[webkit-changes] [116488] trunk

Tue, 08 May 2012 20:34:28 -0700

Title: [116488] trunk
Revision
116488
Author
[email protected]
Date
2012-05-08 20:35:14 -0700 (Tue, 08 May 2012)

Log Message

[BlackBerry] Auth credentials set in private mode are reused in public mode.
https://bugs.webkit.org/show_bug.cgi?id=84697

Patch by Jason Liu <[email protected]> on 2012-05-08
Reviewed by Rob Buis.

Add setPrivateMode function for CredentialStorage.

Source/WebCore:

Now, we only save credentials in memory and CredentialBackingStore isn't enabled.
When we set private mode from on to off, we clear all these temporary credentials.

We have to change Private Browsing to test, so have to write a manual test case.
Test: ManualTests/blackberry/http-auth-private-mode-changed.html

* network/CredentialStorage.cpp:
(WebCore::CredentialStorage::setPrivateMode):
(WebCore):
* platform/network/CredentialStorage.h:
(CredentialStorage):

Source/WebKit/blackberry:

We have to change Private Browsing to test, so have to write a manual test case.
Test: ManualTests/blackberry/http-auth-private-mode-changed.html

* Api/WebPage.cpp:
(BlackBerry::WebKit::WebPagePrivate::didChangeSettings):

Modified Paths

Added Paths

Diff

Added: trunk/ManualTests/blackberry/http-auth-private-mode-changed.html (0 => 116488)


--- trunk/ManualTests/blackberry/http-auth-private-mode-changed.html	                        (rev 0)
+++ trunk/ManualTests/blackberry/http-auth-private-mode-changed.html	2012-05-09 03:35:14 UTC (rev 116488)
@@ -0,0 +1,16 @@
+<html>
+  <body>
+    <p>Both http-auth-private-mode-changed.html and http-auth-private-mode-changed.php must be served over http.</p>
+    <p>This tests the behavior of http authentication when private browsering is set from on to off. This is for <a href=""
+    <p>
+      Test steps:<br>
+      1. Set Private Browsing on. (Settings -> Privacy & Security -> Private Browsing).<br>
+      2. Press <a href="" test here</a>.<br>
+      3. When dialog pops up, enter real credential(username: "aaaa", password: "aaaa") and press Ok button.<br>
+      4. Set Private Browsing off. (Settings -> Privacy & Security -> Private Browsing).<br>
+      5. Refresh the page.<br>
+      6. There should be a dialog for you to input username and password again.<br>
+         If you can't see the dialog, this test fails.<br>
+    </p>
+  </body>
+</html>

Added: trunk/ManualTests/blackberry/http-auth-private-mode-changed.php (0 => 116488)


--- trunk/ManualTests/blackberry/http-auth-private-mode-changed.php	                        (rev 0)
+++ trunk/ManualTests/blackberry/http-auth-private-mode-changed.php	2012-05-09 03:35:14 UTC (rev 116488)
@@ -0,0 +1,17 @@
+<?php
+    $username = $password = "aaaa";
+
+    if ($_SERVER['PHP_AUTH_USER'] == $username && $_SERVER['PHP_AUTH_PW'] == $password){
+        echo 'Test steps:<br>';
+        echo '1. Set Private Browsing off. (Settings -> Privacy & Security -> Private Browsing)<br>';
+        echo '2. Refresh the page.<br>';
+        echo '3. There should be a dialog for you to input username and password again.<br>';
+        echo 'If you can\'t see the dialog, this test fails.<br>';
+        exit;
+    } else {
+        header('WWW-Authenticate: Basic realm="My Realm"');
+        header('HTTP/1.0 401 Unauthorized');
+        echo "Authorization Required.";
+        exit;
+    }
+?>

Modified: trunk/Source/WebCore/ChangeLog (116487 => 116488)


