Diff
Modified: trunk/Source/WebCore/ChangeLog (190412 => 190413)
--- trunk/Source/WebCore/ChangeLog 2015-10-01 17:16:40 UTC (rev 190412)
+++ trunk/Source/WebCore/ChangeLog 2015-10-01 17:18:28 UTC (rev 190413)
@@ -1,3 +1,22 @@
+2015-10-01 Carlos Garcia Campos <cgar...@igalia.com>
+
+ [GTK] Websites with invalid auth header keep loading forever
+ https://bugs.webkit.org/show_bug.cgi?id=149710
+
+ Reviewed by Martin Robinson.
+
+ We don't correctly handle a null realm from the server when
+ retrieving and storing credentials from libsecret. First
+ secret_attributes_build() fails because we pass a null domain, and
+ we pass null attributes to secret_service_search() that returns
+ early on a g_return macro and the callback is never called so the
+ load doesn't continue after the auth challenge.
+
+ * platform/network/gtk/CredentialBackingStore.cpp:
+ (WebCore::createAttributeHashTableFromChallenge):
+ (WebCore::CredentialBackingStore::credentialForChallenge):
+ (WebCore::CredentialBackingStore::storeCredentialsForChallenge):
+
2015-10-01 Youenn Fablet <youenn.fab...@crf.canon.fr>
Refactor binding generator to factor JS DOM class m_impl handling
Modified: trunk/Source/WebCore/platform/network/gtk/CredentialBackingStore.cpp (190412 => 190413)
--- trunk/Source/WebCore/platform/network/gtk/CredentialBackingStore.cpp 2015-10-01 17:16:40 UTC (rev 190412)
+++ trunk/Source/WebCore/platform/network/gtk/CredentialBackingStore.cpp 2015-10-01 17:18:28 UTC (rev 190413)
@@ -49,10 +49,14 @@
#if ENABLE(CREDENTIAL_STORAGE)
static GRefPtr<GHashTable> createAttributeHashTableFromChallenge(const AuthenticationChallenge& challenge, const Credential& credential = Credential())
{
+ const char* realm = soup_auth_get_realm(challenge.soupAuth());
+ if (!realm)
+ return nullptr;
+
SoupURI* uri = soup_message_get_uri(challenge.soupMessage());
GRefPtr<GHashTable> attributes = adoptGRef(secret_attributes_build(
SECRET_SCHEMA_COMPAT_NETWORK,
- "domain", soup_auth_get_realm(challenge.soupAuth()),
+ "domain", realm,
"server", uri->host,
"protocol", uri->scheme,
"authtype", soup_auth_get_scheme_name(challenge.soupAuth()),
@@ -109,10 +113,16 @@
callbackData->callback = callback;
callbackData->data = ""
+ GRefPtr<GHashTable> attributes = createAttributeHashTableFromChallenge(challenge);
+ if (!attributes) {
+ callback(Credential(), data);
+ return;
+ }
+
secret_service_search(
0, // The default SecretService.
SECRET_SCHEMA_COMPAT_NETWORK,
- createAttributeHashTableFromChallenge(challenge).get(),
+ attributes.get(),
searchFlags,
0, // cancellable
reinterpret_cast<GAsyncReadyCallback>(credentialForChallengeAsyncReadyCallback),
@@ -126,13 +136,17 @@
void CredentialBackingStore::storeCredentialsForChallenge(const AuthenticationChallenge& challenge, const Credential& credential)
{
#if ENABLE(CREDENTIAL_STORAGE)
+ GRefPtr<GHashTable> attributes = createAttributeHashTableFromChallenge(challenge, credential);
+ if (!attributes)
+ return;
+
CString utf8Password = credential.password().utf8();
GRefPtr<SecretValue> newSecretValue = adoptGRef(secret_value_new(utf8Password.data(), utf8Password.length(), "text/plain"));
secret_service_store(
0, // The default SecretService.
SECRET_SCHEMA_COMPAT_NETWORK,
- createAttributeHashTableFromChallenge(challenge, credential).get(),
+ attributes.get(),
SECRET_COLLECTION_DEFAULT,
_("WebKitGTK+ password"),
newSecretValue.get(),
Modified: trunk/Source/WebKit2/ChangeLog (190412 => 190413)
--- trunk/Source/WebKit2/ChangeLog 2015-10-01 17:16:40 UTC (rev 190412)
+++ trunk/Source/WebKit2/ChangeLog 2015-10-01 17:18:28 UTC (rev 190413)
@@ -1,3 +1,16 @@
+2015-10-01 Carlos Garcia Campos <cgar...@igalia.com>
+
+ [GTK] Websites with invalid auth header keep loading forever
+ https://bugs.webkit.org/show_bug.cgi?id=149710
+
+ Reviewed by Martin Robinson.
+
+ Do not show the remember credentials checkbutton in the auth
+ dialog if the realm is empty.
