Fix use of empty credentials for HTTP and proxy authentication

Empty user and password fields are valid for HTTP and proxy
authentication. Thus it does not mean that the authentication
is cancelled. For informing the engine about the cancellation
of the authentication dialog make QAuthenticator instance null.

Change-Id: Iba1ce9d375b9b37c23f7a91fb583606d75d04af5
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>

1 files changed, 7 insertions, 1 deletions

diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp
index 503ba87d4..a4cc0ac12 100644
--- a/src/webenginewidgets/api/qwebenginepage.cpp
+++ b/src/webenginewidgets/api/qwebenginepage.cpp
@@ -249,7 +249,7 @@ void QWebEnginePagePrivate::passOnFocus(bool reverse)
         view->focusNextPrevChild(!reverse);
 }
 
-void QWebEnginePagePrivate::authenticationRequired(const QUrl &requestUrl, const QString &realm, bool isProxy, const QString &challengingHost, QString *outUser, QString *outPassword)
+bool QWebEnginePagePrivate::authenticationRequired(const QUrl &requestUrl, const QString &realm, bool isProxy, const QString &challengingHost, QString *outUser, QString *outPassword)
 {
     Q_Q(QWebEnginePage);
     QAuthenticator networkAuth;
@@ -259,8 +259,14 @@ void QWebEnginePagePrivate::authenticationRequired(const QUrl &requestUrl, const
         Q_EMIT q->proxyAuthenticationRequired(requestUrl, &networkAuth, challengingHost);
     else
         Q_EMIT q->authenticationRequired(requestUrl, &networkAuth);
+
+    // Authentication has been cancelled
+    if (networkAuth.isNull())
+        return false;
+
     *outUser = networkAuth.user();
     *outPassword = networkAuth.password();
+    return true;
 }
 
 void QWebEnginePagePrivate::runMediaAccessPermissionRequest(const QUrl &securityOrigin, WebContentsAdapterClient::MediaRequestFlags requestFlags)