From 2710c66f0c27874aa455be91a6c24c7fd7fa7523 Mon Sep 17 00:00:00 2001
From: Viktor Engelmann <viktor.engelmann@qt.io>
Date: Wed, 4 Jan 2017 14:43:33 +0100
Subject: Add https to list of internal schemes

Since https is an internal scheme, it should be in this list of
internal schems.
This also prevents custom custom QWebEngineUrlSchemeHandlers to
register "https". Although it is debatable whether this is necessary,
https should be held to at least the same security standards as http,
which is also in that list.

Task-number: QTBUG-56894
Change-Id: I83d0130541fe3b5831bf29d429bad89a8fc5408c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
---
 src/webenginewidgets/api/qwebengineprofile.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/webenginewidgets/api/qwebengineprofile.cpp')

diff --git a/src/webenginewidgets/api/qwebengineprofile.cpp b/src/webenginewidgets/api/qwebengineprofile.cpp
index adafc1544..18b9cb487 100644
--- a/src/webenginewidgets/api/qwebengineprofile.cpp
+++ b/src/webenginewidgets/api/qwebengineprofile.cpp
@@ -643,7 +643,8 @@ static bool checkInternalScheme(const QByteArray &scheme)
     static QSet<QByteArray> internalSchemes;
     if (internalSchemes.isEmpty()) {
         internalSchemes << QByteArrayLiteral("qrc") << QByteArrayLiteral("data") << QByteArrayLiteral("blob")
-                        << QByteArrayLiteral("http") << QByteArrayLiteral("ftp") << QByteArrayLiteral("javascript");
+                        << QByteArrayLiteral("http") << QByteArrayLiteral("https") << QByteArrayLiteral("ftp")
+                        << QByteArrayLiteral("javascript");
     }
     return internalSchemes.contains(scheme);
 }
-- 
cgit v1.2.3