1 /****************************************************************************
3 ** Copyright (C) 2014 Kurt Pattyn <pattyn.kurt@gmail.com>.
4 ** Contact: http://www.qt-project.org/legal
6 ** This file is part of the QtWebSockets module of the Qt Toolkit.
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and Digia. For licensing terms and
14 ** conditions see http://qt.digia.com/licensing. For further information
15 ** use the contact form at http://qt.digia.com/contact-us.
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 2.1 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 2.1 requirements
23 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
25 ** In addition, as a special exception, Digia gives you certain additional
26 ** rights. These rights are described in the Digia Qt LGPL Exception
27 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
29 ** GNU General Public License Usage
30 ** Alternatively, this file may be used under the terms of the GNU
31 ** General Public License version 3.0 as published by the Free Software
32 ** Foundation and appearing in the file LICENSE.GPL included in the
33 ** packaging of this file. Please review the following information to
34 ** ensure the GNU General Public License version 3.0 requirements will be
35 ** met: http://www.gnu.org/copyleft/gpl.html.
40 ****************************************************************************/
43 \class QWebSocketCorsAuthenticator
45 \inmodule QtWebSockets
46 \brief The QWebSocketCorsAuthenticator class provides an authenticator object for
47 Cross Origin Requests (CORS).
49 The QWebSocketCorsAuthenticator class is used in the
50 \l{QWebSocketServer::}{originAuthenticationRequired()} signal.
51 The class provides a way to pass back the required information to the QWebSocketServer.
52 It provides applications with fine-grained control over which origin URLs are allowed
54 By default, every origin is accepted.
55 To get fine-grained control, an application connects the
56 \l{QWebSocketServer::}{originAuthenticationRequired()} signal to a slot.
57 When the origin (QWebSocketCorsAuthenticator::origin()) is accepted,
58 it calls QWebSocketCorsAuthenticator::setAllowed(true)
60 \note Checking on the origin does not make much sense when the server is accessed
61 via a non-browser client, as that client can set whatever origin header it likes.
62 In case of a browser client, the server SHOULD check the validity of the origin.
63 \sa http://tools.ietf.org/html/rfc6455#section-10
68 #include "qwebsocketcorsauthenticator.h"
69 #include "qwebsocketcorsauthenticator_p.h"
76 QWebSocketCorsAuthenticatorPrivate::QWebSocketCorsAuthenticatorPrivate(const QString &origin,
85 QWebSocketCorsAuthenticatorPrivate::~QWebSocketCorsAuthenticatorPrivate()
89 Constructs a new QCorsAuthencator object with the given \a origin.
90 \note By default, allowed() returns true. This means that per default every origin is accepted.
92 QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(const QString &origin) :
93 d_ptr(new QWebSocketCorsAuthenticatorPrivate(origin, true))
100 QWebSocketCorsAuthenticator::~QWebSocketCorsAuthenticator()
105 Constructs a copy of \a other.
107 QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(const QWebSocketCorsAuthenticator &other) :
108 d_ptr(new QWebSocketCorsAuthenticatorPrivate(other.d_ptr->m_origin, other.d_ptr->m_isAllowed))
113 Assigns \a other to this authenticator object.
115 QWebSocketCorsAuthenticator &
116 QWebSocketCorsAuthenticator::operator =(const QWebSocketCorsAuthenticator &other)
118 Q_D(QWebSocketCorsAuthenticator);
119 if (this != &other) {
120 d->m_origin = other.d_ptr->m_origin;
121 d->m_isAllowed = other.d_ptr->m_isAllowed;
126 #ifdef Q_COMPILER_RVALUE_REFS
128 Move-constructs a QWebSocketCorsAuthenticator, making it point at the same
129 object \a other was pointing to.
131 QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(QWebSocketCorsAuthenticator &&other) :
132 d_ptr(other.d_ptr.take())
136 Move-assigns \a other to this instance.
138 QWebSocketCorsAuthenticator &
139 QWebSocketCorsAuthenticator::operator =(QWebSocketCorsAuthenticator &&other)
141 qSwap(d_ptr, other.d_ptr);
148 Swaps \a other with this authenticator.
150 This operation is very fast and never fails.
152 void QWebSocketCorsAuthenticator::swap(QWebSocketCorsAuthenticator &other)
155 qSwap(d_ptr, other.d_ptr);
159 Returns the origin this autenticator is handling about.
161 QString QWebSocketCorsAuthenticator::origin() const
163 Q_D(const QWebSocketCorsAuthenticator);
168 Allows or disallows the origin. Setting \a allowed to true, will accept the connection request
169 for the given origin.
171 Setting \a allowed to false, will reject the connection request.
173 \note By default, all origins are accepted.
175 void QWebSocketCorsAuthenticator::setAllowed(bool allowed)
177 Q_D(QWebSocketCorsAuthenticator);
178 d->m_isAllowed = allowed;
182 Returns true if the origin is allowed, otherwise returns false.
184 \note By default, all origins are accepted.
186 bool QWebSocketCorsAuthenticator::allowed() const
188 Q_D(const QWebSocketCorsAuthenticator);
189 return d->m_isAllowed;