From 741dd3da33920dd1c2e4485d85f7693d394798ce Mon Sep 17 00:00:00 2001
From: Jeongmin Kim <jm86.kim@lge.com>
Date: Tue, 11 Nov 2014 08:49:25 +0900
Subject: QNetworkDiskCache: Do not store set-cookie headers of the response in
 disk cache.

The cookies may contain sensitive information. so we should not store cookies in disk cache.

Task-number: QTBUG-42546
Change-Id: I6331bdd766445af41f55bfaf0e9132b75dd7957f
Reviewed-by: Jeongmin Kim <jm86.kim@lge.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
---
 src/network/access/qnetworkreplyhttpimpl.cpp | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/network')

diff --git a/src/network/access/qnetworkreplyhttpimpl.cpp b/src/network/access/qnetworkreplyhttpimpl.cpp
index 836b3c3fa4..4ce7303dbb 100644
--- a/src/network/access/qnetworkreplyhttpimpl.cpp
+++ b/src/network/access/qnetworkreplyhttpimpl.cpp
@@ -1399,6 +1399,9 @@ QNetworkCacheMetaData QNetworkReplyHttpImplPrivate::fetchCacheMetaData(const QNe
         if (hop_by_hop)
             continue;
 
+        if (header == "set-cookie")
+            continue;
+
         // for 4.6.0, we were planning to not store the date header in the
         // cached resource; through that we planned to reduce the number
         // of writes to disk when using a QNetworkDiskCache (i.e. don't
-- 
cgit v1.2.3