diff options
Diffstat (limited to 'src/webenginewidgets/doc/src/qwebenginesecurityorigin_lgpl.qdoc')
-rw-r--r-- | src/webenginewidgets/doc/src/qwebenginesecurityorigin_lgpl.qdoc | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/src/webenginewidgets/doc/src/qwebenginesecurityorigin_lgpl.qdoc b/src/webenginewidgets/doc/src/qwebenginesecurityorigin_lgpl.qdoc new file mode 100644 index 000000000..396ec94d8 --- /dev/null +++ b/src/webenginewidgets/doc/src/qwebenginesecurityorigin_lgpl.qdoc @@ -0,0 +1,148 @@ +/* + Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. +*/ + +// The documentation in this file was imported from QtWebKit and is thus constrained +// by its LGPL license. Documentation written from scratch for new methods should be +// placed inline in the code as usual. + +/*! + \class QWebSecurityOrigin + \since 4.5 + \brief The QWebSecurityOrigin class defines a security boundary for web sites. + + \inmodule QtWebKit + + QWebSecurityOrigin provides access to the security domains defined by web sites. + An origin consists of a host name, a scheme, and a port number. Web sites + with the same security origin can access each other's resources for client-side + scripting or databases. + + For example the site \c{http://www.example.com/my/page.html} is allowed to share the same + database as \c{http://www.example.com/my/overview.html}, or access each other's + documents when used in HTML frame sets and JavaScript. At the same time it prevents + \c{http://www.malicious.com/evil.html} from accessing \c{http://www.example.com/}'s resources, + because they are of a different security origin. + + By default local schemes like \c{file://} and \c{qrc://} are concidered to be in the same + security origin, and can access each other's resources. You can add additional local schemes + by using QWebSecurityOrigin::addLocalScheme(), or override the default same-origin behavior + by setting QWebSettings::LocalContentCanAccessFileUrls to \c{false}. + + \note Local resources are by default restricted from accessing remote content, which + means your \c{file://} will not be able to access \c{http://domain.com/foo.html}. You + can relax this restriction by setting QWebSettings::LocalContentCanAccessRemoteUrls to + \c{true}. + + Call QWebFrame::securityOrigin() to get the QWebSecurityOrigin for a frame in a + web page, and use host(), scheme() and port() to identify the security origin. + + Use databases() to access the databases defined within a security origin. The + disk usage of the origin's databases can be limited with setDatabaseQuota(). + databaseQuota() and databaseUsage() report the current limit as well as the + current usage. + + For more information refer to the + \l{http://en.wikipedia.org/wiki/Same_origin_policy}{"Same origin policy" Wikipedia Article}. + + \sa QWebFrame::securityOrigin() +*/ + +/*! + \fn QString QWebSecurityOrigin::scheme() const + Returns the scheme defining the security origin. +*/ + +/*! + \fn QString QWebSecurityOrigin::host() const + Returns the host name defining the security origin. +*/ + +/*! + \fn int QWebSecurityOrigin::port() const + Returns the port number defining the security origin. +*/ + +/*! + \fn qint64 QWebSecurityOrigin::databaseUsage() const + Returns the number of bytes all databases in the security origin + use on the disk. +*/ + +/*! + \fn qint64 QWebSecurityOrigin::databaseQuota() const + Returns the quota for the databases in the security origin. +*/ + +/*! + \fn void QWebSecurityOrigin::setDatabaseQuota(qint64 quota) + Sets the quota for the databases in the security origin to \a quota bytes. + + If the quota is set to a value less than the current usage, the quota will remain + and no data will be purged to meet the new quota. However, no new data can be added + to databases in this origin. +*/ + +/*! + \fn QWebSecurityOrigin::~QWebSecurityOrigin() + Destroys the security origin. +*/ + +/*! + \fn QList<QWebSecurityOrigin> QWebSecurityOrigin::allOrigins() + Returns a list of all security origins with a database quota defined. +*/ + +/*! + \fn QList<QWebDatabase> QWebSecurityOrigin::databases() const + Returns a list of all databases defined in the security origin. +*/ + +/*! + \fn void QWebSecurityOrigin::addLocalScheme(const QString& scheme) + \since 4.6 + + Adds the given \a scheme to the list of schemes that are considered equivalent + to the \c file: scheme. + + Cross domain restrictions depend on the two web settings QWebSettings::LocalContentCanAccessFileUrls + and QWebSettings::LocalContentCanAccessFileUrls. By default all local schemes are concidered to be + in the same security origin, and local schemes can not access remote content. +*/ + +/*! + \fn void QWebSecurityOrigin::removeLocalScheme(const QString& scheme) + \since 4.6 + + Removes the given \a scheme from the list of local schemes. + + \note You can not remove the \c{file://} scheme from the list + of local schemes. + + \sa addLocalScheme() +*/ + +/*! + \fn QStringList QWebSecurityOrigin::localSchemes() + \since 4.6 + Returns a list of all the schemes concidered to be local. + + By default this is \c{file://} and \c{qrc://}. + + \sa addLocalScheme(), removeLocalScheme() +*/ |