Banning QNetworkAccessManager
Volker Krause
vkrause at kde.org
Mon Feb 3 12:29:47 GMT 2020
On Monday, 3 February 2020 10:49:10 CET David Edmundson wrote:
> I updated:
>
> https://community.kde.org/Policies/API_to_Avoid
>
> Which had no mention of this.
Thanks for taking care of this!
I'd propose a slightly different approach than the per-request all-or-nothing
attribute mentioned in the wiki though, using the redirection policy on QNAM,
which prevents redirects to non-TLS connections:
nam->setRedirectPolicy(QNetworkRequest::NoLessSafeRedirectPolicy);
And while we are at it, let's also enable HSTS:
nam->setStrictTransportSecurityEnabled(true);
nam->enableStrictTransportSecurityStore(true);
Regards,
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20200203/d871d82b/attachment.sig>
More information about the kde-core-devel
mailing list