The QWebSocketCorsAuthenticator class provides an authenticator object for Cross Origin Requests (CORS). More...
Header: | #include <QWebSocketCorsAuthenticator> |
qmake: | QT += websockets |
Since: | Qt 5.3 |
QWebSocketCorsAuthenticator(const QString &origin) | |
QWebSocketCorsAuthenticator(const QWebSocketCorsAuthenticator &other) | |
QWebSocketCorsAuthenticator(QWebSocketCorsAuthenticator &&other) | |
~QWebSocketCorsAuthenticator() | |
bool | allowed() const |
QString | origin() const |
void | setAllowed(bool allowed) |
void | swap(QWebSocketCorsAuthenticator &other) |
QWebSocketCorsAuthenticator & | operator=(QWebSocketCorsAuthenticator &&other) |
QWebSocketCorsAuthenticator & | operator=(const QWebSocketCorsAuthenticator &other) |
The QWebSocketCorsAuthenticator class provides an authenticator object for Cross Origin Requests (CORS).
The QWebSocketCorsAuthenticator class is used in the originAuthenticationRequired() signal. The class provides a way to pass back the required information to the QWebSocketServer. It provides applications with fine-grained control over which origin URLs are allowed and which aren't. By default, every origin is accepted. To get fine-grained control, an application connects the originAuthenticationRequired() signal to a slot. When the origin (QWebSocketCorsAuthenticator::origin()) is accepted, it calls QWebSocketCorsAuthenticator::setAllowed(true)
Note: Checking on the origin does not make much sense when the server is accessed via a non-browser client, as that client can set whatever origin header it likes. In case of a browser client, the server SHOULD check the validity of the origin.
See also WebSocket Security Considerations and QWebSocketServer.
Constructs a new QCorsAuthencator object with the given origin.
Note: By default, allowed() returns true. This means that per default every origin is accepted.
Constructs a copy of other.
Move-constructs a QWebSocketCorsAuthenticator, making it point at the same object other was pointing to.
Destroys the object.
Returns true if the origin is allowed, otherwise returns false.
Note: By default, all origins are accepted.
See also setAllowed().
Returns the origin this autenticator is handling about.
Allows or disallows the origin. Setting allowed to true, will accept the connection request for the given origin.
Setting allowed to false, will reject the connection request.
Note: By default, all origins are accepted.
See also allowed().
Swaps other with this authenticator.
This operation is very fast and never fails.
Move-assigns other to this instance.
Assigns other to this authenticator object.