Details
-
Suggestion
-
Resolution: Done
-
P2: Important
-
None
-
None
Description
QtWebEngine currently doesn't fail with revoked certificates, e.g. on https://revoked.badssl.com/
Like Chromium, I think QtWebEngine should be able to check them against CRLSets.
Thise could be either shipped with QtWebEngine and updated with each Qt release (preferrable, IMHO), and/or they could be bundled with each application and QtWebEngine could have an API to point it to a crlset file.