Disable SSL compression by default.

Disable SSL compression by default since this appears to be the a likely cause of the currently hyped CRIME attack. Change-Id: I515fcc46f5199acf938e9e880a4345f2d405b2a3 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Peter Hartmann <phartmann@rim.com>
author: Richard Moore <rich@kde.org> 2012-09-11 22:49:55 +0100
committer: The Qt Project <gerrit-noreply@qt-project.org> 2012-09-18 14:12:17 +0200
commit: 5ea896fbc63593f424a7dfbb11387599c0025c74 (patch)
tree: 000d7cc978458bb7e48d3a59cbe4257a6bcbc4ec /src/network/ssl/qsslconfiguration.cpp
parent: 3f970c20f9afd5c9a1cc14d7f69882e13f6aaf1b (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp
index 96337372e0..c9691e4ee4 100644
--- a/src/network/ssl/qsslconfiguration.cpp
+++ b/src/network/ssl/qsslconfiguration.cpp
@@ -48,7 +48,8 @@
 QT_BEGIN_NAMESPACE
 
 const QSsl::SslOptions QSslConfigurationPrivate::defaultSslOptions = QSsl::SslOptionDisableEmptyFragments
-                                                                    |QSsl::SslOptionDisableLegacyRenegotiation;
+                                                                    |QSsl::SslOptionDisableLegacyRenegotiation
+                                                                    |QSsl::SslOptionDisableCompression;
 
 /*!
     \class QSslConfiguration
author	Richard Moore <rich@kde.org>	2012-09-11 22:49:55 +0100
committer	The Qt Project <gerrit-noreply@qt-project.org>	2012-09-18 14:12:17 +0200
commit	5ea896fbc63593f424a7dfbb11387599c0025c74 (patch)
tree	000d7cc978458bb7e48d3a59cbe4257a6bcbc4ec /src/network/ssl/qsslconfiguration.cpp
parent	3f970c20f9afd5c9a1cc14d7f69882e13f6aaf1b (diff)