diff options
author | Olivier Goffart <ogoffart@woboq.com> | 2011-11-08 15:37:42 +0100 |
---|---|---|
committer | Qt by Nokia <qt-info@nokia.com> | 2011-11-08 17:20:39 +0100 |
commit | a4f446704e7e02e25c02edb9d316513a482bae9a (patch) | |
tree | e31af511bf68c5f0951ea7579da0c98420af1df2 /src/network | |
parent | 1c70cd998093aa1ba79af0fa1eed5f30da47354d (diff) |
QNAM: Fix authentication cache when the password is in the URL
Two problems:
- The signal cacheCredidentials was not connected in the synchronous
case while it must be connected. (Regression when the threaded http
was merged)
- We cannot cache the credidentials when we proceed the url because
at that point, we do not know the realm (this basically reverts
9bc5a32b875b812c3a706034c8c27614f86bd138)
Task-number: QTBUG-18411
Change-Id: I8ea11fa23db4314c3f17ed06d2d7f9ee934ccdba
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/access/qhttpnetworkconnection.cpp | 5 | ||||
-rw-r--r-- | src/network/access/qhttpnetworkconnectionchannel.cpp | 1 | ||||
-rw-r--r-- | src/network/access/qhttpthreaddelegate.cpp | 5 |
3 files changed, 8 insertions, 3 deletions
diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp index 69fb7226ee..51aed45753 100644 --- a/src/network/access/qhttpnetworkconnection.cpp +++ b/src/network/access/qhttpnetworkconnection.cpp @@ -435,6 +435,11 @@ bool QHttpNetworkConnectionPrivate::handleAuthenticateChallenge(QAbstractSocket // send any pending requests copyCredentials(i, auth, isProxy); } + } else if (priv->phase == QAuthenticatorPrivate::Start) { + // If the url's authenticator has a 'user' set we will end up here (phase is only set to 'Done' by + // parseHttpResponse above if 'user' is empty). So if credentials were supplied with the request, + // such as in the case of an XMLHttpRequest, this is our only opportunity to cache them. + emit reply->cacheCredentials(reply->request(), auth); } // - Changing values in QAuthenticator will reset the 'phase'. Therefore if it is still "Done" // then nothing was filled in by the user or the cache diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp index f2450f5662..a35750fa3f 100644 --- a/src/network/access/qhttpnetworkconnectionchannel.cpp +++ b/src/network/access/qhttpnetworkconnectionchannel.cpp @@ -202,7 +202,6 @@ bool QHttpNetworkConnectionChannel::sendRequest() || (!url.password().isEmpty() && url.password() != auth.password())) { auth.setUser(url.userName()); auth.setPassword(url.password()); - emit reply->cacheCredentials(request, &auth); connection->d_func()->copyCredentials(connection->d_func()->indexOf(socket), &auth, false); } // clear the userinfo, since we use the same request for resending diff --git a/src/network/access/qhttpthreaddelegate.cpp b/src/network/access/qhttpthreaddelegate.cpp index 9c361e0cf4..e03b3fc59d 100644 --- a/src/network/access/qhttpthreaddelegate.cpp +++ b/src/network/access/qhttpthreaddelegate.cpp @@ -312,8 +312,6 @@ void QHttpThreadDelegate::startRequest() // some signals are only interesting when normal asynchronous style is used connect(httpReply,SIGNAL(readyRead()), this, SLOT(readyReadSlot())); connect(httpReply,SIGNAL(dataReadProgress(qint64, qint64)), this, SLOT(dataReadProgressSlot(qint64,qint64))); - connect(httpReply, SIGNAL(cacheCredentials(QHttpNetworkRequest,QAuthenticator*)), - this, SLOT(cacheCredentialsSlot(QHttpNetworkRequest,QAuthenticator*))); #ifndef QT_NO_OPENSSL connect(httpReply,SIGNAL(sslErrors(const QList<QSslError>)), this, SLOT(sslErrorsSlot(QList<QSslError>))); #endif @@ -325,6 +323,9 @@ void QHttpThreadDelegate::startRequest() connect(httpReply, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)), this, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*))); } + + connect(httpReply, SIGNAL(cacheCredentials(QHttpNetworkRequest,QAuthenticator*)), + this, SLOT(cacheCredentialsSlot(QHttpNetworkRequest,QAuthenticator*))); } // This gets called from the user thread or by the synchronous HTTP timeout timer |