Fixing QNetworkAccessManager use for KDE services

Sun Feb 2 12:29:07 GMT 2020

Hi Ben,

sorry to hear about this pain you have in all the good work you do that allows 
us to enjoy the high reliability of the KDE services. I would like to help to 
reduce that pain.

Am Samstag, 1. Februar 2020, 23:24:14 CET schrieb Ben Cooksley:
> Hi all,
> 
> For an extremely long time now, it has been a known issue with the
> QNetworkAccessManager that by default it does not follow redirects as
> issued by the server it is accessing. This is something the Qt Project
> has refused to address using the justification of 'behavioural
> compatibility'

This justification makes sense to me. People who have had in their code manual 
redirect handling would not be happy if Qt suddenly starts to do things 
internally in potentially other ways.

Also are they announcing in the API dox to consider changing the default:
"For backwards compatibility the default value is 
QNetworkRequest::ManualRedirectPolicy. This may change in the future and some 
type of auto-redirect policy will become the default; clients relying on 
manual redirect handling are encouraged to set this policy explicitly in their 
code."
https://doc.qt.io/qt-5/qnetworkaccessmanager.html#setRedirectPolicy

> This behaviour is contrary to that of just about every other HTTP
> stack (with the exception of libcurl from my understanding) and is
> behaviour that nobody expects.

In my case it would be: nobody thought about.
When talking to a given hardcoded address, e.g. to query a data blob, and it 
no longer resolves I would rather expect by default that the service is no 
longer existing. Mentally driven by C++ ABI concepts that method names & 
signatures have to be stable ;)
Possibly admins/web service developers might think different, as they might 
like to be flexible under which urls to respond to requests, given redirects 
exists in the protocol and thus invite to be used.
Might be a clash of cultures to some degree.

> As a consequence of this (broken) behaviour, Sysadmin has been
> effectively forced to implement workarounds and other compatibility
> measures in place to keep applications functional.

It is also the consequence of no developers having picked up the new built-in 
redirect accepting options having appeared in Qt 5.6 or 5.9 (more control).
And they have not done so because they (at least me) have not been aware that 
KDE sysadmins would like to be flexible when it comes to data/web services on 
KDE servers and the addresses under which they are available. See below for 
proposal how to fix that.

[...]

> Therefore, given the Qt Project is unlikely to change their position
> on this, I would like to propose the following:
> 1) That effective immediately, QNetworkAccessManager and it's children
> classes be banned and prohibited within KDE software, to be enforced
> by server side hooks.
> 2) That we fork QNetworkAccessManager and the associated classes
> within the appropriate Framework (to be determined), where the
> defective behaviour can then be corrected.

I cannot see how both help with released code out there already in the wild. 
To prepare future released code to be supportive to your redirecting desires 
when it comes to KDE services, I would rather propose this:

A) Document the need to enable redirects in requests when using KDE server 
services in the coding policies as well in the documentation of the respective 
KDE services, including code examples how to write those.
B) Have a rally to fix all current code.
C) Have an issue on bugreports.qt.io to see that Qt 6 will have changed the 
default, to what web service developers/admins would prefer.

E.g. in KDevelop code there is a query for https://projects.kde.org/
kde_projects.xml. What kind of redirect support do KDE server admins expect to 
be supported? So what QNetworkRequest::RedirectPolicy value should be set? 
What QNetworkRequest::maximumRedirectsAllowed?
Ideally one could find answers to these questions on community.kde.org.

Cheers
Friedrich