CopperSpice API  1.9.1
QWebSecurityOrigin Class Reference

The QWebSecurityOrigin class defines a security boundary for web sites. More...

Public Methods

 QWebSecurityOrigin (const QWebSecurityOrigin &other)
 ~QWebSecurityOrigin ()
qint64 databaseQuota () const
QList< QWebDatabasedatabases () const
qint64 databaseUsage () const
QString host () const
QWebSecurityOrigin & operator= (const QWebSecurityOrigin &other)
int port () const
QString scheme () const
void setApplicationCacheQuota (qint64 quota)
void setDatabaseQuota (qint64 quota)

Static Public Methods

static void addLocalScheme (const QString &scheme)
static QList< QWebSecurityOrigin > allOrigins ()
static QStringList localSchemes ()
static void removeLocalScheme (const QString &scheme)


class QWebDatabase
class QWebFrame

Detailed Description

The QWebSecurityOrigin class defines a security boundary for web sites. This class provides access to the security domains defined by web sites. An origin consists of a host name, a scheme, and a port number. Web sites with the same security origin can access each other's resources for client-side scripting or databases.

For example the site is allowed to share the same database as, or access each other's documents when used in HTML frame sets and JavaScript. At the same time it prevents from accessing's resources, because they are of a different security origin.

By default local schemes like file:// and qrc:// are considered to be in the same security origin, and can access each other's resources. You can add additional local schemes by using QWebSecurityOrigin::addLocalScheme(), or override the default same-origin behavior by setting QWebSettings::LocalContentCanAccessFileUrls to false.

Local Resources

Local resources are by default restricted from accessing remote content which means file:// will not be able to access This restriction can be relaxed by setting QWebSettings::LocalContentCanAccessRemoteUrls to true.

Call QWebFrame::securityOrigin() to get the QWebSecurityOrigin for a frame in a web page, and use host(), scheme() and port() to identify the security origin.

Use databases() to access the databases defined within a security origin. The disk usage of the origin's databases can be limited with setDatabaseQuota(). databaseQuota() and databaseUsage() report the current limit as well as the current usage.

For more information refer to the follow article. Same origin policy.

See also

Constructor & Destructor Documentation

QWebSecurityOrigin::~QWebSecurityOrigin ( )

Destroys the security origin.

QWebSecurityOrigin::QWebSecurityOrigin ( const QWebSecurityOrigin &  other)

Constructs a security origin from other.

Method Documentation

void QWebSecurityOrigin::addLocalScheme ( const QString scheme)

Adds the given scheme to the list of schemes that are considered equivalent to the file: scheme.

Cross domain restrictions depend on the two web settings QWebSettings::LocalContentCanAccessFileUrls and QWebSettings::LocalContentCanAccessFileUrls. By default all local schemes are considered to be in the same security origin, and local schemes can not access remote content.

QList< QWebSecurityOrigin > QWebSecurityOrigin::allOrigins ( )

Returns a list of all security origins with a database quota defined.

qint64 QWebSecurityOrigin::databaseQuota ( ) const

Returns the quota for the databases in the security origin.

See also
QList< QWebDatabase > QWebSecurityOrigin::databases ( ) const

Returns a list of all databases defined in the security origin.

qint64 QWebSecurityOrigin::databaseUsage ( ) const

Returns the number of bytes all databases in the security origin use on the disk.

QString QWebSecurityOrigin::host ( ) const

Returns the host name defining the security origin. s

QStringList QWebSecurityOrigin::localSchemes ( )

Returns a list of all the schemes considered to be local. By default this is file:// and qrc://.

See also
addLocalScheme(), removeLocalScheme()
QWebSecurityOrigin & QWebSecurityOrigin::operator= ( const QWebSecurityOrigin &  other)

Copy assigns from other and returns a reference to this object.

int QWebSecurityOrigin::port ( ) const

Returns the port number defining the security origin.

void QWebSecurityOrigin::removeLocalScheme ( const QString scheme)

Removes the given scheme from the list of local schemes.

You can not remove the file:// scheme from the list of local schemes.
See also
QString QWebSecurityOrigin::scheme ( ) const

Returns the scheme defining the security origin.

void QWebSecurityOrigin::setApplicationCacheQuota ( qint64  quota)

Sets the cache quota for the databases in the security origin to quota bytes.

void QWebSecurityOrigin::setDatabaseQuota ( qint64  quota)

Sets the quota for the databases in the security origin to quota bytes.

If the quota is set to a value less than the current usage, the quota will remain and no data will be purged to meet the new quota. However, no new data can be added to databases in this origin.

See also