summaryrefslogtreecommitdiffstats
path: root/src/webengine/api/qquickwebengineprofile.cpp
diff options
context:
space:
mode:
authorAllan Sandfeld Jensen <allan.jensen@qt.io>2018-08-01 12:57:44 +0200
committerAllan Sandfeld Jensen <allan.jensen@qt.io>2018-10-17 10:44:07 +0000
commit0b1025b8aea4aa0336671f7e908287d65490d120 (patch)
tree77c201fee93d3c184ce5b6b28d55fc01dc4a6d9e /src/webengine/api/qquickwebengineprofile.cpp
parent7b886ab2cdfc94cc70477f51bd28961de52e989c (diff)
Make it possible to enable OCSP on Linux
The code follows Chromium and also set a CertNetFetcher on both Linux and macOS, but it appears to be currently unused. [ChangeLog][QWebEngineProfile] A profile can now be designated to download OCSP records and thus enable OCSP verification on Linux. Task-number: QTBUG-58059 Task-number: QTBUG-71164 Change-Id: I84fd34d4351cb7aa4417ce4058f97bad4b8d0cd4 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
Diffstat (limited to 'src/webengine/api/qquickwebengineprofile.cpp')
-rw-r--r--src/webengine/api/qquickwebengineprofile.cpp60
1 files changed, 60 insertions, 0 deletions
diff --git a/src/webengine/api/qquickwebengineprofile.cpp b/src/webengine/api/qquickwebengineprofile.cpp
index ed2600e49..a97f3c6e2 100644
--- a/src/webengine/api/qquickwebengineprofile.cpp
+++ b/src/webengine/api/qquickwebengineprofile.cpp
@@ -277,6 +277,12 @@ void QQuickWebEngineProfilePrivate::downloadUpdated(const DownloadItemInfo &info
}
}
+void QQuickWebEngineProfilePrivate::useForGlobalCertificateVerificationChanged()
+{
+ Q_Q(QQuickWebEngineProfile);
+ Q_EMIT q->useForGlobalCertificateVerificationChanged();
+}
+
void QQuickWebEngineProfilePrivate::userScripts_append(QQmlListProperty<QQuickWebEngineScript> *p, QQuickWebEngineScript *script)
{
Q_ASSERT(p && p->data);
@@ -787,6 +793,60 @@ bool QQuickWebEngineProfile::isSpellCheckEnabled() const
}
/*!
+ \qmlproperty bool WebEngineProfile::useForGlobalCertificateVerification
+ \since QtWebEngine 1.9
+
+ This property controls if this profile is used for global certificate verification.
+ Only one profile may have that role at any time.
+
+ Current only offect Linux/NSS installation where having a profile with this role
+ enables OCSP.
+
+ By default no profile has this enabled.
+
+ \sa QQuickWebEngineProfile::setUseForGlobalCertificateVerification()
+*/
+
+/*!
+ \since 5.13
+
+ If enabled set this profile to be used for downloading and caching when needed
+ during certificate verification, for instance for OCSP, CRLs, and AIA.
+
+ Only one profile can do this at a time, and it is recommended that the profile
+ fullfilling this role has a disk HTTP cache to avoid needlessly re-downloading.
+
+ Currently only affects Linux/NSS installations where it enables OCSP.
+
+ As long as one profile has this option enabled, all other profiles will be
+ able to use it for their certificate verification.
+
+ \sa isUsedForGlobalCertificateVerification()
+*/
+void QQuickWebEngineProfile::setUseForGlobalCertificateVerification(bool enable)
+{
+ Q_D(QQuickWebEngineProfile);
+ if (enable != d->profileAdapter()->isUsedForGlobalCertificateVerification()) {
+ d->profileAdapter()->setUseForGlobalCertificateVerification(enable);
+ emit useForGlobalCertificateVerificationChanged();
+ }
+}
+
+/*!
+ \since 5.13
+
+ Returns \c true if this profile is currently being used for global
+ certificate verification.
+
+ \sa setUseForGlobalCertificateVerification()
+*/
+bool QQuickWebEngineProfile::isUsedForGlobalCertificateVerification() const
+{
+ const Q_D(QQuickWebEngineProfile);
+ return d->profileAdapter()->isUsedForGlobalCertificateVerification();
+}
+
+/*!
Returns the cookie store for this profile.
*/