From 954773124a453107e4f4a79b8c3342924f34d703 Mon Sep 17 00:00:00 2001
From: Brad Davis <bdavis@saintandreas.org>
Date: Wed, 28 Aug 2019 09:56:45 -0700
Subject: [PATCH] BUGZ-1363: crash when checking for web content restrictions

---
 interface/src/ui/InteractiveWindow.cpp        | 19 +++++++++++++++----
 libraries/ui/src/QmlWindowClass.cpp           |  4 +---
 .../ui/src/ui/types/ContextAwareProfile.cpp   | 18 ++++++++++++------
 .../ui/src/ui/types/ContextAwareProfile.h     |  8 ++++----
 libraries/ui/src/ui/types/FileTypeProfile.cpp |  4 ++--
 .../ui/src/ui/types/HFWebEngineProfile.cpp    |  2 +-
 libraries/ui/src/ui/types/RequestFilters.cpp  |  6 +++---
 libraries/ui/src/ui/types/RequestFilters.h    |  4 ++--
 8 files changed, 40 insertions(+), 25 deletions(-)

diff --git a/interface/src/ui/InteractiveWindow.cpp b/interface/src/ui/InteractiveWindow.cpp
index 9145b12d30..af3562e747 100644
--- a/interface/src/ui/InteractiveWindow.cpp
+++ b/interface/src/ui/InteractiveWindow.cpp
@@ -18,6 +18,7 @@
 #include <QtQuick/QQuickWindow>
 #include <QQuickView>
 
+#include <ui/types/ContextAwareProfile.h>
 #include <DependencyManager.h>
 #include <DockWidget.h>
 #include <RegisteredMetaTypes.h>
@@ -228,9 +229,15 @@ InteractiveWindow::InteractiveWindow(const QString& sourceUrl, const QVariantMap
         _dockWidget->setObjectName("DockedWidget");
         mainWindow->addDockWidget(dockArea, _dockWidget.get());
     } else {
-        auto offscreenUi = DependencyManager::get<OffscreenUi>();
-        // Build the event bridge and wrapper on the main thread
-        offscreenUi->loadInNewContext(CONTENT_WINDOW_QML, [&](QQmlContext* context, QObject* object) {
+        auto contextInitLambda = [&](QQmlContext* context) {
+#if !defined(Q_OS_ANDROID)
+            // If the restricted flag is on, override the FileTypeProfile and HFWebEngineProfile objects in the 
+            // QML surface root context with local ones
+            ContextAwareProfile::restrictContext(context, false);
+#endif
+        };
+
+        auto objectInitLambda = [&](QQmlContext* context, QObject* object) {
             _qmlWindowProxy = std::shared_ptr<QmlWindowProxy>(new QmlWindowProxy(object, nullptr), qmlWindowProxyDeleter);
             context->setContextProperty(EVENT_BRIDGE_PROPERTY, _interactiveWindowProxy.get());
             if (properties.contains(ADDITIONAL_FLAGS_PROPERTY)) {
@@ -286,7 +293,11 @@ InteractiveWindow::InteractiveWindow(const QString& sourceUrl, const QVariantMap
             }
             object->setObjectName("InteractiveWindow");
             object->setProperty(SOURCE_PROPERTY, sourceURL);
-        });
+        };
+        auto offscreenUi = DependencyManager::get<OffscreenUi>();
+
+        // Build the event bridge and wrapper on the main thread
+        offscreenUi->loadInNewContext(CONTENT_WINDOW_QML, objectInitLambda, contextInitLambda);
     }
 }
 
