From 83f4f9b40135f137f4f6fb009067392884f82426 Mon Sep 17 00:00:00 2001 From: Timur Pocheptsov Date: Fri, 6 Jan 2017 19:04:22 +0100 Subject: Add HTTP strict tranport security support to QNAM HTTP Strict Transport Security (HSTS) is a web security policy that allows a web server to declare that user agents should only interact with it using secure HTTPS connections. HSTS is described by RFC6797. This patch introduces a new API in Network Access Manager to enable this policy or disable it (default - STS is disabled). We also implement QHstsCache which caches known HTTS hosts, does host name lookup and domain name matching; QHstsHeaderParser to parse HSTS headers with HSTS policies. A new autotest added to test the caching, host name matching and headers parsing. [ChangeLog][QtNetwork] Added HTTP Strict Transport Security to QNAM Task-number: QTPM-238 Change-Id: Iabb5920344bf204a0d3036284f0d60675c29315c Reviewed-by: Timur Pocheptsov --- src/network/access/qnetworkaccessmanager.h | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/network/access/qnetworkaccessmanager.h') diff --git a/src/network/access/qnetworkaccessmanager.h b/src/network/access/qnetworkaccessmanager.h index c0a27100e5..143407fb25 100644 --- a/src/network/access/qnetworkaccessmanager.h +++ b/src/network/access/qnetworkaccessmanager.h @@ -120,6 +120,10 @@ public: QNetworkCookieJar *cookieJar() const; void setCookieJar(QNetworkCookieJar *cookieJar); + void enableStrictTransportSecurity(); + void disableStrictTransportSecurity(); + bool strictTransportSecurityEnabled() const; + QNetworkReply *head(const QNetworkRequest &request); QNetworkReply *get(const QNetworkRequest &request); QNetworkReply *post(const QNetworkRequest &request, QIODevice *data); -- cgit v1.2.3