diff --git a/src/ioslaves/ftp/ftp.cpp b/src/ioslaves/ftp/ftp.cpp
--- a/src/ioslaves/ftp/ftp.cpp
+++ b/src/ioslaves/ftp/ftp.cpp
@@ -425,7 +425,7 @@
     int errorCode = 0;
     QString errorMessage;
 
-    Q_FOREACH (const QString &proxyUrl, m_proxyUrls) {
+    for (const QString &proxyUrl : qAsConst(m_proxyUrls)) {
         const QUrl url(proxyUrl);
         const QString scheme(url.scheme());
 
diff --git a/src/ioslaves/http/http.cpp b/src/ioslaves/http/http.cpp
--- a/src/ioslaves/http/http.cpp
+++ b/src/ioslaves/http/http.cpp
@@ -1652,7 +1652,7 @@
 
         errorString += QLatin1String("<ul>");
 
-        Q_FOREACH (const QString &error, errors) {
+        for (const QString &error : qAsConst(errors)) {
             errorString += QLatin1String("<li>") + error + QLatin1String("</li>");
         }
 
@@ -1973,7 +1973,7 @@
         //### for the moment we use a hack: instead of saving and restoring request-id
         //    we just count up like ParallelGetJobs does.
         int requestId = 0;
-        Q_FOREACH (const HTTPRequest &r, m_requestQueue) {
+        for (const HTTPRequest &r : qAsConst(m_requestQueue)) {
             m_request = r;
             qCDebug(KIO_HTTP) << "check two: isKeepAlive =" << m_request.isKeepAlive;
             setMetaData(QStringLiteral("request-id"), QString::number(requestId++));
@@ -2130,7 +2130,7 @@
     }
 
     if (!m_request.proxyUrls.isEmpty() && !isAutoSsl()) {
-        Q_FOREACH (const QString &url, m_request.proxyUrls) {
+        for (const QString &url : qAsConst(m_request.proxyUrls)) {
             if (url != QLatin1String("DIRECT")) {
                 if (isCompatibleNextUrl(m_server.proxyUrl, QUrl(url))) {
                     return false;
@@ -2169,7 +2169,7 @@
         connectError = connectToHost(m_request.url.host(), m_request.url.port(defaultPort()), &errorString);
     } else {
         QList<QUrl> badProxyUrls;
-        Q_FOREACH (const QString &proxyUrl, m_request.proxyUrls) {
+        for (const QString &proxyUrl : qAsConst(m_request.proxyUrls)) {
             if (proxyUrl == QLatin1String("DIRECT")) {
                 QNetworkProxy::setApplicationProxy(QNetworkProxy::NoProxy);
                 connectError = connectToHost(m_request.url.host(), m_request.url.port(defaultPort()), &errorString);
@@ -2609,7 +2609,8 @@
     }
 
     qCDebug(KIO_HTTP) << "============ Sending Header:";
-    Q_FOREACH (const QString &s, header.split(QStringLiteral("\r\n"), QString::SkipEmptyParts)) {
+    const QStringList list = header.split(QStringLiteral("\r\n"), QString::SkipEmptyParts);
+    for (const QString &s : list) {
         qCDebug(KIO_HTTP) << s;
     }
 
@@ -2680,7 +2681,7 @@
         return false;
     }
 
-    Q_FOREACH (const QString &str, m_responseHeaders) {
+    for (const QString &str : qAsConst(m_responseHeaders)) {
         const QString header = str.trimmed();
         if (header.startsWith(QLatin1String("content-type:"), Qt::CaseInsensitive)) {
             int pos = header.indexOf(QLatin1String("charset="), Qt::CaseInsensitive);
@@ -3190,7 +3191,7 @@
 
             // If we still have text, then it means we have a mime-type with a
             // parameter (eg: charset=iso-8851) ; so let's get that...
-            Q_FOREACH (const QByteArray &statement, l) {
+            for (const QByteArray &statement : qAsConst(l)) {
                 const int index = statement.indexOf('=');
                 if (index <= 0) {
                     mediaAttribute = toQString(statement.mid(0, index));
@@ -3367,7 +3368,7 @@
             QString offered = toQString(tIt.next());
             upgradeOffers = offered.split(QRegExp(QStringLiteral("[ \n,\r\t]")), QString::SkipEmptyParts);
         }
-        Q_FOREACH (const QString &opt, upgradeOffers) {
+        for (const QString &opt : qAsConst(upgradeOffers)) {
             if (opt == QLatin1String("TLS/1.0")) {
                 if (!startSsl() && upgradeRequired) {
                     error(ERR_UPGRADE_REQUIRED, opt);
diff --git a/src/ioslaves/http/http_cache_cleaner.cpp b/src/ioslaves/http/http_cache_cleaner.cpp
--- a/src/ioslaves/http/http_cache_cleaner.cpp
+++ b/src/ioslaves/http/http_cache_cleaner.cpp
@@ -128,7 +128,7 @@
         out << "\n encoded URL      " << url;
         out << "\n mimetype         " << mimeType;
         out << "\nResponse headers follow...\n";
-        Q_FOREACH (const QString &h, responseHeaders) {
+        for (const QString &h : qAsConst(responseHeaders)) {
             out << h << '\n';
         }
     }
diff --git a/src/ioslaves/http/httpauthentication.cpp b/src/ioslaves/http/httpauthentication.cpp
--- a/src/ioslaves/http/httpauthentication.cpp
+++ b/src/ioslaves/http/httpauthentication.cpp
@@ -545,7 +545,8 @@
         info.algorithm = "MD5";
     }
 
