summaryrefslogtreecommitdiffstats
path: root/src/network/access/qhstspolicy.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Doc: add missing doc for parametersNico Vertriest2017-04-181-4/+4
| | | | | | | | | qhstspolicy.cpp:105: warning: Undocumented parameter 'flags' in QHstsPolicy::QHstsPolicy() qhstspolicy.cpp:105: warning: No such parameter 'includeSubDomains' in QHstsPolicy::QHstsPolicy() qnetworkaccessmanager.cpp:732: warning: Undocumented parameter 'knownHosts' in QNetworkAccessManager::addStrictTransportSecurityHosts() Change-Id: I24217d328df12febab30e19e2abd351e87007959 Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
* QHstsPolicy: Replace bool with QFlagsTimur Pocheptsov2017-03-081-3/+11
| | | | | | | | | | | | | | | As pointed out in the previous code-review: Replace a bool ctor parameter with QFlags<enum> to conform to Qt API Design Principles (Boolean Parameter Trap). Since the bool with its many unwanted implicit conversions is gone from the ctor parameter list now, drop the explicit keyword again. It was requested because of the boolean parameter in the first place. Change-Id: Ibaf287a6a3e38c22f033fd5d9e024c54f30a1fd4 Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
* HSTS policy - fix APITimur Pocheptsov2017-02-241-21/+11
| | | | | | | | | | | | | | API-review follow-up: 1. make a ctor explicit 2. add swap member-function 3. make move-assignment inlined 4. make comparison operators non-members 5. make d_ptr QSharedDataPointer (and private implementation - QSharedData). Change-Id: I3257ca03cccd0f1254c9b95461752911359352a5 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* HSTS - API/naming fixesTimur Pocheptsov2017-02-231-1/+1
| | | | | | | | | | As recommended in API review: use 'is...STS...Enabled' and 'set...STS..Enabled(bool)' function names instead of stsEnabled and separate enable/disable functions. Replace QList with QVector in the public API. Change-Id: I1526124c830450058967ebc192d27575cc89292d Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
* Fix some qdoc warnings for 5.9Friedemann Kleint2017-02-061-4/+4
| | | | | | | | | | | | | | | | | | | Fix warnings: src/network/access/qhstspolicy.cpp:158: warning: Undocumented parameter 'expiry' in QHstsPolicy::setExpiry() src/network/access/qhstspolicy.cpp:178: warning: Undocumented parameter 'include' in QHstsPolicy::setIncludesSubDomains() src/network/access/qhstspolicy.cpp:178: warning: Can't link to 'includeSubdomains()' src/widgets/kernel/qsizepolicy.cpp:402: warning: Cannot find 'transposed(...)' in '\fn' QSizePolicy QSizePolicy::transposed() src/widgets/kernel/qsizepolicy.h:165: warning: No documentation for 'QSizePolicy::transposed()' src/widgets/util/qundostack.cpp:164: warning: Undocumented parameter 'obsolete' in QUndoCommand::setObsolete() Fix the signature of the QStaticByteArrayMatcher member functions. The warnings src/corelib/tools/qbytearraymatcher.cpp:372: warning: Cannot find 'indexIn(...)' in '\fn' QStaticByteArrayMatcher::indexIn(const char *haystack, int hlen, int from) src/corelib/tools/qbytearraymatcher.cpp:382: warning: Cannot find 'indexIn(...)' in '\fn' QStaticByteArrayMatcher::indexIn(const QByteArray &haystack, int from) remain, though since apparently qdoc is thrown off by the constructor. Change-Id: I157359a881ff3fbc80d2eeb52dd5c27249d009c4 Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* Refactor HSTS cache implementationTimur Pocheptsov2017-01-241-0/+218
The original monstrosity is not needed at all. It was born only to implement RFC6797's description of the host matching algorithm (starting from superdomains and moving to subdomains). Actually, it does not really matter how we find known host - it can be a congruent match first instead, and then we proceed with superdomains. This way I can use QMap and my tests so far show it actually works faster (both insertion and lookup), also the code is cleaner now. Also, introduce the new class QHstsPolicy that essentially allows to mark a host as known host and conveniently encapsulates host name/expiration date/ subdomains policy. Add a public API providing access to HSTS policies, so that client code can pre-set or read back discovered known hosts (to implement persistent HSTS storage, for example). We support server-driven HSTS - this means client code is allowed to provide policies as hints to QNetworkAccessManager, but these policies can be overridden by HTTP responses with 'Strict-Transport-Security' headers. Change-Id: I64d250b6dc78bcb01003fadeded5302471d1389e Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>