Fix cookies not being applied on redirect

Task-number: QTBUG-63313 Change-Id: I5245fc837557f19062cbbf0f1dfb86353c85229f Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-09-28 10:47:53 +02:00 · 2017-09-28 10:47:53 +02:00 · 8b64a1054a
commit 8b64a1054a
parent 49643145e1
2 changed files with 36 additions and 0 deletions
--- a/src/network/access/qnetworkreplyhttpimpl.cpp
+++ b/src/network/access/qnetworkreplyhttpimpl.cpp
@ -1165,6 +1165,14 @@ void QNetworkReplyHttpImplPrivate::onRedirected(const QUrl &redirectUrl, int htt
    redirectRequest = createRedirectRequest(originalRequest, url, maxRedirectsRemaining);
    operation = getRedirectOperation(operation, httpStatus);

+    if (const QNetworkCookieJar *const cookieJar = (manager ? manager->cookieJar() : nullptr)) {
+        auto cookies = cookieJar->cookiesForUrl(url);
+        if (!cookies.empty()) {
+            redirectRequest.setHeader(QNetworkRequest::KnownHeaders::CookieHeader,
+                                      QVariant::fromValue(cookies));
+        }
+    }
+
    if (httpRequest.redirectPolicy() != QNetworkRequest::UserVerifiedRedirectPolicy)
        followRedirect();

--- a/tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp
+++ b/tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp
@ -487,6 +487,7 @@ private Q_SLOTS:
    void ioHttpRedirectPolicyErrors();
    void ioHttpUserVerifiedRedirect_data();
    void ioHttpUserVerifiedRedirect();
+    void ioHttpCookiesDuringRedirect();
 #ifndef QT_NO_SSL
    void putWithServerClosingConnectionImmediately();
 #endif
@ -8410,6 +8411,33 @@ void tst_QNetworkReply::ioHttpUserVerifiedRedirect()
    QCOMPARE(reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt(), statusCode);
 }

+void tst_QNetworkReply::ioHttpCookiesDuringRedirect()
+{
+    MiniHttpServer target(httpEmpty200Response, false);
+
+    const QString cookieHeader = QStringLiteral("Set-Cookie: hello=world; Path=/;\r\n");
+    QString redirect = tempRedirectReplyStr();
+    // Insert 'cookieHeader' before the final \r\n
+    redirect.insert(redirect.length() - 2, cookieHeader);
+
+    QUrl url("http://localhost/");
+    url.setPort(target.serverPort());
+    redirect = redirect.arg(url.toString());
+    MiniHttpServer redirectServer(redirect.toLatin1(), false);
+
+    url = QUrl("http://localhost/");
+    url.setPort(redirectServer.serverPort());
+    QNetworkRequest request(url);
+    auto oldRedirectPolicy = manager.redirectPolicy();
+    manager.setRedirectPolicy(QNetworkRequest::RedirectPolicy::NoLessSafeRedirectPolicy);
+    QNetworkReplyPtr reply(manager.get(request));
+    // Set policy back to whatever it was
+    manager.setRedirectPolicy(oldRedirectPolicy);
+
+    QVERIFY(waitForFinish(reply) == Success);
+    QVERIFY(target.receivedData.contains("\r\nCookie: hello=world\r\n"));
+}
+
 #ifndef QT_NO_SSL

 class PutWithServerClosingConnectionImmediatelyHandler: public QObject