Skip to content
Find file Blame History Permalink
  • robert@webkit.org's avatar
    [Qt] Fix http/tests/xmlhttprequest/cross-origin-no-authorization.html · bb7851be
    robert@webkit.org authored 
    2010-05-08  Robert Hogan  <robert@roberthogan.net>

        Reviewed by Simon Hausmann.

        [Qt] Fix http/tests/xmlhttprequest/cross-origin-no-authorization.html
             and http/tests/xmlhttprequest/cross-origin-authorization.html

        QHttpNetworkRequest adds Authorization and Cookie headers to XHRs
        without knowing if this is valid behaviour or not. In order to allow
        Qt to decide whether Cookie/Authorization headers should be added
        to an XHR QtWebKit needs to use an attribute added to QNetworkRequest.
        These new attributes are: QNetworkRequest::CookieLoadControlAttribute,
        QNetworkRequest::CookieSaveControlAttribute,and
        QNetworkRequest::AuthenticationReuseControlAttribute.

        QtWebKit will set QNetworkRequest::AuthenticationReuseControlAttribute to false
        unless withCredentials is set to true in the XHR.

        QtWebkit will set CookieLoad/SaveControlAttribute to false unless withCredentials
        is set to true in the XHR.

        Qt will pass the values onto QHttpNetworkRequest and this will permit
        the Qt network access processing to decide whether or not to add either
        or both of the Cookie/Authorisation headers, and whether to save cookies
        returned from such requests. By default the attribute
        will always be true so unless QtWebKit sets it to false normal
        header processing is unaffected.

        There are platform-specific results for cross-origin-no-authorization.html:

        1. Qt's DRT does not capture the final 'DONE'.
        2. QNetworkReplyHandler.cpp's ignoreHttpError() means that async requests
           do not execute didFail() when they receive a 401 HTTP response. This
           results in async tests passing with '401 Authorisation required' rather
           than 'received error event'.

        The Qt part of these changes was merged at: http://gitorious.org/qt/qt/merge_requests/592

        In order to properly support the tests, Qt's DRT needs to use one
        NetworkAccessManager for all pages. This allows it to use cached
        credentials where appropriate.

        The tests now pass when run individually but there seems to be a problem with
        leaking the results of requests across tests when run with the others in
        http/tests. This will be addressed in a separate patch.

        https://bugs.webkit.org/show_bug.cgi?id=32967

        * DumpRenderTree/qt/DumpRenderTreeQt.cpp:
        (WebCore::WebPage::WebPage):
        (WebCore::DumpRenderTree::DumpRenderTree):
        * DumpRenderTree/qt/DumpRenderTreeQt.h:
        * platform/network/qt/ResourceRequestQt.cpp:
        (WebCore::ResourceRequest::toNetworkRequest):
        * platform/qt/Skipped: Group together the tests that are waiting for 4.7 to be unskipped.
        * platform/qt/http/tests/xmlhttprequest/cross-origin-no-authorization-expected.txt: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@59020 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    bb7851be