--- trunk/Source/WebCore/ChangeLog	2012-05-09 03:23:16 UTC (rev 116487)
+++ trunk/Source/WebCore/ChangeLog	2012-05-09 03:35:14 UTC (rev 116488)
@@ -1,3 +1,24 @@
+2012-05-08  Jason Liu  <[email protected]>
+
+        [BlackBerry] Auth credentials set in private mode are reused in public mode.
+        https://bugs.webkit.org/show_bug.cgi?id=84697
+
+        Reviewed by Rob Buis.
+
+        Add setPrivateMode function for CredentialStorage.
+
+        Now, we only save credentials in memory and CredentialBackingStore isn't enabled.
+        When we set private mode from on to off, we clear all these temporary credentials.
+
+        We have to change Private Browsing to test, so have to write a manual test case.
+        Test: ManualTests/blackberry/http-auth-private-mode-changed.html
+
+        * network/CredentialStorage.cpp:
+        (WebCore::CredentialStorage::setPrivateMode):
+        (WebCore):
+        * platform/network/CredentialStorage.h:
+        (CredentialStorage):
+
 2012-05-08  Rakesh KN  <[email protected]>
 
         RadioNodeList support in HTMLFormElement::elements

Modified: trunk/Source/WebCore/platform/network/CredentialStorage.cpp (116487 => 116488)


--- trunk/Source/WebCore/platform/network/CredentialStorage.cpp	2012-05-09 03:23:16 UTC (rev 116487)
+++ trunk/Source/WebCore/platform/network/CredentialStorage.cpp	2012-05-09 03:35:14 UTC (rev 116488)
@@ -159,4 +159,10 @@
     return protectionSpaceToCredentialMap().get(iter->second);
 }
 
+void CredentialStorage::setPrivateMode(bool mode)
+{
+    if (!mode)
+        protectionSpaceToCredentialMap().clear();
+}
+
 } // namespace WebCore

Modified: trunk/Source/WebCore/platform/network/CredentialStorage.h (116487 => 116488)


--- trunk/Source/WebCore/platform/network/CredentialStorage.h	2012-05-09 03:23:16 UTC (rev 116487)
+++ trunk/Source/WebCore/platform/network/CredentialStorage.h	2012-05-09 03:35:14 UTC (rev 116488)
@@ -46,6 +46,8 @@
     // a client should assume that all paths at or deeper than the depth of a known protected resource share are within the same protection space.
     static bool set(const Credential&, const KURL&); // Returns true if the URL corresponds to a known protection space, so credentials could be updated.
     static Credential get(const KURL&);
+
+    static void setPrivateMode(bool);
 };
 
 } // namespace WebCore

Modified: trunk/Source/WebKit/blackberry/Api/WebPage.cpp (116487 => 116488)


--- trunk/Source/WebKit/blackberry/Api/WebPage.cpp	2012-05-09 03:23:16 UTC (rev 116487)
+++ trunk/Source/WebKit/blackberry/Api/WebPage.cpp	2012-05-09 03:35:14 UTC (rev 116488)
@@ -35,6 +35,7 @@
 #include "ContextMenuClientBlackBerry.h"
 #include "CookieManager.h"
 #include "CredentialManager.h"
+#include "CredentialStorage.h"
 #include "CredentialTransformData.h"
 #include "DOMSupport.h"
 #include "Database.h"
@@ -5994,6 +5995,8 @@
 
     cookieManager().setPrivateMode(webSettings->isPrivateBrowsingEnabled());
 
+    CredentialStorage::setPrivateMode(webSettings->isPrivateBrowsingEnabled());
+
     if (m_mainFrame && m_mainFrame->view()) {
         Color backgroundColor(webSettings->backgroundColor());
         m_mainFrame->view()->updateBackgroundRecursively(backgroundColor, backgroundColor.hasAlpha());

Modified: trunk/Source/WebKit/blackberry/ChangeLog (116487 => 116488)


--- trunk/Source/WebKit/blackberry/ChangeLog	2012-05-09 03:23:16 UTC (rev 116487)
+++ trunk/Source/WebKit/blackberry/ChangeLog	2012-05-09 03:35:14 UTC (rev 116488)
@@ -1,3 +1,18 @@
+2012-05-08  Jason Liu  <[email protected]>
+
+        [BlackBerry] Auth credentials set in private mode are reused in public mode.
+        https://bugs.webkit.org/show_bug.cgi?id=84697
+
+        Reviewed by Rob Buis.
+
+        Add setPrivateMode function for CredentialStorage.
+
+        We have to change Private Browsing to test, so have to write a manual test case.
+        Test: ManualTests/blackberry/http-auth-private-mode-changed.html
+
+        * Api/WebPage.cpp:
+        (BlackBerry::WebKit::WebPagePrivate::didChangeSettings):
+
 2012-05-08  Crystal Zhang  <[email protected]>
     
             [BlackBerry] Implement a popup client for HTML controls

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to