qwebsocketcorsauthenticator.cpp source code [qtwebsockets/src/websockets/qwebsocketcorsauthenticator.cpp]

1	/****************************************************************************
2	**
3	** Copyright (C) 2016 Kurt Pattyn <pattyn.kurt@gmail.com>.
4	** Contact: https://www.qt.io/licensing/
5	**
6	** This file is part of the QtWebSockets module of the Qt Toolkit.
7	**
8	** $QT_BEGIN_LICENSE:LGPL$
9	** Commercial License Usage
10	** Licensees holding valid commercial Qt licenses may use this file in
11	** accordance with the commercial license agreement provided with the
12	** Software or, alternatively, in accordance with the terms contained in
13	** a written agreement between you and The Qt Company. For licensing terms
14	** and conditions see https://www.qt.io/terms-conditions. For further
15	** information use the contact form at https://www.qt.io/contact-us.
16	**
17	** GNU Lesser General Public License Usage
18	** Alternatively, this file may be used under the terms of the GNU Lesser
19	** General Public License version 3 as published by the Free Software
20	** Foundation and appearing in the file LICENSE.LGPL3 included in the
21	** packaging of this file. Please review the following information to
22	** ensure the GNU Lesser General Public License version 3 requirements
23	** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
24	**
25	** GNU General Public License Usage
26	** Alternatively, this file may be used under the terms of the GNU
27	** General Public License version 2.0 or (at your option) the GNU General
28	** Public license version 3 or any later version approved by the KDE Free
29	** Qt Foundation. The licenses are as published by the Free Software
30	** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
31	** included in the packaging of this file. Please review the following
32	** information to ensure the GNU General Public License requirements will
33	** be met: https://www.gnu.org/licenses/gpl-2.0.html and
34	** https://www.gnu.org/licenses/gpl-3.0.html.
35	**
36	** $QT_END_LICENSE$
37	**
38	****************************************************************************/
39
40	/!*
41	\class QWebSocketCorsAuthenticator
42
43	\inmodule QtWebSockets
44	\since 5.3
45	\brief The QWebSocketCorsAuthenticator class provides an authenticator object for
46	Cross Origin Requests (CORS).
47
48	The QWebSocketCorsAuthenticator class is used in the
49	\l{QWebSocketServer::}{originAuthenticationRequired()} signal.
50	The class provides a way to pass back the required information to the QWebSocketServer.
51	It provides applications with fine-grained control over which origin URLs are allowed
52	and which aren't.
53	By default, every origin is accepted.
54	To get fine-grained control, an application connects the
55	\l{QWebSocketServer::}{originAuthenticationRequired()} signal to a slot.
56	When the origin (QWebSocketCorsAuthenticator::origin()) is accepted,
57	it calls QWebSocketCorsAuthenticator::setAllowed(true)
58
59	\note Checking on the origin does not make much sense when the server is accessed
60	via a non-browser client, as that client can set whatever origin header it likes.
61	In case of a browser client, the server SHOULD check the validity of the origin.
62	\sa {WebSocket Security Considerations}
63
64	\sa QWebSocketServer
65	*/
66
67	#include "qwebsocketcorsauthenticator.h"
68	#include "qwebsocketcorsauthenticator_p.h"
69
70	QT_BEGIN_NAMESPACE
71
72	/!*
73	\internal
74	*/
75	QWebSocketCorsAuthenticatorPrivate::QWebSocketCorsAuthenticatorPrivate(const QString &origin,
76	bool allowed) :
77	m_origin (origin),
78	m_isAllowed(allowed)
79	{}
80
81	/!*
82	Destroys the object.
83	*/
84	QWebSocketCorsAuthenticatorPrivate::~QWebSocketCorsAuthenticatorPrivate()
85	{}
86
87	/!*
88	Constructs a new QCorsAuthencator object with the given \a origin.
89	\note By default, allowed() returns true. This means that per default every origin is accepted.
90	*/
91	QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(const QString &origin) :
92	d_ptr (new QWebSocketCorsAuthenticatorPrivate (origin, true))
93	{
94	}
95
96	/!*
97	Destroys the object.
98	*/
99	QWebSocketCorsAuthenticator::~QWebSocketCorsAuthenticator()
100	{
101	}
102
103	/!*
104	Constructs a copy of \a other.
105	*/
106	QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(const QWebSocketCorsAuthenticator &other) :
107	d_ptr (new QWebSocketCorsAuthenticatorPrivate (other.d_ptr ->m_origin, other.d_ptr ->m_isAllowed))
108	{
109	}
110
111	/!*
112	Assigns \a other to this authenticator object.
113	*/
114	QWebSocketCorsAuthenticator &
115	QWebSocketCorsAuthenticator::operator =(const QWebSocketCorsAuthenticator &other)
116	{
117	Q_D(QWebSocketCorsAuthenticator);
118	if (this != &other) {
119	d->m_origin = other.d_ptr ->m_origin;
120	d->m_isAllowed = other.d_ptr ->m_isAllowed;
121	}
122	return *this;
123	}
124
125	#ifdef Q_COMPILER_RVALUE_REFS
126	/!*
127	Move-constructs a QWebSocketCorsAuthenticator, making it point at the same
128	object \a other was pointing to.
129	*/
130	QWebSocketCorsAuthenticator::QWebSocketCorsAuthenticator(QWebSocketCorsAuthenticator &&other) :
131	d_ptr (other.d_ptr.take())
132	{}
133
134	/!*
135	Move-assigns \a other to this instance.
136	*/
137	QWebSocketCorsAuthenticator &
138	QWebSocketCorsAuthenticator::operator =(QWebSocketCorsAuthenticator &&other)
139	{
140	qSwap(value1&: d_ptr, value2&: other.d_ptr);
141	return *this;
142	}
143
144	#endif
145
146	/!*
147	Swaps \a other with this authenticator.
148
149	This operation is very fast and never fails.
150	*/
151	void QWebSocketCorsAuthenticator::swap(QWebSocketCorsAuthenticator &other)
152	{
153	if (&other != this)
154	qSwap(value1&: d_ptr, value2&: other.d_ptr);
155	}
156
157	/!*
158	Returns the origin this autenticator is handling about.
159	*/
160	QString QWebSocketCorsAuthenticator::origin() const
161	{
162	Q_D(const QWebSocketCorsAuthenticator);
163	return d->m_origin;
164	}
165
166	/!*
167	Allows or disallows the origin. Setting \a allowed to true, will accept the connection request
168	for the given origin.
169
170	Setting \a allowed to false, will reject the connection request.
171
172	\note By default, all origins are accepted.
173	*/
174	void QWebSocketCorsAuthenticator::setAllowed(bool allowed)
175	{
176	Q_D(QWebSocketCorsAuthenticator);
177	d->m_isAllowed = allowed;
178	}
179
180	/!*
181	Returns true if the origin is allowed, otherwise returns false.
182
183	\note By default, all origins are accepted.
184	*/
185	bool QWebSocketCorsAuthenticator::allowed() const
186	{
187	Q_D(const QWebSocketCorsAuthenticator);
188	return d->m_isAllowed;
189	}
190
191	QT_END_NAMESPACE
192

source code of qtwebsockets/src/websockets/qwebsocketcorsauthenticator.cpp