[Interest] QtWebkit error while building Qt5.12.7 sources

Konstantin Tokarev annulen at yandex.ru
Thu Feb 20 00:16:47 CET 2020

20.02.2020, 01:54, "Thiago Macieira" <thiago.macieira at intel.com>:
> On Wednesday, 19 February 2020 09:04:32 PST Konstantin Tokarev wrote:
>>  That's correct, most of the work in last year is targeted to a new branch
>>  with updated WebKit. However, 5.212 serves its job well, it's compatible
>>  with current Qt and is at least is strictly better than 5.9 in terms of
>>  bugs, features and security. Of course, it should be used with caution on
>>  untrusted content, because of possible security issues.
> Strictly better than 5.5, you mean.

No, than https://code.qt.io/cgit/qt/qtwebkit.git/log/?h=5.9
There is no valid use case for 5.5 tags now, as I pointed out in my other reply.

> Yes, it is. But that's like saying that an open backyard door in your house is
> better than an open front door. It is, but it's also unacceptably insecure.
> I guess that if you control the HTML & JS content, never downloading from the
> network, maybe that's acceptable, though.

If you consider Qt implementation of network stack secure enough [1], downloading 
content from server controlled by the same party via HTTPS with proper certificate
validation can be considered secure as well.

Another possible case is use in sufficiently isolated environment or device without
access to sensitive data.

[1] Including dependencies like OpenSSL


More information about the Interest mailing list