From caa598c843eb27fd0c645e62723fd2d4e3e12f60 Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@intel.com>
Date: Thu, 27 Sep 2018 11:56:07 -0700
Subject: Fix QUrl::matches for when removing authority parts (other than host)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

QUrl::RemoveAuthority is RemoveUserInfo | RemovePort | 0x10, so the
condition

    if (options & QUrl::RemoveAuthority)

would match if any of the other bits for the username, password or port
were set, which meant we would skip the host comparison. Ditto for
username and RemovePassword.

[ChangeLog][QtCore][QUrl] Fixed a bug that caused QUrl::matches to
incorrectly compare two URLs with different hostnames or different
usernames as equal, if certain QUrl::RemoveXxx options were passed.

Change-Id: I015970a03b874898bba7fffd155856ab9d6cb1be
Fixes: QTBUG-70774
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
---
 tests/auto/corelib/io/qurl/tst_qurl.cpp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'tests/auto/corelib/io/qurl')

diff --git a/tests/auto/corelib/io/qurl/tst_qurl.cpp b/tests/auto/corelib/io/qurl/tst_qurl.cpp
index 09aefcee91..62af907037 100644
--- a/tests/auto/corelib/io/qurl/tst_qurl.cpp
+++ b/tests/auto/corelib/io/qurl/tst_qurl.cpp
@@ -4123,6 +4123,18 @@ void tst_QUrl::matches_data()
         << "http://user:pass@www.website.com/directory"
         << "http://otheruser:otherpass@www.website.com/directory"
         << uint(QUrl::RemovePath | QUrl::RemoveAuthority) << true;
+    QTest::newRow("matchingHost-removePort") << "http://example.com" << "http://example.com"
+                                             << uint(QUrl::RemovePort) << true;
+    QTest::newRow("nonMatchingHost-removePort") << "http://example.com" << "http://example.net"
+                                                << uint(QUrl::RemovePort) << false;
+    QTest::newRow("matchingHost-removePassword") << "http://example.com" << "http://example.com"
+                                                 << uint(QUrl::RemovePassword) << true;
+    QTest::newRow("nonMatchingHost-removePassword") << "http://example.com" << "http://example.net"
+                                                    << uint(QUrl::RemovePassword) << false;
+    QTest::newRow("matchingUserName-removePassword") << "http://user@example.com" << "http://user@example.com"
+                                                 << uint(QUrl::RemovePassword) << true;
+    QTest::newRow("nonMatchingUserName-removePassword") << "http://user@example.com" << "http://user2@example.com"
+                                                    << uint(QUrl::RemovePassword) << false;
 }
 
 void tst_QUrl::matches()
-- 
cgit v1.2.3