Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Using a proxy built into the application to access https response headers in QtWebEngine



  • I'm the maintainer of the Konqueror web browser for Linux (https://kde.org/applications/internet/org.kde.konqueror) and I'm trying to port it from QtWebKit to QtWebEngine, which is being quite difficult because of the differences between them.

    In particular, one of the biggest problems is that Konqueror needs to manage the network requests and responses by itself (or rather, have it managed by the underlying KDE libraries), which isn't allowed by QtWebEngine.

    The only idea that came to my mind is to write an http proxy and integrate it in Konqueror, then make QtWebEngine use it. This way, Konqueror would be able to see the response headers before they reach QtWebEngine and do whatever it needs with them.

    While this works correctly with HTTP URLs it doesn't work with HTTPS because, of course, the proxy only sees the encrypted headers. I'm wondering whether it would be possible for Konqueror to create an SSL certificate and use it to encrypt the communication with QtWebEngine. What I'd hope to do would be something like this:

    • QtWebEngine sends the request to the proxy within Konqueror, encrypted using
      the key provided by Konqueror itself
    • Konqueror decrypts the request and sends it to the the server as usual
    • Konqueror receives the response from the server and analyzes it
    • Konqueror encrypts the response with its own certificate and sends it to
      QtWebEngine.

    Unfortunately, QtWebEngine doesn't provide a way to tell it that the certificate provided by Konqueror must be trusted (of course, that certificate can't be installed system-wide). It does have a function which is called in case of a certificate error and which allows to ignore the error. However, my attempts so far have been unsuccessful.

    Is what I'm hoping to achieve really impossible or am I doing something wrong?

    Thanks in advance

    Stefano


Log in to reply