Pull in the one security patch from 74.0.3729.157

Submodule src/3rdparty 599fa1c6..00390e99:
  > Try different versions when creating a CoreProfile context on macOS
  > Fix crashes due to pa_context_get_server_info

Task-number: QTBUG-75496
Change-Id: I9dd05cf17fdf56912168dbaedc238fdd7a5412d8
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
 
 
 

Reflect the last Chrome security release included

Change-Id: I5eb1fca0301a857c0a40bab9933e8cdcd8a9a649
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
 
 

Fix issues with messed up linker path:

 * do not use LIBS_PRIVATE on linux at least for passing object
   and archive responses files.
 * do not use QT and QT_PRIVATE with same libs, it simply
   includes libs in LIB and LIB_PRIVATE so doubles linker libs.
 * remove bogus dependency for gui and core for webengineheaders pseudo module.
 * remove unused egl config flag

Fixes: QTBUG-75832
Task-number: QTBUG-75357
Change-Id: I1720394e636e3f89d546f372b10932dd4ad395fe
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
 
 
 

For yocto builds linker can get quite long path
since all archives are listed as absolute paths.
This can end up as "execvp: /bin/sh: Argument list too long"

Use rsp files also for archives.

Change-Id: I096e2f35ed72b68261bf465e84baddd1f78cd917
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
 
 
 

Documents settings needed to activate the feature that was added in
5.13.0

Fixes: QTBUG-75892
Change-Id: Ia4dbbc2e3c4f5a173d482dcae8ec5a1c31a8d6be
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
 
 

Change-Id: I4ab1204c970647ce0ba2c6068df5baa4f6c6bd0e
Reviewed-by: Kai Koehne <kai.koehne@qt.io>

Security patches from Chrome 74.0.x.134
Changes:
df6853cfcee [Backport] Fix for security issue 952406
599fa1c61c3 [Backport] Fix for security issue 948564

Change-Id: Ie37463f5a29fff84f66008ad0cbc2f54ebc8562c
Fixes: QTBUG-75496
Reviewed-by: Michal Klocek <michal.klocek@qt.io>

Chromium was trying to use some specific sample profiles, just ignore
that.

Task-number: QTBUG-75265
Change-Id: Ifd0517d521634ec01f66d18606f8696bf703b42a
Reviewed-by: Michal Klocek <michal.klocek@qt.io>

Pulls in the last of the Chrome 74 security patchs

Changes:
4b0289025e6 [Backport] Fix for security issue 939316
f67074175c7 [Backport] Fix for security issue 949015
444e94c37eb [Backport] Fix for security issue 940205
37e9433c4cb [Backport] Fix for security issue 937663
71a5f9b0316 [Backport] Fix for security issue 927471
98ae1469020 [Backport] Fix for security issue 927849
92f8fd75754 [Backport] Fix for security issue 894933
861d3c46520 Fix building with linux-clang mkspec
91227693b16 [Backport] Fix for CVE-2019-5813
82d848eb4fe Fix undefined type 'blink::Document' build error for msvc with -no-pch

Fixes: QTBUG-75496
Change-Id: I50efb46a721dece8ca425ce7830ed0fabe43d64e
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Pulls in remaining CVE fixes from Chrome 74:
31fa60dbbc6 Silence assert on MessageWindow::WindowClass destruction
a031f169cf4 [Backport] Fix for CVE-2019-5814
73a7d8fa07d [Backport] Fix for CVE-2019-5815
07ec47532df [Backport] Fix for CVE-2019-5817
26f98d0fed4 [Backport] Fix for CVE-2019-5818
d48ccfa1964 [Backport] Fix for CVE-2019-5819
3bc6aa81983 [Backport] Fix for CVE-2019-5821
2e013fc1e64 [Backport] Fix for CVE-2019-5820
9d1ab5b5187 [Backport] Fix for CVE-2019-5822
e8ef8db04d0 [Backport] Fix for CVE-2019-5823
71733b81b75 [Backport] Fix for security issue 931949 (1/2)
0ac2b1fddcd [Backport] Fix for security issue 931949 (2/2)

Change-Id: I97d3d6666f33591187acea6f13028d3987309e61
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Split Qt and Chromium based headers and do a simple reformatting.

Change-Id: I5bce34051bd05696d38c26ba09abd8a472f94219
Reviewed-by: Kai Koehne <kai.koehne@qt.io>

Change-Id: I1c235d49a9520088142fbc89d21fc589d4037a4f
Reviewed-by: Kai Koehne <kai.koehne@qt.io>

Read it and pass it to an HttpAuthPreference.

Change-Id: I37c23f4d777ff11b2c0480fa9c28ea6fbe029737
Fixes: QTBUG-75539
Reviewed-by: Kai Koehne <kai.koehne@qt.io>

This commit is about documenting some weird new behavior.

Since Chormium 72 our webChannelWithBadString fails. This is
fascinating issue and can be tracked down to commit in Chromium
https://chromium-review.googlesource.com/c/1282993


which "fixes" well-forming of JSON.strigify. This function
is used by webchannel.js to send data through webchannel
transport. In c++ land we get now for invalid utf16 replacement
in form of '\\u' + i.toString(16).padStart(4, '0').
This sadly does not trigger any longer REPLACE_INVALID_UTF8 in
WebChannelTransport::NativeQtSendMessage. Moreover
this goes even "worse" since QMetaObjectPublisher
will create invalid utf16 form raw "\ud800" string -> '\ud800'.

This is not an error per se, since test creates invalid utf16
character in javascript  and it ends as invalid utf8 character in c++.

