Security status for a webview More...
Header: | #include <oxideqsecuritystatus.h> |
Instantiated By: | SecurityStatus |
Inherits: | QObject |
flags | CertStatus |
enum | CertStatusFlags { CertStatusOk, CertStatusBadIdentity, CertStatusExpired, CertStatusDateInvalid, ..., CertStatusGenericError } |
flags | ContentStatus |
enum | ContentStatusFlags { ContentStatusNormal, ContentStatusDisplayedInsecure, ContentStatusRanInsecure } |
enum | SecurityLevel { SecurityLevelNone, SecurityLevelSecure, SecurityLevelSecureEV, SecurityLevelWarning, SecurityLevelError } |
CertStatus | certStatus() const |
QVariant | certificate() const |
ContentStatus | contentStatus() const |
SecurityLevel | securityLevel() const |
void | certStatusChanged() |
void | certificateChanged() |
void | contentStatusChanged() |
void | securityLevelChanged() |
Security status for a webview
OxideQSecurityStatus provides security status information for a webview. It provides an overall security level indication via securityLevel.
Details about the X.509 certificate for the current site can be accessed via certificate and certStatus.
Represents the status of the current X.509 certificate.
Constant | Value | Description |
---|---|---|
OxideQSecurityStatus::CertStatusOk | 0 | The current certificate has no errors. |
OxideQSecurityStatus::CertStatusBadIdentity | 1<<0 | The identity of the certificate does not match the identity of the site. |
OxideQSecurityStatus::CertStatusExpired | 1<<1 | The certificate has expired. |
OxideQSecurityStatus::CertStatusDateInvalid | 1<<2 | The certificate has a date that is invalid, eg, its start date is in the future. |
OxideQSecurityStatus::CertStatusAuthorityInvalid | 1<<3 | The certificate is signed by an authority that isn't trusted. |
OxideQSecurityStatus::CertStatusRevocationCheckFailed | 1<<4 | The revocation status of the certificate could not be determined. |
OxideQSecurityStatus::CertStatusRevoked | 1<<5 | The certificate has been revoked. |
OxideQSecurityStatus::CertStatusInvalid | 1<<6 | The certificate is invalid, eg, it has errors. |
OxideQSecurityStatus::CertStatusInsecure | 1<<7 | The certificate is insecure, eg, it uses a weak signature algorithm or has a weak public key. |
OxideQSecurityStatus::CertStatusGenericError | 1<<8 | This is used for all other unspecified certificate errors. |
The CertStatus type is a typedef for QFlags<CertStatusFlags>. It stores an OR combination of CertStatusFlags values.
Represents the status of the currently displayed content.
Constant | Value | Description |
---|---|---|
OxideQSecurityStatus::ContentStatusNormal | 0 | All elements on the current page were loaded via a secure connection. |
OxideQSecurityStatus::ContentStatusDisplayedInsecure | 1<<0 | The current page contains passive elements such as images or videos that were loaded over an insecure connection. |
OxideQSecurityStatus::ContentStatusRanInsecure | 1<<1 | The current page contains active elements such as scripts or CSS that were loaded over an insecure connection. |
The ContentStatus type is a typedef for QFlags<ContentStatusFlags>. It stores an OR combination of ContentStatusFlags values.
Represents an overall security level for a webview.
Constant | Value | Description |
---|---|---|
OxideQSecurityStatus::SecurityLevelNone | 0 | The current page was loaded via an insecure connection (eg, http). |
OxideQSecurityStatus::SecurityLevelSecure | 1 | The current page was loaded via a secure connection. |
OxideQSecurityStatus::SecurityLevelSecureEV | 2 | The current page was loaded via a secure connection and the supplied certificate is an EV certificate. |
OxideQSecurityStatus::SecurityLevelWarning | 3 | The current page was loaded via a secure connection, but the security of the page is degraded. This could be because some passive content (eg, images) were not loaded via a secure connection, or the supplied certificate has an error that is considered to be minor (eg, revocation check failed). A web browser would generally represent this status using a padlock icon with a warning triangle. |
OxideQSecurityStatus::SecurityLevelError | 4 | The security of the current page is broken. This could be because of a certificate error permitted by the application via OxideQCertificateError::allow, or because some active content (eg, scripts or CSS) were loaded via an insecure connection. A web browser would generally represent this status using a broken padlock icon. |
The status of the current certificate - this can be used to determine any errors that affect it. If securityLevel is SecurityLevelNone, this will be CertStatusOk.
Access functions:
CertStatus | certStatus() const |
Notifier signal:
void | certStatusChanged() |
The X.509 certificate for the currently displayed page. This will be a valid OxideQSslCertificate if securityLevel is not SecurityLevelNone, else it will be a null variant.
Access functions:
QVariant | certificate() const |
Notifier signal:
void | certificateChanged() |
The current content status. This can be used to determine if the page has loaded any insecure content. If securityLevel is SecurityLevelNone, this will be ContentStatusNormal.
Access functions:
ContentStatus | contentStatus() const |
Notifier signal:
void | contentStatusChanged() |
The current security level. This is useful for displaying a security hint (such as a padlock icon) to the user.
Access functions:
SecurityLevel | securityLevel() const |
Notifier signal:
void | securityLevelChanged() |