Hsts: match header names case insensitively (CVE-2023-32762) (!254) · Merge requests · Qt Project / qt / qtbase · GitLab

Andreas Sturmlechner requested to merge asturmlechner/qtbase:asturmlechner/QTBUG-113392-CVE-2023-32762 into kde/5.15 May 23, 2023

Header field names are always considered to be case-insensitive.

Pick-to: 6.5 6.5.1 6.2 5.15 Fixes: QTBUG-113392 Change-Id: Ifb4def4bb7f2ac070416cdc76581a769f1e52b43 Reviewed-by: Qt CI Bot qt_ci_bot@qt-project.org Reviewed-by: Edward Welbourne edward.welbourne@qt.io Reviewed-by: Volker Hilsheimer volker.hilsheimer@qt.io (cherry picked from commit 1b736a81)

asturmlechner 2023-05-23: Upstream backport to 5.15 taken from https://www.qt.io/blog/security-advisory-qt-network