<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html><head><title>QWebSecurityOrigin Class Reference</title><style>h3.fn,span.fn { margin-left: 1cm; text-indent: -1cm }
a:link { color: #004faf; text-decoration: none }
a:visited { color: #672967; text-decoration: none }
td.postheader { font-family: sans-serif }
tr.address { font-family: sans-serif }
body { background: #ffffff; color: black; }
</style></head><body><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr /><td align="left" valign="top" width="32"><img align="left" border="0" height="32" src="images/rb-logo.png" width="32" /></td><td width="1">  </td><td class="postheader" valign="center"><a href="index.html"><font color="#004faf">Home</font></a> · <a href="classes.html"><font color="#004faf">All Classes</font></a> · <a href="modules.html"><font color="#004faf">Modules</font></a></td></table><h1 align="center">QWebSecurityOrigin Class Reference<br /><sup><sup>[<a href="qtwebkit.html">QtWebKit</a> module]</sup></sup></h1><p>The QWebSecurityOrigin class defines a security boundary for web
sites. <a href="#details">More...</a></p>
<h3>Methods</h3><ul><li><div class="fn" /><b><a href="qwebsecurityorigin.html#QWebSecurityOrigin">__init__</a></b> (<i>self</i>, QWebSecurityOrigin <i>other</i>)</li><li><div class="fn" />int <b><a href="qwebsecurityorigin.html#databaseQuota">databaseQuota</a></b> (<i>self</i>)</li><li><div class="fn" />list-of-QWebDatabase <b><a href="qwebsecurityorigin.html#databases">databases</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qwebsecurityorigin.html#databaseUsage">databaseUsage</a></b> (<i>self</i>)</li><li><div class="fn" />QString <b><a href="qwebsecurityorigin.html#host">host</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qwebsecurityorigin.html#port">port</a></b> (<i>self</i>)</li><li><div class="fn" />QString <b><a href="qwebsecurityorigin.html#scheme">scheme</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qwebsecurityorigin.html#setApplicationCacheQuota">setApplicationCacheQuota</a></b> (<i>self</i>, int <i>quota</i>)</li><li><div class="fn" /><b><a href="qwebsecurityorigin.html#setDatabaseQuota">setDatabaseQuota</a></b> (<i>self</i>, int <i>quota</i>)</li></ul><h3>Static Methods</h3><ul><li><div class="fn" /><b><a href="qwebsecurityorigin.html#addLocalScheme">addLocalScheme</a></b> (QString <i>scheme</i>)</li><li><div class="fn" />list-of-QWebSecurityOrigin <b><a href="qwebsecurityorigin.html#allOrigins">allOrigins</a></b> ()</li><li><div class="fn" />QStringList <b><a href="qwebsecurityorigin.html#localSchemes">localSchemes</a></b> ()</li><li><div class="fn" /><b><a href="qwebsecurityorigin.html#removeLocalScheme">removeLocalScheme</a></b> (QString <i>scheme</i>)</li></ul><a name="details" /><hr /><h2>Detailed Description</h2><p>The QWebSecurityOrigin class defines a security boundary for web
sites.</p>
<p>QWebSecurityOrigin provides access to the security domains
defined by web sites. An origin consists of a host name, a scheme,
and a port number. Web sites with the same security origin can
access each other's resources for client-side scripting or
databases.</p>
<p>For example the site
<tt>http://www.example.com/my/page.html</tt> is allowed to share
the same database as
<tt>http://www.example.com/my/overview.html</tt>, or access each
other's documents when used in HTML frame sets and JavaScript. At
the same time it prevents
<tt>http://www.malicious.com/evil.html</tt> from accessing
<tt>http://www.example.com/</tt>'s resources, because they are of a
different security origin.</p>
<p>By default local schemes like <tt>file://</tt> and
<tt>qrc://</tt> are concidered to be in the same security origin,
and can access each other's resources. You can add additional local
schemes by using <a href="qwebsecurityorigin.html#addLocalScheme">QWebSecurityOrigin.addLocalScheme</a>(),
or override the default same-origin behavior by setting <a href="qwebsettings.html#WebAttribute-enum">QWebSettings.LocalContentCanAccessFileUrls</a>
to <tt>false</tt>.</p>
<p><b>Note:</b> Local resources are by default restricted from
accessing remote content, which means your <tt>file://</tt> will
not be able to access <tt>http://domain.com/foo.html</tt>. You can
relax this restriction by setting <a href="qwebsettings.html#WebAttribute-enum">QWebSettings.LocalContentCanAccessRemoteUrls</a>
to <tt>true</tt>.</p>
<p>Call <a href="qwebframe.html#securityOrigin">QWebFrame.securityOrigin</a>() to
get the QWebSecurityOrigin for a frame in a web page, and use
<a href="qwebsecurityorigin.html#host">host</a>(), <a href="qwebsecurityorigin.html#scheme">scheme</a>() and <a href="qwebsecurityorigin.html#port">port</a>() to identify the security
origin.</p>
<p>Use <a href="qwebsecurityorigin.html#databases">databases</a>()
to access the databases defined within a security origin. The disk
usage of the origin's databases can be limited with <a href="qwebsecurityorigin.html#setDatabaseQuota">setDatabaseQuota</a>().