diff --git a/libraries/ui/src/QmlWindowClass.cpp b/libraries/ui/src/QmlWindowClass.cpp
index 1140dbb079..4690a720f2 100644
--- a/libraries/ui/src/QmlWindowClass.cpp
+++ b/libraries/ui/src/QmlWindowClass.cpp
@@ -136,10 +136,8 @@ void QmlWindowClass::initQml(QVariantMap properties) {
 #if !defined(Q_OS_ANDROID)
         // If the restricted flag is on, override the FileTypeProfile and HFWebEngineProfile objects in the 
         // QML surface root context with local ones
-        qDebug() << "Context initialization lambda";
+        ContextAwareProfile::restrictContext(context, _restricted);
         if (_restricted) {
-            qDebug() << "Restricting web content";
-            ContextAwareProfile::restrictContext(context);
             FileTypeProfile::registerWithContext(context);
             HFWebEngineProfile::registerWithContext(context);
         }
diff --git a/libraries/ui/src/ui/types/ContextAwareProfile.cpp b/libraries/ui/src/ui/types/ContextAwareProfile.cpp
index 98cc94ec10..8e363e6546 100644
--- a/libraries/ui/src/ui/types/ContextAwareProfile.cpp
+++ b/libraries/ui/src/ui/types/ContextAwareProfile.cpp
@@ -10,6 +10,8 @@
 //
 
 #include "ContextAwareProfile.h"
+#include <QtCore/QThread>
+#include <shared/QtHelpers.h>
 
 #if !defined(Q_OS_ANDROID)
 
@@ -17,16 +19,20 @@
 
 static const QString RESTRICTED_FLAG_PROPERTY = "RestrictFileAccess";
 
-ContextAwareProfile::ContextAwareProfile(QQmlContext* parent) :
-    QQuickWebEngineProfile(parent), _context(parent) { }
+ContextAwareProfile::ContextAwareProfile(QQmlContext* context) :
+    QQuickWebEngineProfile(context), _context(context) { }
 
 
-void ContextAwareProfile::restrictContext(QQmlContext* context) {
-    context->setContextProperty(RESTRICTED_FLAG_PROPERTY, true);
+void ContextAwareProfile::restrictContext(QQmlContext* context, bool restrict) {
+    context->setContextProperty(RESTRICTED_FLAG_PROPERTY, restrict);
 }
 
-bool ContextAwareProfile::isRestricted(QQmlContext* context) {
-    return context->contextProperty(RESTRICTED_FLAG_PROPERTY).toBool();
+bool ContextAwareProfile::isRestricted() {
+    if (QThread::currentThread() != thread()) {
+        bool restrictedResult = false;
+        BLOCKING_INVOKE_METHOD(this, "isRestricted", Q_RETURN_ARG(bool, restrictedResult));
+    }
+    return _context->contextProperty(RESTRICTED_FLAG_PROPERTY).toBool();
 }
 
 #endif
\ No newline at end of file
diff --git a/libraries/ui/src/ui/types/ContextAwareProfile.h b/libraries/ui/src/ui/types/ContextAwareProfile.h
index 8fa5b98878..ad42c2677d 100644
--- a/libraries/ui/src/ui/types/ContextAwareProfile.h
+++ b/libraries/ui/src/ui/types/ContextAwareProfile.h
@@ -20,16 +20,16 @@
 class QQmlContext;
 
 class ContextAwareProfile : public QQuickWebEngineProfile {
+    Q_OBJECT
 public:
-    static void restrictContext(QQmlContext* context);
-    static bool isRestricted(QQmlContext* context);
-    QQmlContext* getContext() const { return _context; }
+    static void restrictContext(QQmlContext* context, bool restrict = true);
+    Q_INVOKABLE bool isRestricted();
 protected:
 
     class RequestInterceptor : public QWebEngineUrlRequestInterceptor {
     public:
         RequestInterceptor(ContextAwareProfile* parent) : QWebEngineUrlRequestInterceptor(parent), _profile(parent) {}
-        QQmlContext* getContext() const { return _profile->getContext(); }
+        bool isRestricted() { return _profile->isRestricted(); }
     protected:
         ContextAwareProfile* _profile;
     };
diff --git a/libraries/ui/src/ui/types/FileTypeProfile.cpp b/libraries/ui/src/ui/types/FileTypeProfile.cpp
index 073460903e..615e80b85c 100644
--- a/libraries/ui/src/ui/types/FileTypeProfile.cpp
+++ b/libraries/ui/src/ui/types/FileTypeProfile.cpp
@@ -29,8 +29,8 @@ FileTypeProfile::FileTypeProfile(QQmlContext* parent) :
 }
 
