cve-2023-32762

author Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>

Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)

committer Benjamin Drung <bdrung@debian.org>

Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
author Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
committer Benjamin Drung <bdrung@debian.org>
Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp

index 39905f3548076f45411b3f5c4f0f70dd1b7c6ae1..26d9f3694ff7f47d5589eaaaee2f73053e8f1fcb 100644 (file)
--- a/src/network/access/qhsts.cpp
+++ b/src/network/access/qhsts.cpp
@@ -328,7 +328,7 @@ bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &header
  {
      for (const auto &h : headers) {
          // We use '==' since header name was already 'trimmed' for us:
-        if (h.first == "Strict-Transport-Security") {
+        if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
              header = h.second;
              // RFC6797, 8.1:
              //
author	Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
	Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
committer	Benjamin Drung <bdrung@debian.org>
	Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)