-
oxide-qt (1.6.3-0ubuntu0.14.10.1~ppa1) utopic; urgency=medium
* Update to v1.6.3
- Fix LP: #1442398 - Invalid read in CompositorOutputSurfaceGL
- Fix LP: #1442458 - Minimum page scale shouldn't be 1 on mobile
form-factors
-- Chris Coulson <email address hidden> Fri, 10 Apr 2015 14:30:00 +0100
-
oxide-qt (1.6.2-0ubuntu0.14.10.1~ppa1) utopic; urgency=medium
* Update to v1.6.2
- Bump Chromium rev to 42.0.2311.82
- Fix LP: #1400372 - Keyboard re-appears in webbrowser after dismissing
- Fix LP: #1429135 - webbrowser-app crashed with SIGSEGV in
XQueryExtension() on Unity 8 desktop
-- Chris Coulson <email address hidden> Thu, 09 Apr 2015 16:34:39 +0100
-
oxide-qt (1.5.5-0ubuntu0.14.10.2) utopic-security; urgency=medium
* Update to v1.5.5 - see USN-2521-1
- Bump Chromium rev to 41.0.2272.76
- Fix LP: #1427828 - Crash in WebFrame.sendMessageNoReply
- Fix LP: #1411159 - Add work-around for shutdown crash in
content::GpuChannelHost::Send, by deliberately leaking the
cc::ContextProvider referenced by any task posted to the UI thread if
the task never got a chance to run and is destroyed when the main loop
is torn down. Note that 1.6 has the longer term fix for this crash.
- Fix LP: #1421339 - Two scrollbars shown on the phone at a page scale of 1.
+ This is fixed by disabling the outer viewport scrollbars when
pinch-viewport is on (copying Chrome on Android).
+ Also style the pinch viewport overlay scrollbars like Chrome on Android,
as opposed to using the default desktop style that are designed to be
dragged with a pointer
- Fix LP: #1423531 - LoadEvent.isError is false for the error page if the
navigation is triggered from a session restore or reload
- Fix LP: #1402975 - set a minimum viewport width of 980px on mobile
for sites that don't specify a viewport width. Fixes layout of some
desktop sites, and matches the behaviour of Chrome on Android
- Fix LP: #1412981 - Geolocation permission requests from subframes are
not cancelled if the frame is deleted or navigated to another site
- Fix LP: #1379776 - Spoof Android for the purposes of GPU feature
blacklisting on the phone. This means accelerated 2d canvas is now
enabled on all devices that Chrome enables it on (including the Nexus 4),
and other GPU features (eg, GPU rasterization) are enabled on devices
where Chrome supports it
- Fix LP: #1370366 - Add LocationBarController API, which allows the
renderer compositor to calculate the position of the browser top header.
This enables the header to be animated in sync with the content on
scrolling
- Fix LP: #1408136 - Committed LoadEvents fire for subframe loads when
they shouldn't
- Fix LP: #1377198 - CertificateError is not cancelled if you stop the
pending navigation
- Fix LP: #1373383 - The video player on Youtube does not resize correctly
when transitioning from landscape to portrait. Ensure we correctly
update the screen geometry and orientation visible to web content when
the device orientation changes, and turn on orientation events
- Really fix LP: #1337506 - Abort with
"FATAL:texture_manager.cc(76)] Check failed: texture_count_ == 0u (1 vs. 0)"
on shutdown
- Fix LP: #1398044 - Fails to build with Qt 5.4
- Fix LP: #1249387 - Add experimental support for playing audio through
mediahub with the HTML media elements (Off by default. Video and
MediaSource are not yet implemented. Not built yet because it depends
on packages in universe)
- Fix LP: #1417042 - Remove inactive touch points from the current touch
state when we process a new touch event
- Fix LP: #1417963 - Adapt to behaviour change in handling of QVariants
from QML to C++ in Qt 5.4
- Update the form factor detection code to not rely on the EGL vendor for
detecting that we're on a device - use the Android system properties
instead
- Tidy up WebContents ownership during unload by adding a new singleton