 void FileTypeProfile::RequestInterceptor::interceptRequest(QWebEngineUrlRequestInfo& info) {
-    RequestFilters::interceptHFWebEngineRequest(info, getContext());
-    RequestFilters::interceptFileType(info, getContext());
+    RequestFilters::interceptHFWebEngineRequest(info, isRestricted());
+    RequestFilters::interceptFileType(info);
 }
 
 void FileTypeProfile::registerWithContext(QQmlContext* context) {
diff --git a/libraries/ui/src/ui/types/HFWebEngineProfile.cpp b/libraries/ui/src/ui/types/HFWebEngineProfile.cpp
index ef1d009f09..3c5701cc52 100644
--- a/libraries/ui/src/ui/types/HFWebEngineProfile.cpp
+++ b/libraries/ui/src/ui/types/HFWebEngineProfile.cpp
@@ -28,7 +28,7 @@ HFWebEngineProfile::HFWebEngineProfile(QQmlContext* parent) : Parent(parent)
 }
 
 void HFWebEngineProfile::RequestInterceptor::interceptRequest(QWebEngineUrlRequestInfo& info) {
-    RequestFilters::interceptHFWebEngineRequest(info, getContext());
+    RequestFilters::interceptHFWebEngineRequest(info, isRestricted());
 }
 
 void HFWebEngineProfile::registerWithContext(QQmlContext* context) {
diff --git a/libraries/ui/src/ui/types/RequestFilters.cpp b/libraries/ui/src/ui/types/RequestFilters.cpp
index a3b3b7dc57..3fa1cd0bd9 100644
--- a/libraries/ui/src/ui/types/RequestFilters.cpp
+++ b/libraries/ui/src/ui/types/RequestFilters.cpp
@@ -63,8 +63,8 @@ namespace {
      }
 }
 
-void RequestFilters::interceptHFWebEngineRequest(QWebEngineUrlRequestInfo& info, QQmlContext* context) {
-    if (ContextAwareProfile::isRestricted(context) && blockLocalFiles(info)) {
+void RequestFilters::interceptHFWebEngineRequest(QWebEngineUrlRequestInfo& info, bool restricted) {
+    if (restricted && blockLocalFiles(info)) {
         return;
     }
 
@@ -90,7 +90,7 @@ void RequestFilters::interceptHFWebEngineRequest(QWebEngineUrlRequestInfo& info,
     info.setHttpHeader(USER_AGENT.toLocal8Bit(), tokenString.toLocal8Bit());
 }
 
-void RequestFilters::interceptFileType(QWebEngineUrlRequestInfo& info, QQmlContext* context) {
+void RequestFilters::interceptFileType(QWebEngineUrlRequestInfo& info) {
     QString filename = info.requestUrl().fileName();
     if (isScript(filename) || isJSON(filename)) {
         static const QString CONTENT_HEADER = "Accept";
diff --git a/libraries/ui/src/ui/types/RequestFilters.h b/libraries/ui/src/ui/types/RequestFilters.h
index 8fde94a1b4..0c25bbb354 100644
--- a/libraries/ui/src/ui/types/RequestFilters.h
+++ b/libraries/ui/src/ui/types/RequestFilters.h
@@ -24,8 +24,8 @@ class QQmlContext;
 
 class RequestFilters : public QObject {
 public:
-    static void interceptHFWebEngineRequest(QWebEngineUrlRequestInfo& info, QQmlContext* context);
-    static void interceptFileType(QWebEngineUrlRequestInfo& info, QQmlContext* context);
+    static void interceptHFWebEngineRequest(QWebEngineUrlRequestInfo& info, bool restricted);
+    static void interceptFileType(QWebEngineUrlRequestInfo& info);
 };
 #endif