If QNetworkRequest::FollowRedirectsAttribute is set to true in the request and/or QNetworkRequest::RedirectPolicy is set to a value different than QNetworkRequest::ManualRedirectPolicy, it actually follow the redirect but ignores all the cookies received in the redirection process.
Example with a django application to which I tried to login using basic-auth:
The workflow works like that:
- client requests /admin/ -> server replies 302 and redirects to /admin/login/
- clients follow redirects and requets /admin/login/ -> server replies 401 asking for basic auth
- clients requests /admin/login/ and sends credentials -> server sets cookie sessionid, replies 302 and redirects to /admin/
- clients requests /admin/ and sends sessionid cookie -> server reads sessionid and replies with 200
If i follow this procedure with the browser or with the requests module in python it works like a charm.
If I try with the code below the server does't receive any cookie, they are always empty, and the client enters in a redirect loop.
I just tried to remove the QNetworkRequest::FollowRedirectsAttribute and manually handle the redirects. This way it stores the cookies.
I investigated further and took a look at the source code.
to set cookies QNetworkAccessManager uses
Anyway the QNetworkAccessManager uses the CookieJar only inside this method:
Which is only called by the public methods "head, get, post, put, deleteResources and sendCustomRequest" which are not called to send the redirected requests.
They are internally handled, the redirection process is completely transparent to the QNetworkAccessManager.
It looks like that when a redirect request is created it just take care of copying the original request changing the url, it doesn't take into account any other information got from the response.
Hope it helps.