responsible for handling unloading (WebContentsUnloader)
- Refactor WebFrame to be based around RenderFrameHost rather than
FrameTreeNode, which we aren't meant to be using
- Call QDesktopServices::openUrl on the UI thread. Failures are no longer
propagated back to the resource dispatcher, so all attempts to open a
URL externally will result in the load being cancelled whether there
is an external handler or not
* Update debian/control to add extra build dependencies:
- libandroid-properties-dev on armhf, used for gathering data for GPU
feature blacklisting when running on the phone
* Update debian/liboxideqtcore0.install to install V8 snapshot data
* Switch to the default compiler (gcc 4.9) now that Oxide has been building
fine in vivid with it
-- Chris Coulson <email address hidden> Thu, 05 Mar 2015 10:11:06 +0000
-
oxide-qt (1.4.2-0ubuntu0.14.10.1) utopic-security; urgency=medium
* Update to v1.4.2 (see USN-2476-1)
- Bump Chromium rev to 40.0.2214.91
- Fix LP: #1297973 - Don't allow the BrowserContext to be deleted until
the render thread is quit in single process mode
- Fix LP: #1321969 - Add proper API for handling page closing:
+ Add WebView.prepareToClose() which runs the current page's
beforeunload handler
+ Add WebView.prepareToCloseResponse signal, which tells the embedder
whether a close should proceed
+ Add WebView.closeRequested signal, driven from window.close()
+ Ensure the current page's unload handler runs when a WebView is deleted
- Fix LP: #1353143 - Add an API for saving and restoring the state of a
WebView, used for session restore in the browser
- Fix LP: #1374494 - Warnings when processing GPU blacklist
- Fix LP: #1283291 - Cannot use multiple BrowserContexts in single-process
mode. Make WebView.context read-only in single-process mode (all
WebViews will use a default WebContext)
- Fix LP: #1326115 - Disable WebView.incognito in single-process mode. It
relies on using multiple BrowserContexts, which is not possible in
single process
- Fix LP: #1249147 - Use TCMalloc in the renderer process
- Fix LP: #1389777 - More natural scrolling - tweak the gesture fling curve
- Fix LP: #1398941 - Tidy up the LoadEvent sequence for failed loads
- Fix LP: #1381558 - Fix crash in
oxide::CompositorThreadProxy::SendSwapSoftwareFrameOnOwnerThread
- Fix LP: #1402382 - Fix a potential memory leak because of a refcount race
- Fix LP: #1398087 - Fix application crash when accessing
navigator.webkitPersistentStorage.requestQuota
- Really fix LP: #1391230 - Release the screen dim lock when the
application becomes inactive
- Turn pinch virtual viewport on for mobile form factors
- Limit the maximum decoded image size on mobile
- Remove the screen-dim lock when the application goes in to the background
(and restore it when it comes back in to the foreground)
- Don't create OTR BrowserContexts unnecessarily
- Add an experimental API for changing the process model
(Oxide.processModel)
- Don't leak WebPreferences if the WebView is deleted without ever
accessing WebView.preferences
- Add support for component builds
* Refresh gross-hack-for-dual-ffmpeg-build.patch
-- Chris Coulson <email address hidden> Thu, 20 Nov 2014 11:01:29 +0000
-
oxide-qt (1.3.5-0ubuntu0.14.10.1~rtm) utopic; urgency=medium
* Update to v1.3.5
- Bump Chromium rev to 39.0.2171.65
- Really fix LP: #1391230 - Release the screen dim lock when the
application becomes inactive
-- Chris Coulson <email address hidden> Thu, 20 Nov 2014 11:01:29 +0000
-
oxide-qt (1.3.4-0ubuntu0.14.10.1) utopic-security; urgency=medium
* Update to v1.3.4
- see USN-2410-1
- Bump Chromium rev to 39.0.2171.62
- Fix LP: #1260016 - Add support for application provided protocol
handlers
- Fix LP: #1301681 - Scroll the focused editable node in to view after
a resize
- Fix LP: #1337506 - Runtime abort with
FATAL:texture_manager.cc(76)] Check failed: texture_count_ == 0u (1 vs. 0).