<a href="qwebsecurityorigin.html#databaseQuota">databaseQuota</a>()
and <a href="qwebsecurityorigin.html#databaseUsage">databaseUsage</a>() report
the current limit as well as the current usage.</p>
<p>For more information refer to the <a href="http://en.wikipedia.org/wiki/Same_origin_policy">"Same origin
policy" Wikipedia Article</a>.</p>
<hr /><h2>Method Documentation</h2><h3 class="fn"><a name="QWebSecurityOrigin" />QWebSecurityOrigin.__init__ (<i>self</i>, <a href="qwebsecurityorigin.html">QWebSecurityOrigin</a> <i>other</i>)</h3><p>Constructs a security origin from <i>other</i>.</p>
<h3 class="fn"><a name="addLocalScheme" />QWebSecurityOrigin.addLocalScheme (QString <i>scheme</i>)</h3><p>Adds the given <i>scheme</i> to the list of schemes that are
considered equivalent to the <tt>file</tt>: scheme.</p>
<p>Cross domain restrictions depend on the two web settings
<a href="qwebsettings.html#WebAttribute-enum">QWebSettings.LocalContentCanAccessFileUrls</a>
and <a href="qwebsettings.html#WebAttribute-enum">QWebSettings.LocalContentCanAccessFileUrls</a>.
By default all local schemes are concidered to be in the same
security origin, and local schemes can not access remote
content.</p>
<p>This function was introduced in Qt 4.6.</p>
<h3 class="fn"><a name="allOrigins" />list-of-QWebSecurityOrigin QWebSecurityOrigin.allOrigins ()</h3><p>Returns a list of all security origins with a database quota
defined.</p>
<h3 class="fn"><a name="databaseQuota" />int QWebSecurityOrigin.databaseQuota (<i>self</i>)</h3><p>Returns the quota for the databases in the security origin.</p>
<p><b>See also</b> <a href="qwebsecurityorigin.html#setDatabaseQuota">setDatabaseQuota</a>().</p>
<h3 class="fn"><a name="databases" />list-of-QWebDatabase QWebSecurityOrigin.databases (<i>self</i>)</h3><p>Returns a list of all databases defined in the security
origin.</p>
<h3 class="fn"><a name="databaseUsage" />int QWebSecurityOrigin.databaseUsage (<i>self</i>)</h3><p>Returns the number of bytes all databases in the security origin
use on the disk.</p>
<h3 class="fn"><a name="host" />QString QWebSecurityOrigin.host (<i>self</i>)</h3><p>Returns the host name defining the security origin.</p>
<h3 class="fn"><a name="localSchemes" />QStringList QWebSecurityOrigin.localSchemes ()</h3><p>Returns a list of all the schemes concidered to be local.</p>
<p>By default this is <tt>file://</tt> and <tt>qrc://</tt>.</p>
<p>This function was introduced in Qt 4.6.</p>
<p><b>See also</b> <a href="qwebsecurityorigin.html#addLocalScheme">addLocalScheme</a>() and
<a href="qwebsecurityorigin.html#removeLocalScheme">removeLocalScheme</a>().</p>
<h3 class="fn"><a name="port" />int QWebSecurityOrigin.port (<i>self</i>)</h3><p>Returns the port number defining the security origin.</p>
<h3 class="fn"><a name="removeLocalScheme" />QWebSecurityOrigin.removeLocalScheme (QString <i>scheme</i>)</h3><p>Removes the given <i>scheme</i> from the list of local
schemes.</p>
<p><b>Note:</b> You can not remove the <tt>file://</tt> scheme from
the list of local schemes.</p>
<p>This function was introduced in Qt 4.6.</p>
<p><b>See also</b> <a href="qwebsecurityorigin.html#addLocalScheme">addLocalScheme</a>().</p>
<h3 class="fn"><a name="scheme" />QString QWebSecurityOrigin.scheme (<i>self</i>)</h3><p>Returns the scheme defining the security origin.</p>
<h3 class="fn"><a name="setApplicationCacheQuota" />QWebSecurityOrigin.setApplicationCacheQuota (<i>self</i>, int <i>quota</i>)</h3><h3 class="fn"><a name="setDatabaseQuota" />QWebSecurityOrigin.setDatabaseQuota (<i>self</i>, int <i>quota</i>)</h3><p>Sets the quota for the databases in the security origin to
<i>quota</i> bytes.</p>
<p>If the quota is set to a value less than the current usage, the
quota will remain and no data will be purged to meet the new quota.
However, no new data can be added to databases in this origin.</p>
<p><b>See also</b> <a href="qwebsecurityorigin.html#databaseQuota">databaseQuota</a>().</p>
<address><hr /><div align="center"><table border="0" cellspacing="0" width="100%"><tr class="address"><td align="left" width="25%">PyQt 4.10.3 for X11</td><td align="center" width="50%">Copyright © <a href="http://www.riverbankcomputing.com">Riverbank Computing Ltd</a> and <a href="http://www.qtsoftware.com">Nokia</a> 2012</td><td align="right" width="25%">Qt 4.8.5</td></tr></table></div></address></body></html>