-    Q_FOREACH (const QByteArray &path, valueForKey(m_challenge, "domain").split(' ')) {
+    const QList<QByteArray> list = valueForKey(m_challenge, "domain").split(' ');
+    for (const QByteArray &path : list) {
         QUrl u = m_resource.resolved(QUrl(QString::fromUtf8(path)));
         if (u.isValid()) {
             info.digestURIs.append(u);
@@ -596,7 +597,7 @@
             requestPath = QLatin1Char('/');
         }
 
-        Q_FOREACH (const QUrl &u, info.digestURIs) {
+        for (const QUrl &u : qAsConst(info.digestURIs)) {
             send &= (m_resource.scheme().toLower() == u.scheme().toLower());
             send &= (m_resource.host().toLower() == u.host().toLower());
 
diff --git a/src/ioslaves/http/kcookiejar/kcookiejar.cpp b/src/ioslaves/http/kcookiejar/kcookiejar.cpp
--- a/src/ioslaves/http/kcookiejar/kcookiejar.cpp
+++ b/src/ioslaves/http/kcookiejar/kcookiejar.cpp
@@ -345,7 +345,7 @@
         if (cookiePtr.name() == cookie.name() &&
                 (nameMatchOnly || (domain1 == domain2 && cookiePtr.path() == cookie.path()))) {
             if (updateWindowId) {
-                Q_FOREACH (WId windowId, cookie.windowIds()) {
+                for (WId windowId : cookie.windowIds()) {
                     if (windowId && (!cookiePtr.windowIds().contains(windowId))) {
                         cookiePtr.windowIds().append(windowId);
                     }
@@ -1222,15 +1222,17 @@
         return;
     }
 
-    Q_FOREACH (const QString &domain, m_domainList) {
+    for (const QString &domain : qAsConst(m_domainList)) {
         eatSessionCookies(domain, windowId, false);
     }
 }
 
 void KCookieJar::eatAllCookies()
 {
-    Q_FOREACH (const QString &domain, m_domainList) {
-        eatCookiesForDomain(domain);    // This might remove domain from m_domainList!
+    // we need a copy as eatCookiesForDomain() might remove domain from m_domainList
+    const QStringList list = m_domainList;
+    for (const QString &domain : list) {
+        eatCookiesForDomain(domain);
     }
 }
 
@@ -1408,8 +1410,8 @@
     const QString host = str.left(index);
     if (ports) {
         bool ok;
-        QStringList portList = str.mid(index + 1).split(QL1C(','));
-        Q_FOREACH (const QString &portStr, portList) {
+        const QStringList list = str.mid(index + 1).split(QL1C(','));
+        for (const QString &portStr : list) {
             const int portNum = portStr.toInt(&ok);
             if (ok) {
                 ports->append(portNum);
@@ -1577,7 +1579,9 @@
     m_globalAdvice = strToAdvice(policyGroup.readEntry("CookieGlobalAdvice", QStringLiteral("Accept")));
 
     // Reset current domain settings first.
-    Q_FOREACH (const QString &domain, m_domainList) {
+    // We need a copy as setDomainAdvice() may modify m_domainList
+    const QStringList list = m_domainList;
+    for (const QString &domain : list) {
         setDomainAdvice(domain, KCookieDunno);
     }
 
diff --git a/src/ioslaves/http/kcookiejar/kcookieserver.cpp b/src/ioslaves/http/kcookiejar/kcookieserver.cpp
--- a/src/ioslaves/http/kcookiejar/kcookieserver.cpp
+++ b/src/ioslaves/http/kcookiejar/kcookieserver.cpp
@@ -142,7 +142,7 @@
 
     QStringList domains;
     mCookieJar->extractDomains(fqdn, domains);
-    Q_FOREACH (const KHttpCookie &cookie, *mPendingCookies) {
+    for (const KHttpCookie &cookie : qAsConst(*mPendingCookies)) {
         if (cookie.match(fqdn, domains, path)) {
             if (!cookieList) {
                 return true;
@@ -389,7 +389,7 @@
 KCookieServer::findDomains()
 {
     QStringList result;
-    Q_FOREACH (const QString &domain, mCookieJar->getDomainList()) {
+    for (const QString &domain : mCookieJar->getDomainList()) {
         // Ignore domains that have policy set for but contain
         // no cookies whatsoever...
         const KHttpCookieList *list =  mCookieJar->getCookieList(domain, QString());
@@ -418,7 +418,7 @@
             if (!list) {
                 continue;
             }
-            Q_FOREACH (const KHttpCookie &cookie, *list) {
+            for (const KHttpCookie &cookie : *list) {
                 if (cookie.isExpired()) {
                     continue;
                 }
@@ -431,7 +431,7 @@
             if (!list) {
                 continue;
             }
-            Q_FOREACH (const KHttpCookie &cookie, *list) {
+            for (const KHttpCookie &cookie : *list) {
                 if (cookie.isExpired()) {
                     continue;
                 }
diff --git a/src/ioslaves/trash/trashimpl.cpp b/src/ioslaves/trash/trashimpl.cpp
--- a/src/ioslaves/trash/trashimpl.cpp
+++ b/src/ioslaves/trash/trashimpl.cpp
@@ -714,7 +714,8 @@
         //const int trashId = trit.key();
         QString filesDir = trit.value();
         filesDir += QLatin1String("/files");
-        Q_FOREACH (const QString &fileName, listDir(filesDir)) {
+        const QStringList list = listDir(filesDir);
+        for (const QString &fileName : list) {
             if (fileName == QLatin1Char('.') || fileName == QLatin1String("..")) {
                 continue;
             }