diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-08-01 12:57:44 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-10-17 10:44:07 +0000 |
commit | 0b1025b8aea4aa0336671f7e908287d65490d120 (patch) | |
tree | 77c201fee93d3c184ce5b6b28d55fc01dc4a6d9e /src/webengine/api/qquickwebengineprofile.cpp | |
parent | 7b886ab2cdfc94cc70477f51bd28961de52e989c (diff) |
Make it possible to enable OCSP on Linux
The code follows Chromium and also set a CertNetFetcher on both Linux
and macOS, but it appears to be currently unused.
[ChangeLog][QWebEngineProfile] A profile can now be designated to
download OCSP records and thus enable OCSP verification on Linux.
Task-number: QTBUG-58059
Task-number: QTBUG-71164
Change-Id: I84fd34d4351cb7aa4417ce4058f97bad4b8d0cd4
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
Diffstat (limited to 'src/webengine/api/qquickwebengineprofile.cpp')
-rw-r--r-- | src/webengine/api/qquickwebengineprofile.cpp | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/src/webengine/api/qquickwebengineprofile.cpp b/src/webengine/api/qquickwebengineprofile.cpp index ed2600e49..a97f3c6e2 100644 --- a/src/webengine/api/qquickwebengineprofile.cpp +++ b/src/webengine/api/qquickwebengineprofile.cpp @@ -277,6 +277,12 @@ void QQuickWebEngineProfilePrivate::downloadUpdated(const DownloadItemInfo &info } } +void QQuickWebEngineProfilePrivate::useForGlobalCertificateVerificationChanged() +{ + Q_Q(QQuickWebEngineProfile); + Q_EMIT q->useForGlobalCertificateVerificationChanged(); +} + void QQuickWebEngineProfilePrivate::userScripts_append(QQmlListProperty<QQuickWebEngineScript> *p, QQuickWebEngineScript *script) { Q_ASSERT(p && p->data); @@ -787,6 +793,60 @@ bool QQuickWebEngineProfile::isSpellCheckEnabled() const } /*! + \qmlproperty bool WebEngineProfile::useForGlobalCertificateVerification + \since QtWebEngine 1.9 + + This property controls if this profile is used for global certificate verification. + Only one profile may have that role at any time. + + Current only offect Linux/NSS installation where having a profile with this role + enables OCSP. + + By default no profile has this enabled. + + \sa QQuickWebEngineProfile::setUseForGlobalCertificateVerification() +*/ + +/*! + \since 5.13 + + If enabled set this profile to be used for downloading and caching when needed + during certificate verification, for instance for OCSP, CRLs, and AIA. + + Only one profile can do this at a time, and it is recommended that the profile + fullfilling this role has a disk HTTP cache to avoid needlessly re-downloading. + + Currently only affects Linux/NSS installations where it enables OCSP. + + As long as one profile has this option enabled, all other profiles will be + able to use it for their certificate verification. + + \sa isUsedForGlobalCertificateVerification() +*/ +void QQuickWebEngineProfile::setUseForGlobalCertificateVerification(bool enable) +{ + Q_D(QQuickWebEngineProfile); + if (enable != d->profileAdapter()->isUsedForGlobalCertificateVerification()) { + d->profileAdapter()->setUseForGlobalCertificateVerification(enable); + emit useForGlobalCertificateVerificationChanged(); + } +} + +/*! + \since 5.13 + + Returns \c true if this profile is currently being used for global + certificate verification. + + \sa setUseForGlobalCertificateVerification() +*/ +bool QQuickWebEngineProfile::isUsedForGlobalCertificateVerification() const +{ + const Q_D(QQuickWebEngineProfile); + return d->profileAdapter()->isUsedForGlobalCertificateVerification(); +} + +/*! Returns the cookie store for this profile. */ |