diff options
author | Lars Knoll <lars.knoll@qt.io> | 2016-08-26 13:39:14 +0200 |
---|---|---|
committer | Lars Knoll <lars.knoll@qt.io> | 2016-10-11 14:20:27 +0000 |
commit | 369857d29437615e1fda9fb1ab2f94e464d55ca2 (patch) | |
tree | 5efb1e47561de6a36da3f2c91b01726321b4dac6 /src/network/access/qnetworkcookiejar.cpp | |
parent | 5574a814ff7d4932c817618c34e80f3c61887e26 (diff) |
Add configure feature for QUrl::topLevelDomain
Change-Id: I237af8c60a9572c707e7004c9a284dd6cd3306ce
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Diffstat (limited to 'src/network/access/qnetworkcookiejar.cpp')
-rw-r--r-- | src/network/access/qnetworkcookiejar.cpp | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp index 429b71eb21..0540cb740f 100644 --- a/src/network/access/qnetworkcookiejar.cpp +++ b/src/network/access/qnetworkcookiejar.cpp @@ -335,11 +335,20 @@ bool QNetworkCookieJar::validateCookie(const QNetworkCookie &cookie, const QUrl if (!isParentDomain(domain, host) && !isParentDomain(host, domain)) return false; // not accepted + if (domain.startsWith(QLatin1Char('.'))) + domain = domain.mid(1); + +#if QT_CONFIG(topleveldomain) // the check for effective TLDs makes the "embedded dot" rule from RFC 2109 section 4.3.2 // redundant; the "leading dot" rule has been relaxed anyway, see QNetworkCookie::normalize() // we remove the leading dot for this check if it's present - if (qIsEffectiveTLD(domain.startsWith('.') ? domain.remove(0, 1) : domain)) + if (qIsEffectiveTLD(domain)) return false; // not accepted +#else + // provide minimal checking by not accepting cookies on real TLDs + if (!domain.contains(QLatin1Char('.'))) + return false; +#endif return true; } |