Ensure that we keep the browser compositor GL context and associated
resources alive as long as the Qt scenegraph holds the frontbuffer
- Fix LP: #1377755 - Keyboard disappears when switching between text fields
- Fix LP: #1290821 - WebView.loading is not false when receiving a LoadEvent
with type == TypeStopped, so properties bound to this never receive an
update. As "loading" and the main-frame document load events are delivered
separately from blink, split this in to 2 signals
- Fix LP: #1354382 - White line at bottom of viewport - fix rounding errors
when calculating the view size in DIP which results in the view
underflowing by a pixel in one axis and overflowing by a pixel in the
other axis
- Fix LP: #1221996 - Allow user scripts to be injected in to the main world
- Expose redirect events to WebContextDelegateWorker
- Fix LP: #1384460 - Delegate unhandled URL schemes to the system
- Fix LP: #1386468 - Stop leaking V8 contexts
- Fix LP: #1375900 - GMail crashes when composing a message
- Fix LP: #1391230 - Release the screen dim lock when the application
becomes inactive
[ Chris Coulson <email address hidden> ]
* Add liboxideqtquick0 package
* Refresh debian/patches/gross-hack-for-dual-ffmpeg-build.patch
* Add libcups2-dev and libexif-dev build-deps, as the chromedriver build
seems to pull them in. This is a temporary measure until we can figure
out why
[ Alexandre Abreu <email address hidden> ]
* Add chromedriver to the packaging branch
-- Chris Coulson <email address hidden> Mon, 17 Nov 2014 11:16:34 +0000
-
oxide-qt (1.2.4-0ubuntu1) utopic; urgency=medium
* Update to v1.2.4
- Fix LP: #1352631 - Turn on accelerated canvas on krillin
oxide-qt (1.2.2-0ubuntu1) utopic; urgency=medium
* Update to v1.2.2
- Bump Chromium rev to 38.0.2125.77
- Fix LP: #1324292 - Disable the touch editing mechanism to avoid
breaking the webbrowser-app user script
- Fix LP: #1362543 - Web application fails to load properly every other
time. Ensure that when a new cache is created, the initial cache stats
are stored to permanent storage immediately to avoid the cache being
left in an inconsistent state if the process exits uncleanly before
the stats are updated
- Fix LP: #1371166 - Geolocation fails when the location source returns
invalid values for some attributes
- Fix LP: #1372414 - SSL certificates report incorrect dates because
Chromium's base::Time measures milliseconds since the Windows epoch
oxide-qt (1.2.1-0ubuntu1) utopic; urgency=medium
* Update to v1.2.1
- Bump Chromium rev to 38.0.2125.58
- Fix LP: #1260048 - Don't initialize NSS with a user DB for now
- Fix LP: #1368117 - WebView.blockedContent doesn't get updated after
a reload, because whilst the browser-side state is cleared when a
navigation is committed, the renderer-side state is not cleared on a
reload
- Fix a null pointer deref for non-overridable SSL errors
- Fix LP: #1368385 - Make all subframe and subresource SSL errors non-
overridable, as overriding them doesn't always result in the security
status API indicating a degraded security level
- Fix LP: #1367446 - Ensure WebView.securityStatus.certificate is cleared
when navigating away from a HTTPS url
-- Chris Coulson <email address hidden> Fri, 26 Sep 2014 11:13:36 +0100
-
oxide-qt (1.2.0-0ubuntu1) utopic; urgency=medium
* Update to v1.2.0
- Bump Chromium rev to 38.0.2125.24
- Add WebContext.devtoolsBindIp property
- Refactor the various BrowserContext classes to avoid having to modify
2 implementations of BrowserContext each time we add functionality that's
shared between the normal and OTR contexts
- Assert that BrowserContext is only accessed on the main thread
- Fix LP: #1224707 - Use a localized Accept-Language header
- Fix various threading issues in the interaction of WebContext and
WebContextDelegateWorker
- Don't leak the default WebPreferences object when setting a custom one
- Make certificate revocation checking work properly, which is also
required for EV to work. Also fixes some console spew (LP: #1240723)
- Fix LP: #1361868 - Don't leak GeolocationPermissionRequest if there are
no handlers on WebView.geolocationPermissionRequested
- Fix LP: #1214034:
+ Add API's to query the security status of the webview
(WebView.securityStatus property + SecurityStatus and SslCertificate
classes)
+ Add WebView.certificateError signal and CertificateError class to
give the application a chance to allow certain SSL errors (some errors
are non-overridable and this is enforced by Oxide - in which case, the
signal only acts as a notification)
+ Add WebView.blockedContent property, which is a bitmask of content
types that have currently been blocked - currently this only indicates
MixedDisplay and MixedScript, but will be extended later on for other
content types (eg, cookies, popups etc)
+ Add WebView.setCanTemporarily{Display,Run}InsecureContent functions,
which allows the mixed content blocker preferences to be overridden
temporarily (will reset on navigation to a new page)
- Fix LP: #1355703 - Linkedin profiles don't render correctly because
it triggers the mixed content blocker. Change the default for
WebPreferences.canDisplayInsecureContent to true to allow secure sites
to display insecure content. We can do this now we have a security
status API, as displaying insecure content results in
SecurityStatus.securityLevel indicating a degraded level. This is the
same default as Chrome. Note, insecure scripts are still blocked by
default
- Various fixes to the CookieManager API:
- Ensure that requests don't always get the same request ID
- Don't depend on undefined behaviour (signed integer overflow)
- Chromium can run callbacks for cookie requests synchronously - take
this in to account to avoid potentially hidden reentrancy issues
- Ensure that the responses at the API level always happen asynchronously
- Make it possible to set a session cookie instead of setting the expiry
to the Unix epoch when an expiration date isn't specifed (which then
gets rejected by Chromium for being already expired)
- Ensure that session cookies returned from the API don't have an expiry
date set to the Unix epoch (LP: #1362558)
- Rename CookieManager.gotCookies to CookieManager.getCookiesResponse and
CookieManager.cookiesSet to CookieManager.setCookiesResponse
- CookieManager.getCookiesResponse no longer returns a status code.