+
+ * UIProcess/API/gtk/WebKitAuthenticationDialog.cpp:
+ (webkitAuthenticationDialogInitialize):
+
2015-09-30 Chris Dumez <cdu...@apple.com>
Unreviewed, roll out r188331: "NetworkProcess: DNS prefetch happens in the Web Process"
Modified: trunk/Source/WebKit2/UIProcess/API/gtk/WebKitAuthenticationDialog.cpp (190412 => 190413)
--- trunk/Source/WebKit2/UIProcess/API/gtk/WebKitAuthenticationDialog.cpp 2015-10-01 17:16:40 UTC (rev 190412)
+++ trunk/Source/WebKit2/UIProcess/API/gtk/WebKitAuthenticationDialog.cpp 2015-10-01 17:18:28 UTC (rev 190413)
@@ -174,7 +174,7 @@
gtk_box_pack_start(GTK_BOX(authBox), grid, FALSE, FALSE, 0);
gtk_entry_set_visibility(GTK_ENTRY(priv->passwordEntry), FALSE);
- gtk_widget_set_visible(priv->rememberCheckButton, priv->credentialStorageMode != DisallowPersistentStorage);
+ gtk_widget_set_visible(priv->rememberCheckButton, priv->credentialStorageMode != DisallowPersistentStorage && !realm.isEmpty());
const WebCore::Credential& credentialFromPersistentStorage = challenge.proposedCredential();
if (!credentialFromPersistentStorage.isEmpty()) {
Modified: trunk/Tools/ChangeLog (190412 => 190413)
--- trunk/Tools/ChangeLog 2015-10-01 17:16:40 UTC (rev 190412)
+++ trunk/Tools/ChangeLog 2015-10-01 17:18:28 UTC (rev 190413)
@@ -1,3 +1,18 @@
+2015-10-01 Carlos Garcia Campos <cgar...@igalia.com>
+
+ [GTK] Websites with invalid auth header keep loading forever
+ https://bugs.webkit.org/show_bug.cgi?id=149710
+
+ Reviewed by Martin Robinson.
+
+ Add test case to check that we can authenticate sites with an
+ empty realm.
+
+ * TestWebKitAPI/Tests/WebKit2Gtk/TestAuthentication.cpp:
+ (testWebViewAuthenticationEmptyRealm):
+ (serverCallback):
+ (beforeAll):
+
2015-10-01 Alexey Proskuryakov <a...@apple.com>
[Mac] Make run-api-tests work with System Integrity Protection
Modified: trunk/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestAuthentication.cpp (190412 => 190413)
--- trunk/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestAuthentication.cpp 2015-10-01 17:16:40 UTC (rev 190412)
+++ trunk/Tools/TestWebKitAPI/Tests/WebKit2Gtk/TestAuthentication.cpp 2015-10-01 17:18:28 UTC (rev 190413)
@@ -232,6 +232,22 @@
g_assert_cmpstr(webkit_web_view_get_title(test->m_webView), ==, authExpectedSuccessTitle);
}
+static void testWebViewAuthenticationEmptyRealm(AuthenticationTest* test, gconstpointer)
+{
+ test->loadURI(kServer->getURIForPath("/empty-realm.html").data());
+ WebKitAuthenticationRequest* request = test->waitForAuthenticationRequest();
+ WebKitCredential* credential = webkit_credential_new(authTestUsername, authTestPassword, WEBKIT_CREDENTIAL_PERSISTENCE_FOR_SESSION);
+ webkit_authentication_request_authenticate(request, credential);
+ webkit_credential_free(credential);
+ test->waitUntilLoadFinished();
+
+ g_assert_cmpint(test->m_loadEvents.size(), ==, 3);
+ g_assert_cmpint(test->m_loadEvents[0], ==, LoadTrackingTest::ProvisionalLoadStarted);
+ g_assert_cmpint(test->m_loadEvents[1], ==, LoadTrackingTest::LoadCommitted);
+ g_assert_cmpint(test->m_loadEvents[2], ==, LoadTrackingTest::LoadFinished);
+ g_assert_cmpstr(webkit_web_view_get_title(test->m_webView), ==, authExpectedSuccessTitle);
+}
+
static void serverCallback(SoupServer*, SoupMessage* message, const char* path, GHashTable*, SoupClientContext*, void*)
{
if (message->method != SOUP_METHOD_GET) {
@@ -239,7 +255,7 @@
return;
}
- if (!strcmp(path, "/auth-test.html")) {
+ if (!strcmp(path, "/auth-test.html") || !strcmp(path, "/empty-realm.html")) {
const char* authorization = soup_message_headers_get_one(message->request_headers, "Authorization");
// Require authentication.
if (!g_strcmp0(authorization, authExpectedAuthorization)) {
@@ -250,7 +266,10 @@
} else if (++AuthenticationTest::authenticationRetries < 3) {
// No or invalid authorization header provided by the client, request authentication twice then fail.
soup_message_set_status(message, SOUP_STATUS_UNAUTHORIZED);
- soup_message_headers_append(message->response_headers, "WWW-Authenticate", "Basic realm=\"my realm\"");
+ if (!strcmp(path, "/empty-realm.html"))
+ soup_message_headers_append(message->response_headers, "WWW-Authenticate", "Basic");
+ else
+ soup_message_headers_append(message->response_headers, "WWW-Authenticate", "Basic realm=\"my realm\"");
// Include a failure message in case the user attempts to proceed without authentication.
soup_message_body_append(message->response_body, SOUP_MEMORY_STATIC, authFailureHTMLString, strlen(authFailureHTMLString));
} else {
@@ -276,6 +295,7 @@
AuthenticationTest::add("WebKitWebView", "authentication-failure", testWebViewAuthenticationFailure);
AuthenticationTest::add("WebKitWebView", "authentication-no-credential", testWebViewAuthenticationNoCredential);
AuthenticationTest::add("WebKitWebView", "authentication-storage", testWebViewAuthenticationStorage);
+ AuthenticationTest::add("WebKitWebView", "authentication-empty-realm", testWebViewAuthenticationEmptyRealm);
}
void afterAll()