Briefly
HTTPS (full name: Hyper Text Transfer Protocol over secure Socket Layer) is a security-targeted HTTP channel and is simply a secure version of HTTP. That is, the SSL layer is added under HTTP, the security base of HTTPS is SSL, so the detailed content of encryption requires SSL. It is a URI scheme (abstract identifier system) with syntax similar to http: System. For secure HTTP data transfer. Https:url indicates that it uses HTTP, but HTTPS has a different default port than HTTP and an encryption/authentication layer (between HTTP and TCP). The system was originally developed by Netscape (Netscape) and built into its browser Netscape navigator, providing an authentication and encryption method of communication. It is now widely used for security-sensitive communications on the World Wide Web, such as transaction payments.
- Briefly
- The difference between HTTPS and HTTP
- Instructions for use
- MD5 encryption
- HTTPS Login
- How to use
- Result processing
The difference between HTTPS and HTTP
Hypertext Transfer Protocol HTTP is used to pass information between a Web browser and a Web server. The HTTP protocol sends content in plaintext, does not provide data encryption in any way, and if an attacker intercepts a transmission message between a Web browser and a Web server, it can read the information directly, so the HTTP protocol is not suitable for transmitting sensitive information such as credit card numbers, passwords, etc.
To address this flaw in the HTTP protocol, you need to use a different protocol: Secure Sockets Layer Hypertext Transfer Protocol HTTPS. For the security of data transmission, HTTPS joins the SSL protocol on the basis of HTTP, SSL relies on the certificate to verify the identity of the server, and encrypts the communication between the browser and the server.
The main differences between HTTPS and HTTP are the following four points:
- The HTTPS protocol requires a certificate to be applied to the CA, and the general free certificate is very small and requires a fee.
- HTTP is a Hypertext Transfer Protocol, the information is plaintext transmission, HTTPS is a secure SSL encryption transport protocol.
- HTTP and HTTPS use a completely different connection, the same port, the former is 80, the latter is 443.
- The HTTP connection is simple and stateless; The HTTPS protocol is a network protocol built by the SSL+HTTP protocol for encrypted transmission and authentication, which is more secure than the HTTP protocol.
Instructions for use
The call about the network interface is no longer explained here, because the general interface will have detailed documentation such as: request Get/post, parameter format, return type, etc.
Because of the need for OpenSSL support, the use of SSL authentication, so the corresponding library files-ssleay32.dll, Libeay32.dll, you can refer to: http://slproweb.com/products/ win32openssl.html, I downloaded the version for-win32 OpenSSL v1.0.2g Light, copy the library below the bin directory and put it in the exe sibling directory. For better compatibility, it is best to compile the source code!
The following is an example of HTTPS, describes a complete login process, but also for HTTP and other forms of network interaction, such as: User authentication, upload, download and so on.
MD5 encryption
For security reasons, sensitive data is encrypted, and the most common basic is MD5.
QString md5(const QString &text){ QByteArray byteArray; byteArray.append(text); hash = QCryptographicHash::hash(byteArray, QCryptographicHash::Md5); return hash.toHex();}
HTTPS Login
Perform SSL authentication, set parameters for the transfer, set the message header, start the request, and process the returned results.
Loginnetworkmanager::loginnetworkmanager (Qobject *parent): Qnetworkaccessmanager (parent) {SSL Authentication m_sslconfig = qsslconfiguration::d efaultconfiguration (); M_sslconfig.setpeerverifymode (Qsslsocket::verifynone); M_sslconfig.setprotocol (qssl::tlsv1_2); ConnectThis, SIGNAL (finished (qnetworkreply *)),This, SLOT (replyfinished (qnetworkreply *)));}End Request Loginnetworkmanager::~loginnetworkmanager () {if (m_preply! = NULL) {m_preply->abort (); M_preply->deletelater ();}}Setting up Login Datavoid Loginnetworkmanager::setparams (Const QString &username,Const QString &password) {m_strusername = userName; m_strpassword = password;}void Loginnetworkmanager::execute () {Qbytearray Usernamebytearray = M_strusername.toutf8 (); Qbytearray usernameencoding = usernamebytearray.topercentencoding ();Set the data sent Qbytearray DataArray; Dataarray.append (QString ("user_name=%1&"). Arg (QString (usernameencoding))); Dataarray.append (QString ("password=%1&"). ARG (MD5 (M_strpassword))); Dataarray.append ("Token_type=token");Set the message header Qnetworkrequest request; Request.setsslconfiguration (M_sslconfig); Request.setheader (Qnetworkrequest::contenttypeheader,"application/x-www-form-urlencoded"); Request.setheader (Qnetworkrequest::contentlengthheader, Dataarray.length ()); Request.seturl (Qurl (Login_url));Start Request m_preply = post (request, DataArray);}End of responsevoid loginnetworkmanager::replyfinished (qnetworkreply *reply) {Qbytearray bytes = Reply->readall (); QString strUserID ("");int NCode =-1; Qjsonparseerror Jsonerror; Qjsondocument doucment = Qjsondocument::fromjson (bytes, &jsonerror);if (Jsonerror.error = = Qjsonparseerror::noerror) {if (Doucment.isobject ()) {Qjsonobjectobject = doucment. object (); if (object.contains ( "userId")) { Qjsonvalue UserID = object.take ( "UserID"); if (userid.isstring ()) {strUserID = Userid.tostring ();}} if (object.contains ( "code")) { Qjsonvalue codevalue = object.take ( "code"); if (codevalue.isdouble ()) {NCode = Codevalue.tovariant (). ToInt ();}} }} //send result data if (!struserid.isempty ()) {Emit onsuccess ( strUserID); } else {emit onfail (nCode);}
How to use
new LoginNetworkManager(this);connect(pLoginNetworkManager, SIGNAL(onSuccess(const QString &)), this, SLOT(onSuccess(const QString &)));connect(pLoginNetworkManager, SIGNAL(onFail(int)), this, SLOT(onFail(int)));// 设置参数pLoginNetworkManager->setParams("test", "123456");pLoginNetworkManager->execute();
Result processing
Generally speaking, the return format is JSON, XML, and of course it can be used in a specific format, but most of them are JSON.
Once we get the results, we can parse the returned JSON and process it!
That's right:
"{" user_id ":" Self-666666666_qt-mr2sj_9iu92fwd-pqalbtwl6zgtafa "," Role ": 1," Sex ": 0," user_name ":" Test "," Create_ Date ": 1449449966000}"
Error:
{"MSG": "User_name=test and password is the error.", "code": 418, "error_msg": "Password is invalid"}
http://blog.csdn.net/liang19890820/article/details/50800712
QT HTTPS Login (integrated Qnetworkaccessmanager advance Modify qsslconfiguration, then Post)