diff options
Diffstat (limited to 'src/network/access/qhttpnetworkconnection.cpp')
| -rw-r--r-- | src/network/access/qhttpnetworkconnection.cpp | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp index 559124f..31c64f0 100644 --- a/src/network/access/qhttpnetworkconnection.cpp +++ b/src/network/access/qhttpnetworkconnection.cpp @@ -343,9 +343,16 @@ bool QHttpNetworkConnectionPrivate::handleAuthenticateChallenge(QAbstractSocket copyCredentials(i, auth, isProxy); QMetaObject::invokeMethod(q, "_q_restartAuthPendingRequests", Qt::QueuedConnection); } + } else if (priv->phase == QAuthenticatorPrivate::Start) { + // If the url's authenticator has a 'user' set we will end up here (phase is only set to 'Done' by + // parseHttpResponse above if 'user' is empty). So if credentials were supplied with the request, + // such as in the case of an XMLHttpRequest, this is our only opportunity to cache them. + emit q->cacheCredentials(reply->request(), auth, q); } - // changing values in QAuthenticator will reset the 'phase' - if (priv->phase == QAuthenticatorPrivate::Done) { + // - Changing values in QAuthenticator will reset the 'phase'. + // - If withCredentials has been set to false (e.g. by QtWebKit for a cross-origin XMLHttpRequest) then + // we need to bail out if authentication is required. + if (priv->phase == QAuthenticatorPrivate::Done || !reply->request().withCredentials()) { // authentication is cancelled, send the current contents to the user. emit channels[i].reply->headerChanged(); emit channels[i].reply->readyRead(); |