The only time getCookies can fail is before WebContext is fully
initialized, which we can indicate synchronously by returning an
invalid request ID
- CookieManager.getCookies() has been added so that it's possible to
request the cookies for a specific URL
- The cookie expirationdate attribute now accepts QML's built-in Date
type
- URL parameters in the API are now QUrl rather than QString
- When the response to setCookies indicates an error it's impossible
to know which cookies failed to set. Get rid of the status parameter
from CookieManager.setCookiesResponse and replace it with a list
of failed cookies instead
* Refresh debian/patches/gross-hack-for-dual-ffmpeg-build.patch
* Add /usr/share/locale to liboxideqtcore0.install
-- Chris Coulson <email address hidden> Wed, 03 Sep 2014 15:31:16 +0100
-
oxide-qt (1.2.0~bzr683-0ubuntu1) utopic; urgency=medium
* Update to snapshot r683 from trunk
- Bump Chromium rev to 38.0.2114.2
- Don't modify Chromium's EGL implementation to select the GLES API when
creating contexts and calling eglMakeCurrent. These calls all happen
on a dedicated GPU thread with no application code running on it, and
the selected API is thread-local. We do still need to temporarily select
GLES at startup where we make the first few calls on the UI thread,
but we restore the originally selected API once done (only affects
Unity 8 desktop)
- Fix LP: #1286204 - Make double-tap-to-zoom work
- Adjust ui::ScaleGestureDetector::Config::min_pinch_update_span_delta to
remove the coarseness when pinching
- Fix LP: #1285750 - Add support for building a chromedriver binary
- Add OXIDE_DISABLE_SETUID_SANDBOX and OXIDE_DISABLE_SECCOMP_FILTER_SANDBOX
environment variables
- Assert we have a QGuiApplication on startup
- Fix LP: #1347924 - QProcess::waitForFinished() hangs - stop using
ContentMainRunner for starting the browser code - it does things with
process global state that are unexpected in a public library (eg,
setting the SIGCHLD handler to the default which breaks QProcess because
it relies on its own custom handler). We do still set the SIGPIPE action
to SIG_IGN, but only if it is SIG_DFL when we start. We also abort if the
SIGCHLD action is SIG_IGN when we initialize
- Fix LP: #1352952 - Ensure files returned by the file picker exist
- Fix LP: #1349510 - Browser crashes when attaching a photo in GMail -
when checking for an override for navigator.userAgent, limit the length
of the URL sent across IPC by trimming off the fragment, username and
password
- Add WebContext.cookieManager API
* Refresh debian/patches/gross-hack-for-dual-ffmpeg-build.patch
-- Chris Coulson <email address hidden> Tue, 12 Aug 2014 15:01:03 +0100
-
oxide-qt (1.1.1-0ubuntu3) utopic; urgency=medium
* Update to v1.1.1
- Bump Chromium rev to 37.0.2062.58
- Fix LP: #1337389 - Make ContentBrowserClient::CanCreateWindow work
again
- Fix LP: #1332996 - QtCreator often halts for a minute. Don't crash on
Qt platforms that don't implement QPlatformNativeInterface. As we can't
get a native display handle on these platforms, disallow any GL
implementation in Chromium and guard against accesses to
BrowserProcessMain::GetNativeDisplay()
* Build with GCC 4.8 for now because GCC 4.9 breaks web content layout on
the device, which sucks quite a lot right before RTM
- update debian/rules
- update debian/control
oxide-qt (1.1.0-0ubuntu1) utopic; urgency=medium
* Update to v1.1.0
- Bump Chromium rev to 37.0.2062.44
- Fix LP: #1337338 - Don't crash when destroying a visible RWHV, which
happens when a render process crashes
- Fix LP: #1337890 - Update the power save blocker to use the Unity API
on touch devices
- Fix LP: #1338639 - Don't crash when calling WebView.loadHtml() before
the webview is fully constructed
-- Chris Coulson <email address hidden> Thu, 31 Jul 2014 10:41:43 +0100
