[webkit-changes] [210235] trunk/Source/WebKit2

[carlosgc]

Title: [210235] trunk/Source/WebKit2

Revision

210235

Author

carlo...@webkit.org

Date

2017-01-03 01:08:21 -0800 (Tue, 03 Jan 2017)

Log Message

[SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
https://bugs.webkit.org/show_bug.cgi?id=164471

Reviewed by Michael Catanzaro.

When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that
disables all HTTP authentication, causing the load to always fail with Authorization required even when
clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the
WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the
SoupAuthManager feature. Libsoup 2.57.1 has new API to disable the use of cached credentials for a particular
message, adding the new message flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE.

* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::createRequest): Set SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag to disable cached
credentials for the message if libsoup >= 2.57.1 is used.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp

Diff

Modified: trunk/Source/WebKit2/ChangeLog (210234 => 210235)

--- trunk/Source/WebKit2/ChangeLog	2017-01-03 09:04:20 UTC (rev 210234)
+++ trunk/Source/WebKit2/ChangeLog	2017-01-03 09:08:21 UTC (rev 210235)
@@ -1,5 +1,23 @@
 2017-01-03  Carlos Garcia Campos  <cgar...@igalia.com>
 
+        [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
+        https://bugs.webkit.org/show_bug.cgi?id=164471
+
+        Reviewed by Michael Catanzaro.
+
+        When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that
+        disables all HTTP authentication, causing the load to always fail with Authorization required even when
+        clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the
+        WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the
+        SoupAuthManager feature. Libsoup 2.57.1 has new API to disable the use of cached credentials for a particular
+        message, adding the new message flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE.
+
+        * NetworkProcess/soup/NetworkDataTaskSoup.cpp:
+        (WebKit::NetworkDataTaskSoup::createRequest): Set SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag to disable cached
+        credentials for the message if libsoup >= 2.57.1 is used.
+
+2017-01-03  Carlos Garcia Campos  <cgar...@igalia.com>
+
         [GTK] HTTP auth layout tests are flaky
         https://bugs.webkit.org/show_bug.cgi?id=158919
 

Modified: trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp (210234 => 210235)

--- trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp	2017-01-03 09:04:20 UTC (rev 210234)
+++ trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp	2017-01-03 09:08:21 UTC (rev 210235)
@@ -129,13 +129,19 @@
         return;
     }
 
+    unsigned messageFlags = SOUP_MESSAGE_NO_REDIRECT;
+
     request.updateSoupMessage(soupMessage.get());
     if (m_shouldContentSniff == DoNotSniffContent)
         soup_message_disable_feature(soupMessage.get(), SOUP_TYPE_CONTENT_SNIFFER);
     if (m_user.isEmpty() && m_password.isEmpty() && m_storedCredentials == DoNotAllowStoredCredentials) {
+#if SOUP_CHECK_VERSION(2, 57, 1)
+        messageFlags |= SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE;
+#else
         // In case credential is not available and credential storage should not to be used,
         // disable authentication manager so that credentials stored in libsoup are not used.
         soup_message_disable_feature(soupMessage.get(), SOUP_TYPE_AUTH_MANAGER);
+#endif
     }
 
     // Make sure we have an Accept header for subresources; some sites want this to serve some of their subresources.
@@ -148,8 +154,7 @@
     if ((soupMessage->method == SOUP_METHOD_POST || soupMessage->method == SOUP_METHOD_PUT) && !soupMessage->request_body->length)
         soup_message_headers_set_content_length(soupMessage->request_headers, 0);
 
-    unsigned flags = SOUP_MESSAGE_NO_REDIRECT;
-    soup_message_set_flags(soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(soupMessage.get()) | flags));
+    soup_message_set_flags(soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(soupMessage.get()) | messageFlags));
 
 #if SOUP_CHECK_VERSION(2, 43, 1)
     soup_message_set_priority(soupMessage.get(), toSoupMessagePriority(request.priority()));

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes