diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2017-01-06 19:04:22 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2017-01-20 08:41:50 +0000 |
commit | 83f4f9b40135f137f4f6fb009067392884f82426 (patch) | |
tree | 7cbf888411f17615f42c529a60aa81bd81076f7b /src/network/access/qnetworkreply.cpp | |
parent | da0241a2e7df020b2ae3b93c7a4204af851222f3 (diff) |
Add HTTP strict tranport security support to QNAM
HTTP Strict Transport Security (HSTS) is a web security policy that
allows a web server to declare that user agents should only interact
with it using secure HTTPS connections. HSTS is described by RFC6797.
This patch introduces a new API in Network Access Manager to enable
this policy or disable it (default - STS is disabled).
We also implement QHstsCache which caches known HTTS hosts, does
host name lookup and domain name matching; QHstsHeaderParser to
parse HSTS headers with HSTS policies.
A new autotest added to test the caching, host name matching
and headers parsing.
[ChangeLog][QtNetwork] Added HTTP Strict Transport Security to QNAM
Task-number: QTPM-238
Change-Id: Iabb5920344bf204a0d3036284f0d60675c29315c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/access/qnetworkreply.cpp')
-rw-r--r-- | src/network/access/qnetworkreply.cpp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/network/access/qnetworkreply.cpp b/src/network/access/qnetworkreply.cpp index 17990f02f5..ca27e66791 100644 --- a/src/network/access/qnetworkreply.cpp +++ b/src/network/access/qnetworkreply.cpp @@ -732,7 +732,11 @@ void QNetworkReply::setSslConfiguration(const QSslConfiguration &config) You can clear the list of errors you want to ignore by calling this function with an empty list. - \sa sslConfiguration(), sslErrors(), QSslSocket::ignoreSslErrors() + \note If HTTP Strict Transport Security is enabled for QNetworkAccessManager, + this function has no effect. + + \sa sslConfiguration(), sslErrors(), QSslSocket::ignoreSslErrors(), + QNetworkAccessManager::enableStrictTransportSecurity() */ void QNetworkReply::ignoreSslErrors(const QList<QSslError> &errors) { @@ -799,6 +803,9 @@ void QNetworkReply::ignoreSslErrorsImplementation(const QList<QSslError> &) sslErrors() signal, which indicates which errors were found. + \note If HTTP Strict Transport Security is enabled for QNetworkAccessManager, + this function has no effect. + \sa sslConfiguration(), sslErrors(), QSslSocket::ignoreSslErrors() */ void QNetworkReply::ignoreSslErrors() |