<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[210235] trunk/Source/WebKit2</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/210235">210235</a></dd>
<dt>Author</dt> <dd>carlosgc@webkit.org</dd>
<dt>Date</dt> <dd>2017-01-03 01:08:21 -0800 (Tue, 03 Jan 2017)</dd>
</dl>
<h3>Log Message</h3>
<pre>[SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
https://bugs.webkit.org/show_bug.cgi?id=164471
Reviewed by Michael Catanzaro.
When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that
disables all HTTP authentication, causing the load to always fail with Authorization required even when
clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the
WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the
SoupAuthManager feature. Libsoup 2.57.1 has new API to disable the use of cached credentials for a particular
message, adding the new message flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE.
* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::createRequest): Set SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag to disable cached
credentials for the message if libsoup >= 2.57.1 is used.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2NetworkProcesssoupNetworkDataTaskSoupcpp">trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (210234 => 210235)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2017-01-03 09:04:20 UTC (rev 210234)
+++ trunk/Source/WebKit2/ChangeLog 2017-01-03 09:08:21 UTC (rev 210235)
</span><span class="lines">@@ -1,5 +1,23 @@
</span><span class="cx"> 2017-01-03 Carlos Garcia Campos <cgarcia@igalia.com>
</span><span class="cx">
</span><ins>+ [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
+ https://bugs.webkit.org/show_bug.cgi?id=164471
+
+ Reviewed by Michael Catanzaro.
+
+ When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that
+ disables all HTTP authentication, causing the load to always fail with Authorization required even when
+ clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the
+ WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the
+ SoupAuthManager feature. Libsoup 2.57.1 has new API to disable the use of cached credentials for a particular
+ message, adding the new message flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE.
+
+ * NetworkProcess/soup/NetworkDataTaskSoup.cpp:
+ (WebKit::NetworkDataTaskSoup::createRequest): Set SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag to disable cached
+ credentials for the message if libsoup >= 2.57.1 is used.
+
+2017-01-03 Carlos Garcia Campos <cgarcia@igalia.com>
+
</ins><span class="cx"> [GTK] HTTP auth layout tests are flaky
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=158919
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKit2NetworkProcesssoupNetworkDataTaskSoupcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp (210234 => 210235)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp 2017-01-03 09:04:20 UTC (rev 210234)
+++ trunk/Source/WebKit2/NetworkProcess/soup/NetworkDataTaskSoup.cpp 2017-01-03 09:08:21 UTC (rev 210235)
</span><span class="lines">@@ -129,13 +129,19 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ unsigned messageFlags = SOUP_MESSAGE_NO_REDIRECT;
+
</ins><span class="cx"> request.updateSoupMessage(soupMessage.get());
</span><span class="cx"> if (m_shouldContentSniff == DoNotSniffContent)
</span><span class="cx"> soup_message_disable_feature(soupMessage.get(), SOUP_TYPE_CONTENT_SNIFFER);
</span><span class="cx"> if (m_user.isEmpty() && m_password.isEmpty() && m_storedCredentials == DoNotAllowStoredCredentials) {
</span><ins>+#if SOUP_CHECK_VERSION(2, 57, 1)
+ messageFlags |= SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE;
+#else
</ins><span class="cx"> // In case credential is not available and credential storage should not to be used,
</span><span class="cx"> // disable authentication manager so that credentials stored in libsoup are not used.
</span><span class="cx"> soup_message_disable_feature(soupMessage.get(), SOUP_TYPE_AUTH_MANAGER);
</span><ins>+#endif
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Make sure we have an Accept header for subresources; some sites want this to serve some of their subresources.
</span><span class="lines">@@ -148,8 +154,7 @@
</span><span class="cx"> if ((soupMessage->method == SOUP_METHOD_POST || soupMessage->method == SOUP_METHOD_PUT) && !soupMessage->request_body->length)
</span><span class="cx"> soup_message_headers_set_content_length(soupMessage->request_headers, 0);
</span><span class="cx">
</span><del>- unsigned flags = SOUP_MESSAGE_NO_REDIRECT;
- soup_message_set_flags(soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(soupMessage.get()) | flags));
</del><ins>+ soup_message_set_flags(soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(soupMessage.get()) | messageFlags));
</ins><span class="cx">
</span><span class="cx"> #if SOUP_CHECK_VERSION(2, 43, 1)
</span><span class="cx"> soup_message_set_priority(soupMessage.get(), toSoupMessagePriority(request.priority()));
</span></span></pre>
</div>
</div>
</body>
</html>