Fix handling of urls containing username/password in QNetworkAccessManager

QNetworkAccessManager was ignoring the supplied credentials, although
webkit seems to support these urls at a higher level.

Following the behaviour of browsers:
We use supplied credentials if authentication is required.
We add supplied credentials to the authentication cache.
We emit authenticationRequired signal if the credentials were wrong.
We do not use previously cached credentials for that url

Synchronous http requests fail, if the credentials were wrong.

Task-number: QTBUG-18107
Change-Id: If46e8eab1511ba8a0f4bbe0d4efaabc4df0b8ab4
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit b4a538ea1c3cdce09e3528227dba2e8f5765cbdc)

1 files changed, 10 insertions, 0 deletions

diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp
index 30efac27e7..58690fa6ad 100644
--- a/src/network/access/qnetworkaccessmanager.cpp
+++ b/src/network/access/qnetworkaccessmanager.cpp
@@ -1068,6 +1068,16 @@ void QNetworkAccessManagerPrivate::authenticationRequired(QNetworkAccessBackend
     // also called when last URL is empty, e.g. on first call
     if (backend->reply->urlForLastAuthentication.isEmpty()
             || url != backend->reply->urlForLastAuthentication) {
+        // if credentials are included in the url, then use them
+        if (!url.userName().isEmpty()
+            && !url.password().isEmpty()) {
+            authenticator->setUser(url.userName());
+            authenticator->setPassword(url.password());
+            backend->reply->urlForLastAuthentication = url;
+            authenticationManager->cacheCredentials(url, authenticator);
+            return;
+        }
+
         QNetworkAuthenticationCredential cred = authenticationManager->fetchCachedCredentials(url, authenticator);
         if (!cred.isNull()) {
             authenticator->setUser(cred.user);