2 QWebSockets implements the WebSocket protocol as defined in RFC 6455.
3 Copyright (C) 2013 Kurt Pattyn (pattyn.kurt@gmail.com)
5 This library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 This library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with this library; if not, write to the Free Software
17 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 \class QCorsAuthenticator
24 \brief The QCorsAuthenticator class provides an authenticator object for Cross Origin Requests (CORS).
26 The QCorsAuthenticator class is used in the \l{QWebSocketServer::}{originAuthenticationRequired()} signal.
27 The class provides a way to pass back the required information to the QWebSocketServer.
28 It provides applications with fine-grained control over which origin URLs are allowed and which aren't.
29 By default, every origin is accepted.
30 To get fine grained control, an application connects the \l{QWebSocketServer::}{originAuthenticationRequired()} signal to
31 a slot. When the origin (QCorsAuthenticator::origin()) is accepted, it calls QCorsAuthenticator::setAllowed(true)
33 \note Checking on the origin does not make much sense when the server is accessed
34 via a non-browser client, as that client can set whatever origin header it likes.
35 In case of a browser client, the server SHOULD check the validity of the origin.
36 \sa http://tools.ietf.org/html/rfc6455#section-10
41 #include "qcorsauthenticator.h"
42 #include "qcorsauthenticator_p.h"
49 QCorsAuthenticatorPrivate::QCorsAuthenticatorPrivate(const QString &origin, bool allowed) :
57 QCorsAuthenticatorPrivate::~QCorsAuthenticatorPrivate()
61 Constructs a new QCorsAuthencator object with the given \a origin.
62 \note By default, allowed() returns true. This means that per default every origin is accepted.
64 QCorsAuthenticator::QCorsAuthenticator(const QString &origin) :
65 d_ptr(new QCorsAuthenticatorPrivate(origin, true)) //all origins are per default allowed
72 QCorsAuthenticator::~QCorsAuthenticator()
81 Constructs a coy of \a other
83 QCorsAuthenticator::QCorsAuthenticator(const QCorsAuthenticator &other) :
84 d_ptr(new QCorsAuthenticatorPrivate(other.d_ptr->m_origin, other.d_ptr->m_isAllowed))
89 Assigns \a other to this authenticator object
91 QCorsAuthenticator &QCorsAuthenticator::operator =(const QCorsAuthenticator &other)
93 Q_D(QCorsAuthenticator);
96 d->m_origin = other.d_ptr->m_origin;
97 d->m_isAllowed = other.d_ptr->m_isAllowed;
103 Returns the origin this autenticator is handling about.
105 QString QCorsAuthenticator::origin() const
107 Q_D(const QCorsAuthenticator);
112 Allows or disallows the origin. Setting \a allowed to true, will accept the connection request for the given origin.
113 Setting \a allowed to false, will reject the connection request.
115 \note By default, all origins are accepted.
117 void QCorsAuthenticator::setAllowed(bool allowed)
119 Q_D(QCorsAuthenticator);
120 d->m_isAllowed = allowed;
124 Returns true if the origin is allowed, otherwise returns false.
126 \note By default, all origins are accepted.
128 bool QCorsAuthenticator::allowed() const
130 Q_D(const QCorsAuthenticator);
131 return d->m_isAllowed;