Contents

QWebSocketCorsAuthenticator Class

The QWebSocketCorsAuthenticator class provides an authenticator object for Cross Origin Requests (CORS). More...

Header: #include <QWebSocketCorsAuthenticator>
qmake: QT += websockets
Since: Qt 5.3

This class was introduced in Qt 5.3.

Detailed Description

The QWebSocketCorsAuthenticator class is used in the originAuthenticationRequired() signal. The class provides a way to pass back the required information to the QWebSocketServer. It provides applications with fine-grained control over which origin URLs are allowed and which aren't. By default, every origin is accepted. To get fine-grained control, an application connects the originAuthenticationRequired() signal to a slot. When the origin (QWebSocketCorsAuthenticator::origin()) is accepted, it calls QWebSocketCorsAuthenticator::setAllowed(true)

Note: Checking on the origin does not make much sense when the server is accessed via a non-browser client, as that client can set whatever origin header it likes. In case of a browser client, the server SHOULD check the validity of the origin.

See also WebSocket Security Considerations and QWebSocketServer.

© 2022 The Qt Company Ltd. Documentation contributions included herein are the copyrights of their respective owners.
The documentation provided herein is licensed under the terms of the GNU Free Documentation License version 1.3 as published by the Free Software Foundation.
Qt and respective logos are trademarks of The Qt Company Ltd. in Finland and/or other countries worldwide. All other trademarks are property of their respective owners.