github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-07-13 00:33:09 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Add ability to send custom HTTP headers

Browse source
This commit is contained in:
Chocobo1 2020-04-22 17:15:12 +08:00
parent f1d02c6aee
commit bb80b378c1
No known key found for this signature in database
GPG key ID: 210D9C873253A68C
8 changed files with 123 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
src/webui/webapplication.cpp
View file

@ -347,6 +347,27 @@ void WebApplication::configure()
: QLatin1String("default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none'; form-action 'self';"))
+ (m_isClickjackingProtectionEnabled ? QLatin1String(" frame-ancestors 'self';") : QLatin1String(""))
+ (m_isHttpsEnabled ? QLatin1String(" upgrade-insecure-requests;") : QLatin1String(""));
m_useCustomHTTPHeaders = pref->isWebUICustomHTTPHeadersEnabled();
m_customHTTPHeaders.clear();
if (m_useCustomHTTPHeaders) {
const QString customHeaders = pref->getWebUICustomHTTPHeaders().trimmed();
const QVector<QStringRef> customHeaderLines = customHeaders.splitRef('\n', QString::SkipEmptyParts);
m_customHTTPHeaders.reserve(customHeaderLines.size());
for (const QStringRef &line : customHeaderLines) {
const int idx = line.indexOf(':');
if (idx < 0) {
// require separator `:` to be present even if `value` field can be empty
LogMsg(tr("Missing ':' separator in WebUI custom HTTP header: \"%1\"").arg(line.toString()), Log::WARNING);
continue;
}
const QString header = line.left(idx).trimmed().toString();
const QString value = line.mid(idx + 1).trimmed().toString();
m_customHTTPHeaders.push_back({header, value});
}
}
}
void WebApplication::registerAPIController(const QString &scope, APIController *controller)
@ -451,6 +472,11 @@ Http::Response WebApplication::processRequest(const Http::Request &request, cons
if (!m_contentSecurityPolicy.isEmpty())
header(QLatin1String(Http::HEADER_CONTENT_SECURITY_POLICY), m_contentSecurityPolicy);
if (m_useCustomHTTPHeaders) {
for (const CustomHTTPHeader &i : asConst(m_customHTTPHeaders))
header(i.name, i.value);
}
return response();
}