Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-15566

Setting only a password (no username) for HTTP requests does not result in the password being sent

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: P4: Low P4: Low
    • 4.8.0, 5.0.0
    • 4.7.1
    • Network: Authentication
    • None
    • Tested on OS X but likely affects all other platforms as well.
    • 6057909d2b73c2c3aa01a0e9216714ef07fb652f, 04aae32f85822110984252e421b513d8ab1c89ee

      When QNetworkAccessManager::authenticationRequired() is emitted and only a password is entered then the password will not be sent to the server. In addition, if a previous request for the same URL was loaded with a non-empty user (with an optional password) then that user and password combination will be used instead. Looks like Qt picks this up from the authentication cache at some point.

      Attaching an autotest (along with a server-side auth.php file) that shows the problem, shouldn't be too hard for you guys to adapt this into your internal QNetworkReply test.

        1. tst_QNetworkAuth.zip
          2 kB
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            phartman Peter Hartmann (closed Nokia identity) (Inactive)
            jhanssen Jan Erik Hanssen
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes