qt/qt.git - Qt 4.x. This repository is obsolete.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Update copyright year to 2011.	Jason McDonald	2011-01-11	1	-1/+1
\| \| \| \|	Reviewed-by: Trust Me
*	cookie jar code: enhance security by keeping track of effective TLDs	Peter Hartmann	2011-01-05	1	-12/+51
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	The problem was the following: According to the cookie RFC, domains must have at least one dot in their name for setting a cookie (e.g. domain example.com can set a cookie for ".example.com" but not for ".com"). The problem is: Following this rule, one could still set "supercookies" for e.g. ".co.uk". The solution is to generate a table from http://publicsuffix.org which maintains a list of all "effective" TLDs like e.g. ".co.uk". Reviewed-by: Olivier Goffart Task-number: QTBUG-14706
*	Secure Cookies should only be sent over secure connections.	Robert Hogan	2010-04-28	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	http://bugreports.qt.nokia.com/browse/QTBUG-9618 QtWebKit currently fails the following test: LayoutTests/http/tests/xmlhttprequest/cookies.html This is because QNetworkCookieJar::cookiesForUrl returns secure cookies even when the connection is not secure. A 'secure' cookie is set by response headers from a http server as follows: 'Set-Cookie: cookie-name=value; secure' Correct QNetworkCookieJar::cookiesForUrl to ignore secure cookies when the url in the request is not 'https:'. Task-number: QTBUG-9618 Merge-request: 2372 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
*	Update copyright year to 2010	Jason McDonald	2010-01-07	1	-1/+1
\| \| \| \|	Reviewed-by: Trust Me
*	QNetworkCookieJar: don't do path checking when receiving cookies	Peter Hartmann	2009-11-24	1	-3/+4
\| \| \| \| \| \| \| \| \| \| \| \|	Actually, the RFC 2109 says cookies should not be stored if the path attribute is not a prefix of the request URI the cookie comes from. However, all browsers allow it anyway; with the demo browser e.g. logging in to wordpress.com was not possible. We still do path checking when sending cookies, i.e. in QNetworkCookieJar::cookiesForUrl(). Reviewed-by: Markus Goetz Task-number: QTBUG-5815
*	QNetworkCookie: Add the dot prefix of the domain while adding to the jar	Jocelyn Turcotte	2009-11-09	1	-0/+7
\| \| \| \| \| \| \| \| \| \| \|	instead than when parsing the cookie header. This corrects the bug QT-2379, happening in the following sequence: parseCookie -> setCookieUrl -> toRawForm -> parseCookie where a default domain would now also have a dot prefix, and shouldn't. QT-2379 Reviewed-by: Peter Hartmann
*	Update license headers again.	Jason McDonald	2009-09-09	1	-4/+4
\| \| \| \|	Reviewed-by: Trust Me
*	Update tech preview license header for files that are new in 4.6.	Jason McDonald	2009-08-31	1	-13/+13
\| \| \| \|	Reviewed-by: Trust Me
*	Update contact URL in license headers.	Jason McDonald	2009-08-12	1	-1/+1
\| \| \| \|	Reviewed-by: Trust Me
*	Move the QNetworkCookieJar class out of qnetworkcookie.[h,cpp] files and ↵	Benjamin C Meyer	2009-07-29	1	-0/+296
	into qnetworkcookiejar[h,_p.h,cpp]. one adjustment was necessary from the merge request: The line 110 in qnetworkcookie.h needed to include qnetworkcookiejar.h, not <QtNetwork/QNetworkCookieJar> . Merge-request: 1015 Reviewed-by: Peter Hartmann