Add patch to expose Webkits WebSecurityEnabled setting via QWebSettings (see https...
[opendreambox.git] / meta-opendreambox / recipes-qt / qt4 / qt4-embedded-4.8.1 / 0003-Qt-expose-WebKits-WebSecurityEnabled-setting.patch
1 From f0a3787a1a2ff355879ac246e6bd23783566f281 Mon Sep 17 00:00:00 2001
2 From: Stephan Reichholf <reichi@opendreambox.org>
3 Date: Thu, 19 Apr 2012 16:45:36 +0200
4 Subject: [PATCH] Expose Webkits WebSecurityEnabled settings via
5  QWebSettings (see
6  https://bugs.webkit.org/show_bug.cgi?id=45436 )
7
8 ---
9  .../webkit/Source/WebKit/qt/Api/qwebsettings.cpp   |   12 +++++++++++-
10  .../webkit/Source/WebKit/qt/Api/qwebsettings.h     |    3 ++-
11  2 files changed, 13 insertions(+), 2 deletions(-)
12
13 diff --git a/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.cpp b/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.cpp
14 index c1ef92e..c95a947 100644
15 --- a/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.cpp
16 +++ b/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.cpp
17 @@ -262,6 +262,10 @@ void QWebSettingsPrivate::apply()
18                                        global->attributes.value(QWebSettings::XSSAuditingEnabled));
19          settings->setXSSAuditorEnabled(value);
20  
21 +        value = attributes.value(QWebSettings::WebSecurityEnabled,
22 +                                      global->attributes.value(QWebSettings::WebSecurityEnabled));
23 +        settings->setWebSecurityEnabled(value);
24 +
25  #if ENABLE(TILED_BACKING_STORE)
26          value = attributes.value(QWebSettings::TiledBackingStoreEnabled,
27                                        global->attributes.value(QWebSettings::TiledBackingStoreEnabled));
28 @@ -468,7 +472,12 @@ QWebSettings* QWebSettings::globalSettings()
29          This is disabled by default.
30      \value SiteSpecificQuirksEnabled This setting enables WebKit's workaround for broken sites. It is
31          enabled by default.
32 -*/
33 +    \value WebSecurityEnabled Specifies whether browser should enforce same-origin policy for scripts downloaded
34 +        from remote servers. This setting is set to true by default. Note that setting this flag to false is 
35 +        strongly discouraged as it makes the browser more prone to malicious code. This setting is intended
36 +        primarily for site-specific browsers (i.e. when the user can't navigate to unsecure web page) and for testing
37 +        web applications before deployment.
38 + */
39  
40  /*!
41      \internal
42 @@ -517,6 +526,7 @@ QWebSettings::QWebSettings()
43      d->attributes.insert(QWebSettings::TiledBackingStoreEnabled, false);
44      d->attributes.insert(QWebSettings::FrameFlatteningEnabled, false);
45      d->attributes.insert(QWebSettings::SiteSpecificQuirksEnabled, true);
46 +    d->attributes.insert(QWebSettings::WebSecurityEnabled, true);
47      d->offlineStorageDefaultQuota = 5 * 1024 * 1024;
48      d->defaultTextEncoding = QLatin1String("iso-8859-1");
49  }
50 diff --git a/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.h b/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.h
51 index 008035b..233fa4f 100644
52 --- a/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.h
53 +++ b/src/3rdparty/webkit/Source/WebKit/qt/Api/qwebsettings.h
54 @@ -77,7 +77,8 @@ public:
55          SiteSpecificQuirksEnabled,
56          JavascriptCanCloseWindows,
57          WebGLEnabled,
58 -        HyperlinkAuditingEnabled
59 +        HyperlinkAuditingEnabled,
60 +        WebSecurityEnabled
61      };
62      enum WebGraphic {
63          MissingImageGraphic,
64 -- 
65 1.7.5.4
66