mirror of
https://invent.kde.org/network/falkon.git
synced 2024-12-20 02:36:34 +01:00
Drop SSLV3Sites workaround
It is no longer needed, but moreover it is now also not wanted due to recent SSLv3 security issues.
This commit is contained in:
parent
3ccb529117
commit
3b38d25277
@ -100,15 +100,9 @@ void NetworkManager::loadSettings()
|
||||
setCache(cache);
|
||||
}
|
||||
|
||||
// Force SSLv3 for servers that doesn't understand TLSv1 handshake
|
||||
QStringList sslv3Sites;
|
||||
sslv3Sites << QLatin1String("centrum.sk") << QLatin1String("centrum.cz") << QLatin1String("oneaccount.com")
|
||||
<< QLatin1String("i0.cz") << QLatin1String("sermepa.es");
|
||||
|
||||
settings.beginGroup("Web-Browser-Settings");
|
||||
m_doNotTrack = settings.value("DoNotTrack", false).toBool();
|
||||
m_sendReferer = settings.value("SendReferer", true).toBool();
|
||||
m_sslv3Sites = settings.value("SSLv3Sites", sslv3Sites).toStringList();
|
||||
settings.endGroup();
|
||||
|
||||
m_acceptLanguage = AcceptLanguage::generateHeader(settings.value("Language/acceptLanguage", AcceptLanguage::defaultLanguage()).toStringList());
|
||||
@ -598,18 +592,6 @@ QNetworkReply* NetworkManager::createRequest(QNetworkAccessManager::Operation op
|
||||
}
|
||||
}
|
||||
|
||||
// Force SSLv3 for servers that doesn't understand TLSv1 handshake
|
||||
if (req.url().scheme() == QLatin1String("https")) {
|
||||
foreach (const QString &host, m_sslv3Sites) {
|
||||
if (QzTools::matchDomain(host, req.url().host())) {
|
||||
QSslConfiguration conf = req.sslConfiguration();
|
||||
conf.setProtocol(QSsl::SslV3);
|
||||
req.setSslConfiguration(conf);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return QNetworkAccessManager::createRequest(op, req, outgoingData);
|
||||
}
|
||||
|
||||
@ -732,7 +714,6 @@ void NetworkManager::saveSettings()
|
||||
settings.endGroup();
|
||||
|
||||
settings.beginGroup("Web-Browser-Settings");
|
||||
settings.setValue("SSLv3Sites", m_sslv3Sites);
|
||||
settings.endGroup();
|
||||
}
|
||||
|
||||
|
@ -76,7 +76,6 @@ private:
|
||||
AdBlockManager* m_adblockManager;
|
||||
NetworkProxyFactory* m_proxyFactory;
|
||||
|
||||
QStringList m_sslv3Sites;
|
||||
QStringList m_certPaths;
|
||||
QList<QSslCertificate> m_caCerts;
|
||||
QList<QSslCertificate> m_localCerts;
|
||||
|
@ -26,38 +26,9 @@
|
||||
void NetworkTest::initTestCase()
|
||||
{
|
||||
m_manager = new QNetworkAccessManager;
|
||||
|
||||
QSslConfiguration conf = QSslConfiguration::defaultConfiguration();
|
||||
conf.setProtocol(QSsl::SslV3);
|
||||
QSslConfiguration::setDefaultConfiguration(conf);
|
||||
}
|
||||
|
||||
void NetworkTest::cleanupTestCase()
|
||||
{
|
||||
delete m_manager;
|
||||
}
|
||||
|
||||
void NetworkTest::sslv3test_data()
|
||||
{
|
||||
QTest::addColumn<QUrl>("url");
|
||||
|
||||
// Sites that loads only with SslV3 forced and have it forced in NetworkManager
|
||||
QTest::newRow("centrum.sk") << QUrl("https://user.centrum.sk/");
|
||||
QTest::newRow("centrum.cz") << QUrl("https://user.centrum.cz/");
|
||||
QTest::newRow("oneaccount.com") << QUrl("https://service.oneaccount.com/onlineV2/OSV2?event=login&pt=3");
|
||||
QTest::newRow("i0.cz") << QUrl("https://i0.cz/6/ju/css/login/centrum.sk.css");
|
||||
}
|
||||
|
||||
void NetworkTest::sslv3test()
|
||||
{
|
||||
QFETCH(QUrl, url);
|
||||
|
||||
QNetworkReply *reply = m_manager->get(QNetworkRequest(url));
|
||||
|
||||
QEventLoop loop;
|
||||
connect(m_manager, SIGNAL(finished(QNetworkReply*)), &loop, SLOT(quit()));
|
||||
loop.exec();
|
||||
|
||||
QCOMPARE(QNetworkReply::NoError, reply->error());
|
||||
QCOMPARE(false, reply->readAll().isEmpty());
|
||||
}
|
||||
|
@ -30,9 +30,6 @@ private slots:
|
||||
void initTestCase();
|
||||
void cleanupTestCase();
|
||||
|
||||
void sslv3test_data();
|
||||
void sslv3test();
|
||||
|
||||
private:
|
||||
QNetworkAccessManager *m_manager;
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user