diff options
author | Samuel Gaist <samuel.gaist@idiap.ch> | 2018-11-20 23:31:37 +0100 |
---|---|---|
committer | Samuel Gaist <samuel.gaist@idiap.ch> | 2018-11-22 13:06:16 +0000 |
commit | c85304484261af2fc046c909087549799a5979f9 (patch) | |
tree | 50a8ef43ba4db67722daf247f4edb036ccc72646 /src/oauth/qoauthhttpserverreplyhandler.cpp | |
parent | b69560d2b48d2dde568b0b7d5bf40adb21f61f95 (diff) |
Use 127.0.0.1 for redirect URI
Following section 8.3 of RFC 8252
(https://tools.ietf.org/html/rfc8252#section-8.3), it is specifically
not recommended to use localhost but 127.0.0.1. This patch fixes that.
[ChangeLog][General] Use 127.0.0.1 in place of localhost for redirect
URI following RFC 8252.
Fixes: QTBUG-67528
Change-Id: I6f5a8dd26134cde2373185eaf2c8853d6f500e98
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'src/oauth/qoauthhttpserverreplyhandler.cpp')
-rw-r--r-- | src/oauth/qoauthhttpserverreplyhandler.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/oauth/qoauthhttpserverreplyhandler.cpp b/src/oauth/qoauthhttpserverreplyhandler.cpp index dca4671..aefdd08 100644 --- a/src/oauth/qoauthhttpserverreplyhandler.cpp +++ b/src/oauth/qoauthhttpserverreplyhandler.cpp @@ -187,7 +187,7 @@ bool QOAuthHttpServerReplyHandlerPrivate::QHttpRequest::readUrl(QTcpSocket *sock qCWarning(lcReplyHandler, "Invalid URL path %s", fragment.constData()); return false; } - url.setUrl(QStringLiteral("http://localhost:") + QString::number(port) + + url.setUrl(QStringLiteral("http://127.0.0.1:") + QString::number(port) + QString::fromUtf8(fragment)); state = State::ReadingStatus; if (!url.isValid()) { @@ -273,7 +273,7 @@ QString QOAuthHttpServerReplyHandler::callback() const Q_D(const QOAuthHttpServerReplyHandler); Q_ASSERT(d->httpServer.isListening()); - const QUrl url(QString::fromLatin1("http://localhost:%1/%2") + const QUrl url(QString::fromLatin1("http://127.0.0.1:%1/%2") .arg(d->httpServer.serverPort()).arg(d->path)); return url.toString(QUrl::EncodeDelimiters); } |