On Monday, 3 February 2020 10:49:10 CET David Edmundson wrote: > I updated: > > https://community.kde.org/Policies/API_to_Avoid > > Which had no mention of this.
Thanks for taking care of this! I'd propose a slightly different approach than the per-request all-or-nothing attribute mentioned in the wiki though, using the redirection policy on QNAM, which prevents redirects to non-TLS connections: nam->setRedirectPolicy(QNetworkRequest::NoLessSafeRedirectPolicy); And while we are at it, let's also enable HSTS: nam->setStrictTransportSecurityEnabled(true); nam->enableStrictTransportSecurityStore(true); Regards, Volker
signature.asc
Description: This is a digitally signed message part.