C++

1755 readers

1 users here now

The center for all discussion and news regarding C++.

Rules

Respect instance rules.
Don't be a jerk.
Please keep all posts related to C++.

founded 1 year ago

MODERATORS

lysdexic

[email protected]

Nihili0

[Qt] how to correctly inject a remote CSS file in a QWebEngineView (lemmy.kde.social)

submitted 1 year ago by [email protected] to c/cpp

0 comments fedilink hide all child comments

Hello! I'm trying to inject an external CSS file into a website displayed in a QWebEngineView. I successfully injected one with

QString css = readFromFileInAnyWayYouLike();
QString jsscript = QString(R"( 
	(function() { 
		css = document.createElement('style'); 
		css.type = 'text/css'; 
		css.id = 'userContent';
		document.head.appendChild(css); 
		css.innerText = '${css}';
	})())").replace("${css}", css);
m_webEngine->page()->runJavaScript(jsscript);

but I don't like this solution at all, because it would allow a malicious css file to execute arbitary code. So I tried injecting giving the style element an src to a remote file, or assigning @import "http://localhost:8000/userContent.css"; to the css inner text, but both these methods were blocked by the CSP. researches on the web didn't help me at all sadly. Is this possible to inject an external css fine into the webpage in a "secure" way?

thanks in advance!

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here