From 670266a075c7c312c6a7f9465298bfec0b968ee2 Mon Sep 17 00:00:00 2001 From: Liang Qi Date: Wed, 7 Dec 2016 10:07:25 +0100 Subject: Fix the parser of port in hand shake request Use QUrl::setAuthority() to parse host and port. The request is invalid when having username or password in Host. Task-number: QTBUG-57357 Change-Id: I4e7c0370794dce15359d372a1e36dc0383083204 Reviewed-by: Thiago Macieira --- src/websockets/qwebsockethandshakerequest.cpp | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'src') diff --git a/src/websockets/qwebsockethandshakerequest.cpp b/src/websockets/qwebsockethandshakerequest.cpp index 81c5f97..ddeee2d 100644 --- a/src/websockets/qwebsockethandshakerequest.cpp +++ b/src/websockets/qwebsockethandshakerequest.cpp @@ -275,16 +275,12 @@ void QWebSocketHandshakeRequest::readHandshake(QTextStream &textStream, int maxH if (m_requestUrl.isRelative()) { // see http://tools.ietf.org/html/rfc6455#page-17 // No. 4 item in "The requirements for this handshake" - int idx = host.indexOf(QStringLiteral(":")); - bool ok = false; - int port = 0; - if (idx != -1) { - port = host.rightRef(host.length() - idx - 1).toInt(&ok); - host.truncate(idx); + m_requestUrl.setAuthority(host); + if (!m_requestUrl.userName().isNull()) { // If the username is null, the password must be too. + m_isValid = false; + clear(); + return; } - m_requestUrl.setHost(host); - if (ok) - m_requestUrl.setPort(port); } if (m_requestUrl.scheme().isEmpty()) { const QString scheme = isSecure() ? QStringLiteral("wss") : QStringLiteral("ws"); @@ -337,7 +333,7 @@ void QWebSocketHandshakeRequest::readHandshake(QTextStream &textStream, int maxH //TODO: authentication field - m_isValid = !(host.isEmpty() || + m_isValid = !(m_requestUrl.host().isEmpty() || resourceName.isEmpty() || m_versions.isEmpty() || m_key.isEmpty() || -- cgit v1.2.1