Qt
Internal/Contributor docs for the Qt SDK. Note: These are NOT official API docs; those are found at https://doc.qt.io/
Loading...
Searching...
No Matches
qhstspolicy.cpp
Go to the documentation of this file.
1// Copyright (C) 2017 The Qt Company Ltd.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3// Qt-Security score:significant reason:default
4
5#include "qhstspolicy.h"
6
7#include <QtCore/qdatetime.h>
8#include <QtCore/qstring.h>
9
10QT_BEGIN_NAMESPACE
11
12/*!
13 \class QHstsPolicy
14 \brief The QHstsPolicy class specifies that a host supports HTTP Strict Transport
15 Security policy (HSTS).
16 \since 5.9
17 \ingroup network
18 \inmodule QtNetwork
19
20 HSTS policy defines a period of time during which QNetworkAccessManager
21 should only access a host in a secure fashion. HSTS policy is defined by
22 RFC6797.
23
24 You can set expiry time and host name for this policy, and control whether it
25 applies to subdomains, either in the constructor or by calling \l setExpiry(),
26 \l setHost() and \l setIncludesSubDomains().
27
28 \sa QNetworkAccessManager::setStrictTransportSecurityEnabled()
29*/
30
31/*
32 \enum QHstsPolicy::PolicyFlag
33
34 Specifies attributes that a policy can have.
35
36 \value IncludeSubDomains HSTS policy also applies to subdomains.
37*/
38
39class QHstsPolicyPrivate : public QSharedData
40{
41public:
42 QUrl url;
43 QDateTime expiry;
44 bool includeSubDomains = false;
45
46 bool operator == (const QHstsPolicyPrivate &other) const
47 {
48 return url.host() == other.url.host() && expiry == other.expiry
49 && includeSubDomains == other.includeSubDomains;
50 }
51};
52
53/*!
54 \fn bool QHstsPolicy::operator==(const QHstsPolicy &lhs, const QHstsPolicy &rhs)
55
56 Returns \c true if the two policies \a lhs and \a rhs have the same host and
57 expiration date while agreeing on whether to include or exclude subdomains.
58*/
59
60/*!
61 \fn bool QHstsPolicy::operator!=(const QHstsPolicy &lhs, const QHstsPolicy &rhs)
62
63 Returns \c true if the two policies \a lhs and \a rhs do not have the same host
64 or expiration date, or do not agree on whether to include or exclude subdomains.
65*/
66
67/*!
68 \internal
69*/
70bool QHstsPolicy::isEqual(const QHstsPolicy &other) const
71{
72 return *d == *other.d;
73}
74
75/*!
76 Constructs an invalid (expired) policy with empty host name and subdomains
77 not included.
78*/
79QHstsPolicy::QHstsPolicy() : d(new QHstsPolicyPrivate)
80{
81}
82
83/*!
84 \enum QHstsPolicy::PolicyFlag
85
86 \value IncludeSubDomains Indicates whether a policy must include subdomains
87*/
88
89/*!
90 Constructs QHstsPolicy with \a expiry (in UTC); \a flags is a value indicating
91 whether this policy must also include subdomains, \a host data is interpreted
92 according to \a mode.
93
94 \sa QUrl::setHost(), QUrl::ParsingMode, QHstsPolicy::PolicyFlag
95*/
96QHstsPolicy::QHstsPolicy(const QDateTime &expiry, PolicyFlags flags,
97 const QString &host, QUrl::ParsingMode mode)
98 : d(new QHstsPolicyPrivate)
99{
100 d->url.setHost(host, mode);
101 d->expiry = expiry;
102 d->includeSubDomains = flags.testFlag(IncludeSubDomains);
103}
104
105/*!
106 Creates a copy of \a other object.
107*/
108QHstsPolicy::QHstsPolicy(const QHstsPolicy &other)
109 : d(new QHstsPolicyPrivate(*other.d))
110{
111}
112
113/*!
114 Destructor.
115*/
116QHstsPolicy::~QHstsPolicy()
117{
118}
119
120/*!
121 Copy-assignment operator, makes a copy of \a other.
122*/
123QHstsPolicy &QHstsPolicy::operator=(const QHstsPolicy &other)
124{
125 d = other.d;
126 return *this;
127}
128
129/*!
130 Sets a host, \a host data is interpreted according to \a mode parameter.
131
132 \sa host(), QUrl::setHost(), QUrl::ParsingMode
133*/
134void QHstsPolicy::setHost(const QString &host, QUrl::ParsingMode mode)
135{
136 d->url.setHost(host, mode);
137}
138
139/*!
140 Returns a host for a given policy, formatted according to \a options.
141
142 \sa setHost(), QUrl::host(), QUrl::ComponentFormattingOptions
143*/
144QString QHstsPolicy::host(QUrl::ComponentFormattingOptions options) const
145{
146 return d->url.host(options);
147}
148
149/*!
150 Sets the expiration date for the policy (in UTC) to \a expiry.
151
152 \sa expiry()
153*/
154void QHstsPolicy::setExpiry(const QDateTime &expiry)
155{
156 d->expiry = expiry;
157}
158
159/*!
160 Returns the expiration date for the policy (in UTC).
161
162 \sa setExpiry()
163*/
164QDateTime QHstsPolicy::expiry() const
165{
166 return d->expiry;
167}
168
169/*!
170 Sets whether subdomains are included for this policy to \a include.
171
172 \sa includesSubDomains()
173*/
174void QHstsPolicy::setIncludesSubDomains(bool include)
175{
176 d->includeSubDomains = include;
177}
178
179/*!
180 Returns \c true if this policy also includes subdomains.
181
182 \sa setIncludesSubDomains()
183 */
184bool QHstsPolicy::includesSubDomains() const
185{
186 return d->includeSubDomains;
187}
188
189/*!
190 Return \c true if this policy has a valid expiration date and this date
191 is greater than QDateTime::currentGetDateTimeUtc().
192
193 \sa setExpiry(), expiry()
194*/
195bool QHstsPolicy::isExpired() const
196{
197 return !d->expiry.isValid() || d->expiry <= QDateTime::currentDateTimeUtc();
198}
199
200/*!
201 \fn void QHstsPolicy::swap(QHstsPolicy &other)
202 \memberswap{policy}
203*/
204
205QT_END_NAMESPACE