Skip to content

fix(accessmanager): manually handle redirects #9247

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nilsding merged 3 commits into from
Dec 15, 2025
Merged

fix(accessmanager): manually handle redirects #9247

nilsding merged 3 commits into from
Dec 15, 2025
+168 −12

Conversation

@nilsding
Copy link
Member

@nilsding nilsding commented Dec 15, 2025

Since Qt 6 the default redirection policy is NoLessSafeRedirectPolicy. This resulted in the custom redirect logic in AbstractNetworkJob::slotFinished never being used (this one already takes care of checking for HTTPS->HTTP downgrades, and if HSTS is enabled for the given host the request would be sent as HTTPS anyway).

@nilsding
fix(accessmanager): manually handle redirects
b8a2adb 
Since Qt 6 the default redirection policy is `NoLessSafeRedirectPolicy`.
This resulted in the `QNetworkReply::redirected` signal to never be
emitted.

Signed-off-by: Jyrki Gadinger <[email protected]>
@nilsding
refactor: move custom attribute to base class
1fc6c3a 
Signed-off-by: Jyrki Gadinger <[email protected]>
@nilsding
fix: ensure redirect targets are trusted
585b6ca 
Signed-off-by: Jyrki Gadinger <[email protected]>
@nilsding nilsding added this to the 4.1.0 milestone Dec 15, 2025
@nilsding nilsding self-assigned this Dec 15, 2025
@nilsding nilsding enabled auto-merge December 15, 2025 11:30
@github-actions
Copy link

github-actions bot commented Dec 15, 2025

Artifact containing the AppImage: nextcloud-appimage-pr-9247.zip

Digest: sha256:f7dfa5d0a06af1201ddf00dc38cee93eb88f0f0f01d24626a0c062f8deaf8e2c

To test this change/fix you can download the above artifact file, unzip it, and run it.

Please make sure to quit your existing Nextcloud app and backup your data.

@nilsding nilsding merged commit 815a59a into master Dec 15, 2025
20 checks passed
@nilsding nilsding deleted the bugfix/noid/qt6-redirects branch December 15, 2025 12:24
@mgallien
Copy link
Collaborator

mgallien commented Dec 15, 2025

/backport to stable-4.0

@backportbot backportbot bot mentioned this pull request Dec 15, 2025
Merged
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 15, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
Image 21 Security Hotspots
Image 6.5% Duplication on New Code (required ≤ 3%)
Image E Maintainability Rating on New Code (required ≥ A)
Image 55 New Code Smells (required ≤ 0)

See analysis details on SonarQube Cloud

Image Catch issues before they fail your Quality Gate with our IDE extension Image SonarQube for IDE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mgallien mgallien mgallien approved these changes

@Aiiaiiio Aiiaiiio Awaiting requested review from Aiiaiiio Aiiaiiio is a code owner

@camilasan camilasan Awaiting requested review from camilasan camilasan is a code owner

@i2h3 i2h3 Awaiting requested review from i2h3 i2h3 is a code owner

Assignees

@nilsding nilsding

Labels

None yet

Projects

None yet

Milestone

4.1.0

Development

Successfully merging this pull request may close these issues.

3 participants

@nilsding @mgallien