QNAM HTTP: Introduce attributes for controlling cookies and auth

Introduced QNetworkRequest::CookieLoadControlAttribute,
QNetworkRequest::CookieSaveControlAttribute and
QNetworkRequest::AuthenticationReuseControlAttribute

These are true by default. They only come into play when QtWebKit
processes a cross-origin XMLHttpRequest. In such cases QtWebKit sets
each of the attributes to false when it creates a QNetworkRequest
where the XMLHttpRequest is cross-origin and has withCredentials
set to false:

var req = new XMLHttpRequest;
req.open("GET", "http://host/resource.php", false);
req.withCredentials = false; // actually false by default

For more information:
   http://www.w3.org/TR/XMLHttpRequest2/#credentials-flag

The QtWebKit counterpart of this patch is tracked at:
   https://bugs.webkit.org/show_bug.cgi?id=32967

Merge-Request: 592
Reviewed-by: Markus Goetz

1 files changed, 18 insertions, 9 deletions

diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp
index feb9d99..1c7661d 100644
--- a/src/network/access/qnetworkaccessmanager.cpp
+++ b/src/network/access/qnetworkaccessmanager.cpp
@@ -948,10 +948,15 @@ QNetworkReply *QNetworkAccessManager::createRequest(QNetworkAccessManager::Opera
         // but the data that is outgoing is random-access
         request.setHeader(QNetworkRequest::ContentLengthHeader, outgoingData->size());
     }
-    if (d->cookieJar) {
-        QList<QNetworkCookie> cookies = d->cookieJar->cookiesForUrl(request.url());
-        if (!cookies.isEmpty())
-            request.setHeader(QNetworkRequest::CookieHeader, qVariantFromValue(cookies));
+
+    if (static_cast<QNetworkRequest::LoadControl>
+        (request.attribute(QNetworkRequest::CookieLoadControlAttribute,
+                           QNetworkRequest::Automatic).toInt()) == QNetworkRequest::Automatic) {
+        if (d->cookieJar) {
+            QList<QNetworkCookie> cookies = d->cookieJar->cookiesForUrl(request.url());
+            if (!cookies.isEmpty())
+                request.setHeader(QNetworkRequest::CookieHeader, qVariantFromValue(cookies));
+        }
     }
 
     // first step: create the reply
@@ -967,11 +972,15 @@ QNetworkReply *QNetworkAccessManager::createRequest(QNetworkAccessManager::Opera
     priv->manager = this;
 
     // second step: fetch cached credentials
-    QNetworkAuthenticationCredential *cred = d->fetchCachedCredentials(url);
-    if (cred) {
-        url.setUserName(cred->user);
-        url.setPassword(cred->password);
-        priv->urlForLastAuthentication = url;
+    if (static_cast<QNetworkRequest::LoadControl>
+        (request.attribute(QNetworkRequest::AuthenticationReuseAttribute,
+                           QNetworkRequest::Automatic).toInt()) == QNetworkRequest::Automatic) {
+        QNetworkAuthenticationCredential *cred = d->fetchCachedCredentials(url);
+        if (cred) {
+            url.setUserName(cred->user);
+            url.setPassword(cred->password);
+            priv->urlForLastAuthentication = url;
+        }
     }
 
     // third step: find a backend