diff options
| author | Tarja Sundqvist <tarja.sundqvist@qt.io> | 2024-06-11 13:21:32 +0300 |
|---|---|---|
| committer | Tarja Sundqvist <tarja.sundqvist@qt.io> | 2024-06-11 13:31:01 +0300 |
| commit | 3cd4e0aa7961889eb06374885ed648f5b9bd85bc (patch) | |
| tree | 6a089aedea155b1f1a74b553f4d1b57c70554a8f /src/core/api/qwebengineurlschemehandler.cpp | |
| parent | 6d029165d1593c514db08c34d6b08a00a4435d5e (diff) | |
| parent | 38063a6332b9f948a0381763271e9a9ac7af0999 (diff) | |
Merge tag 'v6.2.9-lts' into tqtc/lts-6.2-opensource6.2.9
Qt 6.2.9-lts release
Conflicts solved:
dependencies.yaml
examples/webenginewidgets/push-notifications/CMakeLists.txt
Change-Id: I0127c2575369f6939df89f3301659470d481b9bf
Diffstat (limited to 'src/core/api/qwebengineurlschemehandler.cpp')
| -rw-r--r-- | src/core/api/qwebengineurlschemehandler.cpp | 33 |
1 files changed, 30 insertions, 3 deletions
diff --git a/src/core/api/qwebengineurlschemehandler.cpp b/src/core/api/qwebengineurlschemehandler.cpp index e78a206d6..e01ecef49 100644 --- a/src/core/api/qwebengineurlschemehandler.cpp +++ b/src/core/api/qwebengineurlschemehandler.cpp @@ -12,9 +12,23 @@ QT_BEGIN_NAMESPACE \brief The QWebEngineUrlSchemeHandler class is a base class for handling custom URL schemes. \since 5.6 + A custom scheme handler is, broadly speaking, similar to a web application + served over HTTP. However, because custom schemes are integrated directly + into the web engine, they have the advantage in terms of efficiency and security: + There is no need for generating and parsing HTTP messages or for transferring data + over sockets, nor any way to intercept or monitor the traffic. + To implement a custom URL scheme for QtWebEngine, you first have to create an instance of QWebEngineUrlScheme and register it using QWebEngineUrlScheme::registerScheme(). + As custom schemes are integrated directly into the web engine, they do not + necessarily need to follow the standard security rules which apply to + ordinary web content. Depending on the chosen configuration, content served + over a custom scheme may be given access to local resources, be set to + ignore Content-Security-Policy rules, or conversely, be denied access to any + other content entirely. If it is to be accessed by normal content, ensure cross-origin + access is enabled, and if accessed from HTTPS that it is marked as secure. + \note Make sure that you create and register the scheme object \e before the QGuiApplication or QApplication object is instantiated. @@ -30,10 +44,23 @@ QT_BEGIN_NAMESPACE { public: MySchemeHandler(QObject *parent = nullptr); - void requestStarted(QWebEngineUrlRequestJob *request) + void requestStarted(QWebEngineUrlRequestJob *job) { - // .... + const QByteArray method = job->requestMethod(); + const QUrl url = job->requestUrl(); + + if (isValidUrl(url)) { + if (method == QByteArrayLiteral("GET")) { + job->reply(QByteArrayLiteral("text/html"), makeReply(url)); + else // Unsupported method + job->fail(QWebEngineUrlRequestJob::RequestDenied); + } else { + // Invalid URL + job->fail(QWebEngineUrlRequestJob::UrlNotFound); + } } + bool isValidUrl(const QUrl &url) const // .... + QIODevice *makeReply(const QUrl &url) // .... }; int main(int argc, char **argv) @@ -56,7 +83,7 @@ QT_BEGIN_NAMESPACE \inmodule QtWebEngineCore - \sa {QWebEngineUrlScheme}, {WebEngine Widgets WebUI Example} + \sa {QWebEngineUrlScheme} */ /*! |