Title: [200148] trunk/Source/WebKit2
- Revision
- 200148
- Author
- [email protected]
- Date
- 2016-04-27 13:49:14 -0700 (Wed, 27 Apr 2016)
Log Message
Fix client certificate authentication with NSURLSession on iOS
https://bugs.webkit.org/show_bug.cgi?id=157094
<rdar://problem/25946859>
Patch by Alex Christensen <[email protected]> on 2016-04-27
Reviewed by Darin Adler.
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
We only want to create a non-persistent credential with the given user and password
and store the user and password in the CredentialStorage if there is a user and password.
We previously only skipped this if we were doing server trust evaluation, in which case
we will have a credential from serverTrustCredential which has no user or password.
When doing client certificate authentication on iOS, this completion handler is called with
a credential with session persistence and also no user or password, so we need to do the same thing.
The reason this was never hit on Mac was because the credential came from tryUseCertificateInfoForChallenge,
which always had persistence none.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (200147 => 200148)
--- trunk/Source/WebKit2/ChangeLog 2016-04-27 20:37:49 UTC (rev 200147)
+++ trunk/Source/WebKit2/ChangeLog 2016-04-27 20:49:14 UTC (rev 200148)
@@ -1,3 +1,22 @@
+2016-04-27 Alex Christensen <[email protected]>
+
+ Fix client certificate authentication with NSURLSession on iOS
+ https://bugs.webkit.org/show_bug.cgi?id=157094
+ <rdar://problem/25946859>
+
+ Reviewed by Darin Adler.
+
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+ We only want to create a non-persistent credential with the given user and password
+ and store the user and password in the CredentialStorage if there is a user and password.
+ We previously only skipped this if we were doing server trust evaluation, in which case
+ we will have a credential from serverTrustCredential which has no user or password.
+ When doing client certificate authentication on iOS, this completion handler is called with
+ a credential with session persistence and also no user or password, so we need to do the same thing.
+ The reason this was never hit on Mac was because the credential came from tryUseCertificateInfoForChallenge,
+ which always had persistence none.
+
2016-04-27 Claudio Saavedra <[email protected]>
[GTK][EFL] Move WK2 platform code to a common place
Modified: trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm (200147 => 200148)
--- trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2016-04-27 20:37:49 UTC (rev 200147)
+++ trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2016-04-27 20:49:14 UTC (rev 200148)
@@ -150,7 +150,7 @@
UNUSED_PARAM(sessionID);
UNUSED_PARAM(authenticationChallenge);
#else
- if (credential.persistence() == WebCore::CredentialPersistenceForSession && authenticationChallenge.protectionSpace().authenticationScheme() != WebCore::ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) {
+ if (credential.persistence() == WebCore::CredentialPersistenceForSession && authenticationChallenge.protectionSpace().isPasswordBased()) {
WebCore::Credential nonPersistentCredential(credential.user(), credential.password(), WebCore::CredentialPersistenceNone);
WebCore::URL urlToStore;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
