Refactor HSTS cache implementation

The original monstrosity is not needed at all. It was born only to implement RFC6797's description of the host matching algorithm (starting from superdomains and moving to subdomains). Actually, it does not really matter how we find known host - it can be a congruent match first instead, and then we proceed with superdomains. This way I can use QMap and my tests so far show it actually works faster (both insertion and lookup), also the code is cleaner now. Also, introduce the new class QHstsPolicy that essentially allows to mark a host as known host and conveniently encapsulates host name/expiration date/ subdomains policy. Add a public API providing access to HSTS policies, so that client code can pre-set or read back discovered known hosts (to implement persistent HSTS storage, for example). We support server-driven HSTS - this means client code is allowed to provide policies as hints to QNetworkAccessManager, but these policies can be overridden by HTTP responses with 'Strict-Transport-Security' headers. Change-Id: I64d250b6dc78bcb01003fadeded5302471d1389e Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
author: Timur Pocheptsov <timur.pocheptsov@qt.io> 2017-01-23 12:26:55 +0100
committer: Timur Pocheptsov <timur.pocheptsov@qt.io> 2017-01-24 20:33:20 +0000
commit: d2758b2f1dd88d273ff70864a0dd03a7c4e9dc78 (patch)
tree: 0f6e4fe0d1ac3289ce1a3d6ae53722560a05829c /src/network/access/qhstspolicy.h
parent: bd78f57463c381203099d7939c9d37cba0341713 (diff)
1 files changed, 82 insertions, 0 deletions
diff --git a/src/network/access/qhstspolicy.h b/src/network/access/qhstspolicy.h
new file mode 100644
index 0000000000..4260ac278c
--- /dev/null
+++ b/src/network/access/qhstspolicy.h
@@ -0,0 +1,82 @@
+/****************************************************************************
+**
+** Copyright (C) 2017 The Qt Company Ltd.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPL3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or (at your option) the GNU General
+** Public license version 3 or any later version approved by the KDE Free
+** Qt Foundation. The licenses are as published by the Free Software
+** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-2.0.html and
+** https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef QHSTSPOLICY_H
+#define QHSTSPOLICY_H
+
+#include <QtNetwork/qtnetworkglobal.h>
+
+#include <QtCore/qscopedpointer.h>
+#include <QtCore/qurl.h>
+
+QT_BEGIN_NAMESPACE
+
+class QHstsPolicyPrivate;
+class QDateTime;
+class QString;
+class Q_NETWORK_EXPORT QHstsPolicy
+{
+public:
+
+    QHstsPolicy();
+    QHstsPolicy(const QDateTime &expiry, bool includeSubDomains, const QString &host,
+                QUrl::ParsingMode mode = QUrl::DecodedMode);
+    QHstsPolicy(const QHstsPolicy &rhs);
+    QHstsPolicy &operator=(const QHstsPolicy &rhs);
+    QHstsPolicy &operator=(QHstsPolicy &&rhs) Q_DECL_NOTHROW;
+    ~QHstsPolicy();
+
+    void setHost(const QString &host, QUrl::ParsingMode mode = QUrl::DecodedMode);
+    QString host(QUrl::ComponentFormattingOptions options = QUrl::FullyDecoded) const;
+    void setExpiry(const QDateTime &expiry);
+    QDateTime expiry() const;
+    void setIncludesSubDomains(bool include);
+    bool includesSubDomains() const;
+
+    bool operator==(const QHstsPolicy &rhs) const;
+    bool isExpired() const;
+
+private:
+
+    QScopedPointer<QHstsPolicyPrivate> d;
+};
+
+QT_END_NAMESPACE
+
+#endif // QHSTSPOLICY_H
author	Timur Pocheptsov <timur.pocheptsov@qt.io>	2017-01-23 12:26:55 +0100
committer	Timur Pocheptsov <timur.pocheptsov@qt.io>	2017-01-24 20:33:20 +0000
commit	d2758b2f1dd88d273ff70864a0dd03a7c4e9dc78 (patch)
tree	0f6e4fe0d1ac3289ce1a3d6ae53722560a05829c /src/network/access/qhstspolicy.h
parent	bd78f57463c381203099d7939c9d37cba0341713 (diff)