mirror of
https://github.com/qbittorrent/qBittorrent
synced 2025-07-10 07:22:47 -07:00
WebUI: Implement "Secure" flag for session cookie
Closes #11724. Option is enabled by default for users using qBittorrent's built-in HTTPS capabilities. This flag will never be set if qBittorrent is using plain HTTP. Users using HTTPS reverse proxies, like "qbt <-> (http) <-> proxy <-> (https) <-> user" should override the flag in the proxy in order to set it, if they wish to do so.
This commit is contained in:
parent
18de63f743
commit
691d5e5d89
8 changed files with 37 additions and 0 deletions
|
@ -409,6 +409,8 @@ OptionsDialog::OptionsDialog(QWidget *parent)
|
|||
connect(m_ui->spinSessionTimeout, qSpinBoxValueChanged, this, &ThisType::enableApplyButton);
|
||||
connect(m_ui->checkClickjacking, &QCheckBox::toggled, this, &ThisType::enableApplyButton);
|
||||
connect(m_ui->checkCSRFProtection, &QCheckBox::toggled, this, &ThisType::enableApplyButton);
|
||||
connect(m_ui->checkWebUiHttps, &QGroupBox::toggled, m_ui->checkSecureCookie, &QWidget::setEnabled);
|
||||
connect(m_ui->checkSecureCookie, &QCheckBox::toggled, this, &ThisType::enableApplyButton);
|
||||
connect(m_ui->groupHostHeaderValidation, &QGroupBox::toggled, this, &ThisType::enableApplyButton);
|
||||
connect(m_ui->checkDynDNS, &QGroupBox::toggled, this, &ThisType::enableApplyButton);
|
||||
connect(m_ui->comboDNSService, qComboBoxCurrentIndexChanged, this, &ThisType::enableApplyButton);
|
||||
|
@ -793,6 +795,7 @@ void OptionsDialog::saveOptions()
|
|||
// Security
|
||||
pref->setWebUiClickjackingProtectionEnabled(m_ui->checkClickjacking->isChecked());
|
||||
pref->setWebUiCSRFProtectionEnabled(m_ui->checkCSRFProtection->isChecked());
|
||||
pref->setWebUiSecureCookieEnabled(m_ui->checkSecureCookie->isChecked());
|
||||
pref->setWebUIHostHeaderValidationEnabled(m_ui->groupHostHeaderValidation->isChecked());
|
||||
// DynDNS
|
||||
pref->setDynDNSEnabled(m_ui->checkDynDNS->isChecked());
|
||||
|
@ -1165,6 +1168,8 @@ void OptionsDialog::loadOptions()
|
|||
// Security
|
||||
m_ui->checkClickjacking->setChecked(pref->isWebUiClickjackingProtectionEnabled());
|
||||
m_ui->checkCSRFProtection->setChecked(pref->isWebUiCSRFProtectionEnabled());
|
||||
m_ui->checkSecureCookie->setEnabled(pref->isWebUiHttpsEnabled());
|
||||
m_ui->checkSecureCookie->setChecked(pref->isWebUiSecureCookieEnabled());
|
||||
m_ui->groupHostHeaderValidation->setChecked(pref->isWebUIHostHeaderValidationEnabled());
|
||||
|
||||
m_ui->checkDynDNS->setChecked(pref->isDynDNSEnabled());
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue