From 774f8d3d8099286ee1202fb8b809b399b4632fb3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=BCri=20Valdmann?= <juri.valdmann@qt.io>
Date: Wed, 12 Sep 2018 17:08:18 +0200
Subject: [PATCH] Add test for URL.createObjectURL on custom schemes

Works with registered custom schemes, does not work with unregistered ones. In
the latter case the function call is treated as a security violation and the
renderer process is killed.

Task-number: QTBUG-70420
Change-Id: I9c6fc0f02b44854bbceaffd1efbfe065dee61582
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
---
 .../origins/resources/createObjectURL.html     | 11 +++++++++++
 tests/auto/widgets/origins/tst_origins.cpp     | 18 ++++++++++++++++++
 tests/auto/widgets/origins/tst_origins.qrc     |  1 +
 3 files changed, 30 insertions(+)
 create mode 100644 tests/auto/widgets/origins/resources/createObjectURL.html

diff --git a/tests/auto/widgets/origins/resources/createObjectURL.html b/tests/auto/widgets/origins/resources/createObjectURL.html
new file mode 100644
index 000000000..133f636bb
--- /dev/null
+++ b/tests/auto/widgets/origins/resources/createObjectURL.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>createObjectURL</title>
+        <script>
+         const blob = new Blob(['foo']);
+         const result = URL.createObjectURL(blob);
+        </script>
+    </head>
+    <body></body>
+</html>
diff --git a/tests/auto/widgets/origins/tst_origins.cpp b/tests/auto/widgets/origins/tst_origins.cpp
index 38b23f64e..a24791f6f 100644
--- a/tests/auto/widgets/origins/tst_origins.cpp
+++ b/tests/auto/widgets/origins/tst_origins.cpp
@@ -184,6 +184,7 @@ private Q_SLOTS:
     void sharedWorker();
     void serviceWorker();
     void viewSource();
+    void createObjectURL();
 
 private:
     bool load(const QUrl &url)
@@ -682,5 +683,22 @@ void tst_Origins::viewSource()
     QCOMPARE(m_page->requestedUrl().toString(), QSL("pathsyntax-viewsourceallowed:/resources/viewSource.html"));
 }
 
+void tst_Origins::createObjectURL()
+{
+    // Legal for registered custom schemes.
+    QVERIFY(load(QSL("qrc:/resources/createObjectURL.html")));
+    QVERIFY(eval(QSL("result")).toString().startsWith(QSL("blob:qrc:")));
+
+    // Illegal for unregistered schemes (renderer gets terminated).
+    qRegisterMetaType<QWebEnginePage::RenderProcessTerminationStatus>("RenderProcessTerminationStatus");
+    QSignalSpy loadFinishedSpy(m_page, &QWebEnginePage::loadFinished);
+    QSignalSpy renderProcessTerminatedSpy(m_page, &QWebEnginePage::renderProcessTerminated);
+    m_page->load(QSL("tst:/resources/createObjectURL.html"));
+    QVERIFY(!renderProcessTerminatedSpy.empty() || renderProcessTerminatedSpy.wait(20000));
+    QVERIFY(renderProcessTerminatedSpy.front().value(0).value<QWebEnginePage::RenderProcessTerminationStatus>()
+            != QWebEnginePage::NormalTerminationStatus);
+    QVERIFY(loadFinishedSpy.empty());
+}
+
 QTEST_MAIN(tst_Origins)
 #include "tst_origins.moc"
diff --git a/tests/auto/widgets/origins/tst_origins.qrc b/tests/auto/widgets/origins/tst_origins.qrc
index 438fd10ee..0b1fe2d31 100644
--- a/tests/auto/widgets/origins/tst_origins.qrc
+++ b/tests/auto/widgets/origins/tst_origins.qrc
@@ -1,6 +1,7 @@
 <!DOCTYPE RCC>
 <RCC version="1.0">
 <qresource>
+    <file>resources/createObjectURL.html</file>
     <file>resources/dedicatedWorker.html</file>
     <file>resources/dedicatedWorker.js</file>
     <file>resources/mixedSchemes.html</file>
-- 
GitLab