-
beidson@apple.com authored
<rdar://problem/7174050> and https://bugs.webkit.org/show_bug.cgi?id=29160 Reviewed by Alexey Proskuryakov. WebCore: In http://trac.webkit.org/changeset/42483, we disabled CFNetwork's session credential storage and implemented our own in WebCore. One feature we lost is that CFNetwork would automatically send previously authenticated credentials with new connections when the paths match, as allowed by RFC 2617 for HTTP Basic and Digest Authentication. Even though it's optional for User Agents to do this, (some?) Linksys routers rely on this behavior for HTTP Basic Authentication. So now WebCore's CredentialStorage will track URL paths for Basic credentials. We're not making this enhancement for Digest at this time, since we don't know of anything that broke due to the change in Digest behavior. Test: http/tests/loading/basic-credentials-sent-automatically.html http/tests/loading/basic-auth-resend-wrong-credentials.html * WebCore.base.exp: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * platform/network/Credential.cpp: (WebCore::Credential::isEmpty): * platform/network/Credential.h: Add a slightly more full featured CredentialStore that will track URL paths a credential belongs to: * platform/network/CredentialStorage.cpp: Added. (WebCore::protectionSpaceToCredentialMap): (WebCore::originToDefaultCredentialMap): (WebCore::originStringFromURL): (WebCore::CredentialStorage::set): (WebCore::CredentialStorage::get): (WebCore::CredentialStorage::getDefaultAuthenticationCredential): * platform/network/CredentialStorage.h: Added. Allow ProtectionSpace to be a hash key: * platform/network/ProtectionSpace.cpp: (WebCore::ProtectionSpace::ProtectionSpace): * platform/network/ProtectionSpace.h: (WebCore::ProtectionSpace::ProtectionSpace): (WebCore::ProtectionSpace::isHashTableDeletedValue): * platform/network/ProtectionSpaceHash.h: Added. (WebCore::ProtectionSpaceHash::hash): (WebCore::ProtectionSpaceHash::equal): Allow ResourceHandles to remember the initial credential they used: * platform/network/ResourceHandleInternal.h: Allow mutable ResourceRequests to update their platform object if HTTP header fields change: * platform/network/ResourceRequestBase.cpp: (WebCore::ResourceRequestBase::addHTTPHeaderField): Remove WebCoreCredentialStorage: * platform/network/cf/AuthenticationCF.cpp: * platform/network/cf/AuthenticationCF.h: * platform/network/mac/AuthenticationMac.h: * platform/network/mac/AuthenticationMac.mm: Change ResourceHandleCFNet to try to use stored credentials on new connections, if appropriate: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::ResourceHandle::start): (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Only try the ProtectionSpace key'ed Credential if it does not match the initially used Credential. (WebCore::ResourceHandle::receivedCredential): (WebCore::WebCoreSynchronousLoader::didReceiveChallenge): Only try the ProtectionSpace key'ed Credential if it does not match the initially used Credential. (WebCore::WebCoreSynchronousLoader::load): Change ResourceHandleMac to try to use stored credentials on new connections, if appropriate: * platform/network/mac/ResourceHandleMac.mm: (WebCore::ResourceHandle::start): (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Only try the ProtectionSpace key'ed Credential if it does not match the initially used Credential. (WebCore::ResourceHandle::receivedCredential): (-[WebCoreSynchronousLoader connection:didReceiveAuthenticationChallenge:]): Only try the ProtectionSpace key'ed Credential if it does not match the initially used Credential. (+[WebCoreSynchronousLoader loadRequest:allowStoredCredentials:returningResponse:error:]): Add base64-ability to CString: * platform/text/CString.cpp: (WebCore::CStringBuffer::base64Encode): (WebCore::CString::base64Encode): * platform/text/CString.h: (WebCore::CStringBuffer::create): (WebCore::CStringBuffer::CStringBuffer): WebKit/mac: Adopt the new WebCore::CredentialStorage in WebKit/Mac. * Misc/WebDownload.mm: (-[WebDownloadInternal download:didReceiveAuthenticationChallenge:]): * Plugins/WebBaseNetscapePluginView.mm: (WebKit::getAuthenticationInfo): WebKit/win: Adopt the new WebCore::CredentialStorage in WebKit/Win. * WebDownloadCFNet.cpp: (WebDownload::didReceiveAuthenticationChallenge): WebKitTools: Add the ability for DRT to handle authentication challenges. * DumpRenderTree/LayoutTestController.cpp: (setAuthenticationPasswordCallback): (setAuthenticationUsernameCallback): (setHandlesAuthenticationChallengesCallback): (LayoutTestController::staticFunctions): * DumpRenderTree/LayoutTestController.h: (LayoutTestController::handlesAuthenticationChallenges): (LayoutTestController::setHandlesAuthenticationChallenges): (LayoutTestController::authenticationUsername): (LayoutTestController::setAuthenticationUsername): (LayoutTestController::authenticationPassword): (LayoutTestController::setAuthenticationPassword): * DumpRenderTree/mac/ResourceLoadDelegate.mm: (-[ResourceLoadDelegate webView:resource:didReceiveAuthenticationChallenge:fromDataSource:]): * DumpRenderTree/win/ResourceLoadDelegate.cpp: (ResourceLoadDelegate::didReceiveAuthenticationChallenge): * DumpRenderTree/win/ResourceLoadDelegate.h: LayoutTests: * http/tests/loading/basic-auth-resend-wrong-credentials-expected.txt: Added. * http/tests/loading/basic-auth-resend-wrong-credentials.html: Added. * http/tests/loading/basic-credentials-sent-automatically-expected.txt: Added. * http/tests/loading/basic-credentials-sent-automatically.html: Added. * http/tests/loading/resources/basic-auth-testing.php: Added. * http/tests/loading/resources/othersubresources: Added. * http/tests/loading/resources/othersubresources/protected-resource.php: Added. * http/tests/loading/resources/protected-resource.php: Added. * http/tests/loading/resources/subresources: Added. * http/tests/loading/resources/subresources/protected-resource.php: Added. * http/tests/loading/resources/test2: Added. * http/tests/loading/resources/test2/basic-auth-testing.php: Added. * http/tests/loading/resources/test2/protected-resource.php: Added. * platform/gtk/Skipped: * platform/qt/Skipped: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@48363 268f45cc-cd09-0410-ab3c-d52691b4dbfc
29c8b21b