Fix handling of urls containing username/password in QNetworkAccessManager

QNetworkAccessManager was ignoring the supplied credentials, although
webkit seems to support these urls at a higher level.

Following the behaviour of browsers:
We use supplied credentials if authentication is required.
We add supplied credentials to the authentication cache.
We emit authenticationRequired signal if the credentials were wrong.
We do not use previously cached credentials for that url

Synchronous http requests fail, if the credentials were wrong.

Task-number: QTBUG-18107
Change-Id: If46e8eab1511ba8a0f4bbe0d4efaabc4df0b8ab4
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

1 files changed, 10 insertions, 0 deletions

diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp
index 8537502116..7be9d278f7 100644
--- a/src/network/access/qnetworkaccessmanager.cpp
+++ b/src/network/access/qnetworkaccessmanager.cpp
@@ -1094,6 +1094,16 @@ void QNetworkAccessManagerPrivate::authenticationRequired(QAuthenticator *authen
     // also called when last URL is empty, e.g. on first call
     if (urlForLastAuthentication->isEmpty()
             || url != *urlForLastAuthentication) {
+        // if credentials are included in the url, then use them
+        if (!url.userName().isEmpty()
+            && !url.password().isEmpty()) {
+            authenticator->setUser(url.userName());
+            authenticator->setPassword(url.password());
+            *urlForLastAuthentication = url;
+            authenticationManager->cacheCredentials(url, authenticator);
+            return;
+        }
+
         QNetworkAuthenticationCredential cred = authenticationManager->fetchCachedCredentials(url, authenticator);
         if (!cred.isNull()) {
             authenticator->setUser(cred.user);