[Development] QNetworkRequest: allow overriding connect host

Thiago Macieira thiago.macieira at intel.com
Fri May 10 01:54:42 CEST 2013


On quinta-feira, 9 de maio de 2013 16.44.10, Justin Karneges wrote:
> Hi people,
> 
> I discussed this feature with Shane and went ahead and made a patch.
> 
> The idea is to be able to explicitly specify a TCP host/port target for
> an HTTP request, while leaving everything else alone. The HTTP Host
> header, TLS certificate validation, and TLS server name indication would
> all go against the host from the URL.
> 
> I personally need this feature so I can enforce IP address restrictions
> on HTTP requests. My application resolves the host from the URL in
> advance, and if the IP address is allowed then I use it as the connect
> host when the request is made. Currently, I'm making this work in my
> application by rewriting the URL to contain the IP address and then
> overriding the HTTP Host header with the original host. Unfortunately,
> that approach doesn't work for https URLs. My patch makes things cleaner
> and works with https.
> 
> The feature could also be useful in testing environments. And in
> general, manual connect host overrides are handy to have in protocol
> network libs just in case.

Hi Justin

I understand the feature would be useful in certain conditions, but I'm not 
sure yours is one of them. You can probably just easily override the 
QNetworkAccessManager class and do the IP address verification. If it fails, 
return a QNetworkReply that indicates the error condition. If it passes, 
proceed with the actual QNetworkAccessManager call.

Anyway, for various reasons we can't look at your patch when sent to the 
mailing list (if we did, we would not be able to implement it later 
ourselves). So please upload it to Gerrit and we can have the discussion 
there.

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.qt-project.org/pipermail/development/attachments/20130509/8f4608c9/attachment.sig>


More information about the Development mailing list