diff options
author | Cédric Cabessa <ccabessa@genymobile.com> | 2016-05-10 12:10:32 +0200 |
---|---|---|
committer | Cédric Cabessa <ccabessa@genymobile.com> | 2017-02-24 11:28:29 +0000 |
commit | f971a0d65cc4bc64dc61bdd2a4b659b382eb996f (patch) | |
tree | 7ef2864273fb9c784f1a4c7db0e1d1376e8c9cf9 /src/network/access | |
parent | 30b829a5a9cdcc16dcc7ef6a8a71489f9340a677 (diff) |
Fix proxy when changing only the password
QHttpThreadDelegate doesn't take into account the password to compute the
key of the networkconnection hash. So if only the password for a proxy has
changed, the wrong data gets used for the connection.
This patch simply adds proxy->password() to the key.
Here are the steps to reproduce the bug:
* Use an authentified proxy and provide the correct username but a wrong
password
```
QNetworkAccessManager networkAccessManager;
QNetworkProxy proxy(QNetworkProxy::HttpProxy, PROXY_HOST, PROXY_PORT,
"goodusername", "badpassword");
networkAccessManager.setProxy(proxy);
``
* As expected, the reply returns ProxyAuthenticationRequiredError
* Using the same QNetworkAccessManager, setup a new proxy with the
correct credential:
```
QNetworkProxy proxy(QNetworkProxy::HttpProxy, PROXY_HOST, PROXY_PORT,
"goodusername", "goodpassword");
networkAccessManager.setProxy(proxy);
```
* The reply still returns ProxyAuthenticationRequiredError
[ChangeLog][QtNetwork] Fix proxy-authentication issue, after a wrong password
has been used, when supplying the right password.
Change-Id: Id3b5a2ce71fda81780f3ef2568a73d0022b38815
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/access')
-rw-r--r-- | src/network/access/qhttpthreaddelegate.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/network/access/qhttpthreaddelegate.cpp b/src/network/access/qhttpthreaddelegate.cpp index 6e5e29d7bf..e9b3760ce5 100644 --- a/src/network/access/qhttpthreaddelegate.cpp +++ b/src/network/access/qhttpthreaddelegate.cpp @@ -44,6 +44,7 @@ #include <QTimer> #include <QAuthenticator> #include <QEventLoop> +#include <QCryptographicHash> #include "private/qhttpnetworkreply_p.h" #include "private/qnetworkaccesscache_p.h" @@ -158,7 +159,10 @@ static QByteArray makeCacheKey(QUrl &url, QNetworkProxy *proxy) } if (!key.scheme().isEmpty()) { + const QByteArray obfuscatedPassword = QCryptographicHash::hash(proxy->password().toUtf8(), + QCryptographicHash::Sha1).toHex(); key.setUserName(proxy->user()); + key.setPassword(QString::fromUtf8(obfuscatedPassword)); key.setHost(proxy->hostName()); key.setPort(proxy->port()); key.setQuery(result); |