Bug 102478
| Summary: | [Qt] QtWebkit should support HSTS http strict transport security | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Richard Moore <rich> |
| Component: | WebKit Qt | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED INVALID | ||
| Severity: | Enhancement | CC: | hausmann |
| Priority: | P2 | Keywords: | QtTriaged |
| Version: | 528+ (Nightly build) | ||
| Hardware: | All | ||
| OS: | All | ||
Richard Moore
QtWebkit should support the HSTS IETF draft in order to enhance the security of users. This means that a site can indicate that it should only be accessed via HTTPS using a response header. Subsequent requests should then be automatically switched to https even if the user types the url into the browser.
See http://datatracker.ietf.org/doc/draft-ietf-websec-strict-transport-sec/?include_text=1 for details of the specification.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Richard Moore
See also https://bugreports.qt-project.org/browse/QTBUG-18030
Jocelyn Turcotte
=== Bulk closing of Qt bugs ===
If you believe that this bug report is still relevant for a non-Qt port of webkit.org, please re-open it and remove [Qt] from the summary.
If you believe that this is still an important QtWebKit bug, please fill a new report at https://bugreports.qt-project.org and add a link to this issue. See http://qt-project.org/wiki/ReportingBugsInQt for additional guidelines.