diff options
author | Allan Sandfeld Jensen <allan.jensen@digia.com> | 2013-09-17 16:01:52 +0200 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-09-19 16:31:26 +0200 |
commit | a23ff58d716f62b02ec825a3ea3c6b07616ee3f0 (patch) | |
tree | 4501a07b30d5d482924b38a727dda1c5d34bdefc | |
parent | 663c5186e88e86983532b8010688b38221faab72 (diff) |
OAuth over XMLHttpRequest fails
We currently always generate our own Authorization header, which
overrides any Authorization headers set the by user application.
Change-Id: I3b11c8dd0bc708e795ff697262a383ce28cae2f3
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
-rw-r--r-- | src/network/access/qhttpnetworkconnection.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp index a279990f4c..0222b36c7d 100644 --- a/src/network/access/qhttpnetworkconnection.cpp +++ b/src/network/access/qhttpnetworkconnection.cpp @@ -507,7 +507,7 @@ void QHttpNetworkConnectionPrivate::createAuthorization(QAbstractSocket *socket, // Send "Authorization" header, but not if it's NTLM and the socket is already authenticated. if (channels[i].authMethod != QAuthenticatorPrivate::None) { - if (!(channels[i].authMethod == QAuthenticatorPrivate::Ntlm && channels[i].lastStatus != 401)) { + if ((channels[i].authMethod != QAuthenticatorPrivate::Ntlm && request.headerField("Authorization").isEmpty()) || channels[i].lastStatus == 401) { QAuthenticatorPrivate *priv = QAuthenticatorPrivate::getPrivate(channels[i].authenticator); if (priv && priv->method != QAuthenticatorPrivate::None) { QByteArray response = priv->calculateResponse(request.d->methodName(), request.d->uri(false)); |