diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2017-02-22 18:22:02 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2017-02-23 14:21:35 +0000 |
commit | b48e960969bee08174c79d6660de1e448f1c6b5c (patch) | |
tree | 0829d91de70220d759d55db9060b923b3482f3f4 /src/network/access/qnetworkaccessmanager.cpp | |
parent | 8fd6cef3724b2d676c5f6ae235956192d85eac39 (diff) |
HSTS - API/naming fixes
As recommended in API review: use 'is...STS...Enabled' and 'set...STS..Enabled(bool)'
function names instead of stsEnabled and separate enable/disable functions.
Replace QList with QVector in the public API.
Change-Id: I1526124c830450058967ebc192d27575cc89292d
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Diffstat (limited to 'src/network/access/qnetworkaccessmanager.cpp')
-rw-r--r-- | src/network/access/qnetworkaccessmanager.cpp | 40 |
1 files changed, 13 insertions, 27 deletions
diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp index 19e9ecc265..0b03865df8 100644 --- a/src/network/access/qnetworkaccessmanager.cpp +++ b/src/network/access/qnetworkaccessmanager.cpp @@ -697,36 +697,22 @@ void QNetworkAccessManager::setCookieJar(QNetworkCookieJar *cookieJar) /*! \since 5.9 - Enables HTTP Strict Transport Security (HSTS, RFC6797). When processing a - request, QNetworkAccessManager automatically replaces "http" scheme with - "https" and uses a secure transport if a host is a known HSTS host. - Port 80 if it's set explicitly is replaced by port 443. + If \a enabled is \c true, QNetworkAccessManager follows the HTTP Strict Transport + Security policy (HSTS, RFC6797). When processing a request, QNetworkAccessManager + automatically replaces the "http" scheme with "https" and uses a secure transport + for HSTS hosts. If it's set explicitly, port 80 is replaced by port 443. When HSTS is enabled, for each HTTP response containing HSTS header and received over a secure transport, QNetworkAccessManager will update its HSTS cache, either remembering a host with a valid policy or removing a host with - expired/disabled HSTS policy. + an expired or disabled HSTS policy. - \sa disableStrictTransportSecurity(), strictTransportSecurityEnabled() + \sa isStrictTransportSecurityEnabled() */ -void QNetworkAccessManager::enableStrictTransportSecurity() +void QNetworkAccessManager::setStrictTransportSecurityEnabled(bool enabled) { Q_D(QNetworkAccessManager); - d->stsEnabled = true; -} - -/*! - \since 5.9 - - Disables HTTP Strict Transport Security (HSTS). HSTS headers in responses would - be ignored, no scheme/port mapping is done. - - \sa enableStrictTransportSecurity() -*/ -void QNetworkAccessManager::disableStrictTransportSecurity() -{ - Q_D(QNetworkAccessManager); - d->stsEnabled = false; + d->stsEnabled = enabled; } /*! @@ -735,9 +721,9 @@ void QNetworkAccessManager::disableStrictTransportSecurity() Returns true if HTTP Strict Transport Security (HSTS) was enabled. By default HSTS is disabled. - \sa enableStrictTransportSecurity + \sa setStrictTransportSecurityEnabled() */ -bool QNetworkAccessManager::strictTransportSecurityEnabled() const +bool QNetworkAccessManager::isStrictTransportSecurityEnabled() const { Q_D(const QNetworkAccessManager); return d->stsEnabled; @@ -761,7 +747,7 @@ bool QNetworkAccessManager::strictTransportSecurityEnabled() const \sa addStrictTransportSecurityHosts(), QHstsPolicy */ -void QNetworkAccessManager::addStrictTransportSecurityHosts(const QList<QHstsPolicy> &knownHosts) +void QNetworkAccessManager::addStrictTransportSecurityHosts(const QVector<QHstsPolicy> &knownHosts) { Q_D(QNetworkAccessManager); d->stsCache.updateFromPolicies(knownHosts); @@ -776,7 +762,7 @@ void QNetworkAccessManager::addStrictTransportSecurityHosts(const QList<QHstsPol \sa addStrictTransportSecurityHosts(), QHstsPolicy */ -QList<QHstsPolicy> QNetworkAccessManager::strictTransportSecurityHosts() const +QVector<QHstsPolicy> QNetworkAccessManager::strictTransportSecurityHosts() const { Q_D(const QNetworkAccessManager); return d->stsCache.policies(); @@ -1390,7 +1376,7 @@ QNetworkReply *QNetworkAccessManager::createRequest(QNetworkAccessManager::Opera #endif ) { #ifndef QT_NO_SSL - if (strictTransportSecurityEnabled() && d->stsCache.isKnownHost(request.url())) { + if (isStrictTransportSecurityEnabled() && d->stsCache.isKnownHost(request.url())) { QUrl stsUrl(request.url()); // RFC6797, 8.3: // The UA MUST replace the URI scheme with "https" [RFC2818], |