1 /****************************************************************************
3 ** Copyright (C) 2014 Kurt Pattyn <pattyn.kurt@gmail.com>.
4 ** Contact: http://www.qt-project.org/legal
6 ** This file is part of the QtWebSockets module of the Qt Toolkit.
8 ** $QT_BEGIN_LICENSE:LGPL21$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and Digia. For licensing terms and
14 ** conditions see http://qt.digia.com/licensing. For further information
15 ** use the contact form at http://qt.digia.com/contact-us.
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 2.1 or version 3 as published by the Free
20 ** Software Foundation and appearing in the file LICENSE.LGPLv21 and
21 ** LICENSE.LGPLv3 included in the packaging of this file. Please review the
22 ** following information to ensure the GNU Lesser General Public License
23 ** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
24 ** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
26 ** In addition, as a special exception, Digia gives you certain additional
27 ** rights. These rights are described in the Digia Qt LGPL Exception
28 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
32 ****************************************************************************/
35 \class QWebSocketCorsAuthenticator
37 \inmodule QtWebSockets
38 \brief The QWebSocketCorsAuthenticator class provides an authenticator object for
39 Cross Origin Requests (CORS).
41 The QWebSocketCorsAuthenticator class is used in the
42 \l{QWebSocketServer::}{originAuthenticationRequired()} signal.
43 The class provides a way to pass back the required information to the QWebSocketServer.
44 It provides applications with fine-grained control over which origin URLs are allowed
46 By default, every origin is accepted.
47 To get fine-grained control, an application connects the
48 \l{QWebSocketServer::}{originAuthenticationRequired()} signal to a slot.
49 When the origin (QWebSocketCorsAuthenticator::origin()) is accepted,
50 it calls QWebSocketCorsAuthenticator::setAllowed(true)
52 \note Checking on the origin does not make much sense when the server is accessed
53 via a non-browser client, as that client can set whatever origin header it likes.
54 In case of a browser client, the server SHOULD check the validity of the origin.
55 \sa http://tools.ietf.org/html/rfc6455#section-10
60 #include "qwebsocketcorsauthenticator.h"
61 #include "qwebsocketcorsauthenticator_p.h"
68 QWebSocketCorsAuthenticatorPrivate::QWebSocketCorsAuthenticatorPrivate(const QString &origin,
77 QWebSocketCorsAuthenticatorPrivate::~QWebSocketCorsAuthenticatorPrivate()
81 Constructs a new QCorsAuthencator object with the given \a origin.
82 \note By default, allowed() returns true. This means that per default every origin is accepted.
84 QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(const QString &origin) :
85 d_ptr(new QWebSocketCorsAuthenticatorPrivate(origin, true))
92 QWebSocketCorsAuthenticator::~QWebSocketCorsAuthenticator()
97 Constructs a copy of \a other.
99 QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(const QWebSocketCorsAuthenticator &other) :
100 d_ptr(new QWebSocketCorsAuthenticatorPrivate(other.d_ptr->m_origin, other.d_ptr->m_isAllowed))
105 Assigns \a other to this authenticator object.
107 QWebSocketCorsAuthenticator &
108 QWebSocketCorsAuthenticator::operator =(const QWebSocketCorsAuthenticator &other)
110 Q_D(QWebSocketCorsAuthenticator);
111 if (this != &other) {
112 d->m_origin = other.d_ptr->m_origin;
113 d->m_isAllowed = other.d_ptr->m_isAllowed;
118 #ifdef Q_COMPILER_RVALUE_REFS
120 Move-constructs a QWebSocketCorsAuthenticator, making it point at the same
121 object \a other was pointing to.
123 QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(QWebSocketCorsAuthenticator &&other) :
124 d_ptr(other.d_ptr.take())
128 Move-assigns \a other to this instance.
130 QWebSocketCorsAuthenticator &
131 QWebSocketCorsAuthenticator::operator =(QWebSocketCorsAuthenticator &&other)
133 qSwap(d_ptr, other.d_ptr);
140 Swaps \a other with this authenticator.
142 This operation is very fast and never fails.
144 void QWebSocketCorsAuthenticator::swap(QWebSocketCorsAuthenticator &other)
147 qSwap(d_ptr, other.d_ptr);
151 Returns the origin this autenticator is handling about.
153 QString QWebSocketCorsAuthenticator::origin() const
155 Q_D(const QWebSocketCorsAuthenticator);
160 Allows or disallows the origin. Setting \a allowed to true, will accept the connection request
161 for the given origin.
163 Setting \a allowed to false, will reject the connection request.
165 \note By default, all origins are accepted.
167 void QWebSocketCorsAuthenticator::setAllowed(bool allowed)
169 Q_D(QWebSocketCorsAuthenticator);
170 d->m_isAllowed = allowed;
174 Returns true if the origin is allowed, otherwise returns false.
176 \note By default, all origins are accepted.
178 bool QWebSocketCorsAuthenticator::allowed() const
180 Q_D(const QWebSocketCorsAuthenticator);
181 return d->m_isAllowed;