200
committer	Allan Sandfeld Jensen <allan.jensen@digia.com>	2014-10-23 10:11:29 +0200
commit	2292b2a96ae2e3afb0d51e7148bccdf4e41596d9 (patch)
tree	13da94b09f9e8deae4a2c7282953943e46f4398a /Source/JavaScriptCore/assembler
parent	5e06e13aa1300afe9a744a39bf9d05cdb871a271 (diff)
download	qtwebkit-2292b2a96ae2e3afb0d51e7148bccdf4e41596d9.tar.gz

Do not enumerate plugins when plugins are disabled

Even if plugins were disabled through QWebSettings::PluginsEnabled, WebKit would still enumerate the on-disk NPAPI plugins and attempt to load them. This caused all sorts of havoc especially when loading plugins linked to Qt4. Even if that wasn't the case, plugins should *not* be loaded unless there's a compelling reason to do so. Loading plugins needlessly takes time and it might even have security implications -- it sounds like a good practice to not execute random code, even though it comes from trusted locations, when that code is not needed. After this change, the code still passes the tst_qwebpage tests which are related to plugin loading. As it turns out, the "QtWebKit application plugins" (application/x-qt-plugin and application/x-qt-styled-widget) do not use this code path at all, they instead go through a path like this one: #0 PluginPage::createPlugin ... #1 QWebPagePrivate::createPlugin ... #2 WebCore::FrameLoaderClientQt::createPlugin ... #3 WebCore::SubframeLoader::loadPlugin ... #4 WebCore::SubframeLoader::requestPlugin ... #5 WebCore::SubframeLoader::requestObject ... #6 WebCore::HTMLObjectElement::updateWidget ... #7 WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary ... #8 WebCore::HTMLPlugInImageElement::updateWidgetCallback ... #9 WebCore::ContainerNode::dispatchPostAttachCallbacks ... #10 WebCore::ContainerNode::resumePostAttachCallbacks ... #11 WebCore::PostAttachCallbackDisabler::~PostAttachCallbackDisabler ... #12 WebCore::Document::recalcStyle ... #13 WebCore::Document::updateStyleIfNeeded ... #14 WebCore::Document::finishedParsing ... #15 WebCore::HTMLConstructionSite::finishedParsing ... #16 WebCore::HTMLTreeBuilder::finished ... #17 WebCore::HTMLDocumentParser::end ... #18 WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd ... #19 WebCore::HTMLDocumentParser::prepareToStopParsing ... #20 WebCore::HTMLDocumentParser::attemptToEnd ... #21 WebCore::HTMLDocumentParser::finish ... #22 WebCore::DocumentWriter::end ... #23 WebCore::DocumentLoader::finishedLoading ... Task-number: QTBUG-36349 Change-Id: Id8f37fb16bb295781c22f439fd54a65486deef8e Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>

Diffstat (limited to 'Source/JavaScriptCore/assembler')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: