diff options
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/access/qnetworkcookiejar.cpp | 21 | ||||
-rw-r--r-- | src/network/kernel/qauthenticator.cpp | 15 | ||||
-rw-r--r-- | src/network/kernel/qauthenticator_p.h | 2 |
3 files changed, 12 insertions, 26 deletions
diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp index 072a7f249d..af5b126953 100644 --- a/src/network/access/qnetworkcookiejar.cpp +++ b/src/network/access/qnetworkcookiejar.cpp @@ -45,6 +45,14 @@ #include "QtCore/qdatetime.h" #if QT_CONFIG(topleveldomain) #include "private/qtldurl_p.h" +#else +QT_BEGIN_NAMESPACE +static bool qIsEffectiveTLD(QString domain) +{ + // provide minimal checking by not accepting cookies on real TLDs + return !domain.contains(QLatin1Char('.')); +} +QT_END_NAMESPACE #endif QT_BEGIN_NAMESPACE @@ -356,19 +364,12 @@ bool QNetworkCookieJar::validateCookie(const QNetworkCookie &cookie, const QUrl // https://tools.ietf.org/html/rfc6265#section-5.3 step 5 if (host == domain) return true; -#if QT_CONFIG(topleveldomain) // the check for effective TLDs makes the "embedded dot" rule from RFC 2109 section 4.3.2 // redundant; the "leading dot" rule has been relaxed anyway, see QNetworkCookie::normalize() // we remove the leading dot for this check if it's present - if (qIsEffectiveTLD(domain)) - return false; // not accepted -#else - // provide minimal checking by not accepting cookies on real TLDs - if (!domain.contains(QLatin1Char('.'))) - return false; -#endif - - return true; + // Normally defined in qtldurl_p.h, but uses fall-back in this file when topleveldomain isn't + // configured: + return !qIsEffectiveTLD(domain); } QT_END_NAMESPACE diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp index 34db5b4b31..47ce9ab0c6 100644 --- a/src/network/kernel/qauthenticator.cpp +++ b/src/network/kernel/qauthenticator.cpp @@ -465,27 +465,12 @@ QByteArray QAuthenticatorPrivate::calculateResponse(const QByteArray &requestMet methodString = ""; phase = Done; break; - case QAuthenticatorPrivate::Plain: - response = '\0' + user.toUtf8() + '\0' + password.toUtf8(); - phase = Done; - break; case QAuthenticatorPrivate::Basic: methodString = "Basic "; response = user.toLatin1() + ':' + password.toLatin1(); response = response.toBase64(); phase = Done; break; - case QAuthenticatorPrivate::Login: - if (challenge.contains("VXNlciBOYW1lAA==")) { - response = user.toUtf8().toBase64(); - phase = Phase2; - } else if (challenge.contains("UGFzc3dvcmQA")) { - response = password.toUtf8().toBase64(); - phase = Done; - } - break; - case QAuthenticatorPrivate::CramMd5: - break; case QAuthenticatorPrivate::DigestMd5: methodString = "Digest "; response = digestMd5Response(challenge, requestMethod, path); diff --git a/src/network/kernel/qauthenticator_p.h b/src/network/kernel/qauthenticator_p.h index 8a1ee0ebe6..265cb7afe2 100644 --- a/src/network/kernel/qauthenticator_p.h +++ b/src/network/kernel/qauthenticator_p.h @@ -68,7 +68,7 @@ class QNtlmWindowsHandles; class Q_AUTOTEST_EXPORT QAuthenticatorPrivate { public: - enum Method { None, Basic, Plain, Login, Ntlm, CramMd5, DigestMd5 }; + enum Method { None, Basic, Ntlm, DigestMd5 }; QAuthenticatorPrivate(); ~QAuthenticatorPrivate(); |