Btw enable test on qemu.

Change-Id: I36f2df417d7b9f3f2113792f08025821737d8d01
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>

Change-Id: I414064984d51bf5a000c1cfd8cca7ccd6bf4b09b
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>

Change-Id: I00ec352cdea43d44388889805f1bd609a3555c4c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

Change-Id: I0daf14c4ec31dfb867d9d7f531b9fdc6f7244e1b
Reviewed-by: Michal Klocek <michal.klocek@qt.io>

Pulls in the high tagged security fixes from Chrome 74:
b964e56642e FIXUP: Fix building without WebSpeech
8db9f13a139 [Backport] Fix for CVE-2019-5805
4ae993a14f1 [Backport] Fix for CVE-2019-5806
3d0182b2838 [Backport] Fix for CVE-2019-5807
c5b21c7cec4 [Backport] Fix for CVE-2019-5808
3350682ece0 [Backport] Fix for security issue 924959
ea74722a5c8 [Backport] Fix for CVE-2019-5811

Change-Id: If1972935c476330a9ef2dde60f82636f34170d20
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Change-Id: I1f3e8fc378cfceda92ff17fcc7669c0f5d97c3f7
Reviewed-by: Michal Klocek <michal.klocek@qt.io>

Change-Id: I051052a70a6e764202a90d77fc1a0f73688d3704

Fixes: QTBUG-75465
Change-Id: Iaf8c75d60d00dac3079fcb3f7108e1c3e5ea5245
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Change-Id: I05ef67b81d9b871d38fcc51639b742b2a7b8a387
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

This pulls in the following changes:

* 6b01b4a2 Merge branch 'upstream-master' into 73-based
* 3ffaed01 BASELINE: Update GN
* d4003559 Fix clang_cl builds
* 64260a66 FIXUP: Extend url library for WebEngine custom schemes

Change-Id: I5297383877825d052f7cab5526b2554d33e9a7be
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

Also, unconditionally override DIR_QT_LIBRARY_DATA to make the path
available to extensions even if we are using static or shared icu
data instead of a data file.

[ChangeLog][Behavioral Changes] Qt WebEngine will assume that the
resources and the icu data files are in the same directory when
deploying the application.

Fixes: QTBUG-74586
Change-Id: I563b74a19fbd1334358f9cfe7c1824706cdca03a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

Task-number: QTBUG-75103
Change-Id: I8290ba268f30b26eafccabc889ad860e95c1bca2
Reviewed-by: Michal Klocek <michal.klocek@qt.io>

Change-Id: I894946ce7c9dcf4f787c5c928e3737cd80a7dc52
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>

Do not create multiple profiles immediately on start. Allows to start
and run browser with default profile with 'single-process' flag.

Change-Id: Idea7da8167152f718a3c2d4086ad4216d8e1b722
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>

There were CORS problems when accessing the chrome resources from
the pdf viewer extensions when coming from a blank page. It should
be fine to access the chrome resources from the builtin extension.

Fixes: QTBUG-75127
Change-Id: I28f981b4ff1d2db86a62507eb25cae45258e3bda
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>

Somehow on some platforms we end up with the import version of the wrong
module.

Change-Id: I6427f3f5375f2059d371c9a0fc035f1ec4195a49
Fixes: QTBUG-74566
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>

Task-number: QTBUG-75212
Change-Id: I1d1a99d9a5b6684d23e51cf55d384e7dfee6ef2a
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>

QPageLayout::pageSize() is always defined in portrait orientation.
Removing margins without considering the actual orientation was incorrent.
Use QPageLayout::paintRect() instead.

Task-number: QTBUG-75092
Change-Id: I34c19d3f0587ae21da2d985e3107b6ec673f53d0
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Also fix QWebEnginePage::setView not deleting old page

Also fix wrong page being deleted if it's parented to the view.

Fixes: QTBUG-75131
Fixes: QTBUG-75175
Change-Id: Ie4dfb15b3182de7aa3a94cddcac54ea40a86121b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

This enables also the test on qemu.

Change-Id: I70c40b3cedeadfb21e396d8a550a54fe0a319438
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Do not override '--no-sandbox' on boot2qt. Starting resolver service
on qemu is bonkers and ends up in unsupported calls during threading
checks. Adding '--no-zygote' solves the issue, however introduces
race condition and deadlocks on resolver service start, which would
make test flaky. The deadlock issue is not reproducible without qemu.
Therefore to workaround the issue run test in single process mode.

Task-number: QTBUG-63346
Change-Id: I33a1079776edecddf3d7653db6c2ecc3a868b1a1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

In single process mode there is only one profile,
and this profile is used for browser context.
Fix the case where there is no 'default' profile
created but only one user profile. In this case
make the user profile 'default' so it is deleted
in right moment in single process mode.

Change-Id: I8ba3c2da2d93d53fa569c7971410a4a74753377e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

We need to set explicit SOURCES to get proper indexing going. See
QTCREATORBUG-22315

Change-Id: Idf4c1e80b4428e91d6fe54a943a86499ed5c9f3a
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>

Change-Id: Ia13b1c71798aa877685dd0ac6c9697a2835a3d5c

Pull in 3rdparty patch and add test.

Fixes: QTBUG-74864
Change-Id: I5440f58ff55297c2a51f896d43f479404ff6ca2f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

Split the moc generated sources to a separate source_set, and make it
jumbo.

Change-Id: Icdbe9e7fb57cc07d89b766ef9e8efc78ff67bc8b
Reviewed-by: Michal Klocek <michal.klocek@qt.io>