<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[211753] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/211753">211753</a></dd>
<dt>Author</dt> <dd>achristensen@apple.com</dd>
<dt>Date</dt> <dd>2017-02-06 15:27:48 -0800 (Mon, 06 Feb 2017)</dd>
</dl>
<h3>Log Message</h3>
<pre>Fix non-cocoa builds after <a href="http://trac.webkit.org/projects/webkit/changeset/211751">r211751</a>.
https://bugs.webkit.org/show_bug.cgi?id=166998
* platform/network/cf/ResourceHandleCFNet.cpp:
(WebCore::ResourceHandle::createCFURLConnection):
(WebCore::ResourceHandle::willSendRequest):
(WebCore::ResourceHandle::tryHandlePasswordBasedAuthentication):
(WebCore::ResourceHandle::receivedCredential):
* platform/network/curl/ResourceHandleCurl.cpp:
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::receivedCredential):
* platform/network/curl/ResourceHandleManager.cpp:
(WebCore::ResourceHandleManager::applyAuthenticationToRequest):
* platform/network/soup/ResourceHandleSoup.cpp:
(WebCore::applyAuthenticationToRequest):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::receivedCredential):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcfResourceHandleCFNetcpp">trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcurlResourceHandleCurlcpp">trunk/Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkcurlResourceHandleManagercpp">trunk/Source/WebCore/platform/network/curl/ResourceHandleManager.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworksoupResourceHandleSoupcpp">trunk/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (211752 => 211753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2017-02-06 23:02:51 UTC (rev 211752)
+++ trunk/Source/WebCore/ChangeLog        2017-02-06 23:27:48 UTC (rev 211753)
</span><span class="lines">@@ -1,5 +1,25 @@
</span><span class="cx"> 2017-02-06 Alex Christensen <achristensen@webkit.org>
</span><span class="cx">
</span><ins>+ Fix non-cocoa builds after r211751.
+ https://bugs.webkit.org/show_bug.cgi?id=166998
+
+ * platform/network/cf/ResourceHandleCFNet.cpp:
+ (WebCore::ResourceHandle::createCFURLConnection):
+ (WebCore::ResourceHandle::willSendRequest):
+ (WebCore::ResourceHandle::tryHandlePasswordBasedAuthentication):
+ (WebCore::ResourceHandle::receivedCredential):
+ * platform/network/curl/ResourceHandleCurl.cpp:
+ (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
+ (WebCore::ResourceHandle::receivedCredential):
+ * platform/network/curl/ResourceHandleManager.cpp:
+ (WebCore::ResourceHandleManager::applyAuthenticationToRequest):
+ * platform/network/soup/ResourceHandleSoup.cpp:
+ (WebCore::applyAuthenticationToRequest):
+ (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
+ (WebCore::ResourceHandle::receivedCredential):
+
+2017-02-06 Alex Christensen <achristensen@webkit.org>
+
</ins><span class="cx"> credentials should be partitioned by main document domain
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=166998
</span><span class="cx"> rdar://problem/22901123
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcfResourceHandleCFNetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp (211752 => 211753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp        2017-02-06 23:02:51 UTC (rev 211752)
+++ trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp        2017-02-06 23:27:48 UTC (rev 211753)
</span><span class="lines">@@ -137,6 +137,12 @@
</span><span class="cx"> firstRequest().setURL(urlWithCredentials);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
</span><span class="cx"> // try and reuse the credential preemptively, as allowed by RFC 2617.
</span><span class="cx"> if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
</span><span class="lines">@@ -143,12 +149,12 @@
</span><span class="cx"> if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
</span><span class="cx"> // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
</span><span class="cx"> // try and reuse the credential preemptively, as allowed by RFC 2617.
</span><del>- d->m_initialCredential = d->m_context->storageSession().credentialStorage().get(firstRequest().url());
</del><ins>+ d->m_initialCredential = d->m_context->storageSession().credentialStorage().get(partition, firstRequest().url());
</ins><span class="cx"> } else {
</span><span class="cx"> // If there is already a protection space known for the URL, update stored credentials before sending a request.
</span><span class="cx"> // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
</span><span class="cx"> // (so that an authentication dialog doesn't pop up).
</span><del>- d->m_context->storageSession().credentialStorage().set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
</del><ins>+ d->m_context->storageSession().credentialStorage().set(partition, Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -300,6 +306,12 @@
</span><span class="cx"> d->m_lastHTTPMethod = request.httpMethod();
</span><span class="cx"> request.removeCredentials();
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url())) {
</span><span class="cx"> // The network layer might carry over some headers from the original request that
</span><span class="cx"> // we want to strip here because the redirect is cross-origin.
</span><span class="lines">@@ -309,7 +321,7 @@
</span><span class="cx"> // Only consider applying authentication credentials if this is actually a redirect and the redirect
</span><span class="cx"> // URL didn't include credentials of its own.
</span><span class="cx"> if (d->m_user.isEmpty() && d->m_pass.isEmpty() && !redirectResponse.isNull()) {
</span><del>- Credential credential = d->m_context->storageSession().credentialStorage().get(request.url());
</del><ins>+ Credential credential = d->m_context->storageSession().credentialStorage().get(partition, request.url());
</ins><span class="cx"> if (!credential.isEmpty()) {
</span><span class="cx"> d->m_initialCredential = credential;
</span><span class="cx">
</span><span class="lines">@@ -383,6 +395,12 @@
</span><span class="cx"> if (!challenge.protectionSpace().isPasswordBased())
</span><span class="cx"> return false;
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (!d->m_user.isNull() && !d->m_pass.isNull()) {
</span><span class="cx"> RetainPtr<CFURLCredentialRef> cfCredential = adoptCF(CFURLCredentialCreate(kCFAllocatorDefault, d->m_user.createCFString().get(), d->m_pass.createCFString().get(), 0, kCFURLCredentialPersistenceNone));
</span><span class="cx"> #if PLATFORM(COCOA)
</span><span class="lines">@@ -394,7 +412,7 @@
</span><span class="cx"> URL urlToStore;
</span><span class="cx"> if (challenge.failureResponse().httpStatusCode() == 401)
</span><span class="cx"> urlToStore = challenge.failureResponse().url();
</span><del>- d->m_context->storageSession().credentialStorage().set(credential, challenge.protectionSpace(), urlToStore);
</del><ins>+ d->m_context->storageSession().credentialStorage().set(partition, credential, challenge.protectionSpace(), urlToStore);
</ins><span class="cx">
</span><span class="cx"> CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
</span><span class="cx"> d->m_user = String();
</span><span class="lines">@@ -408,16 +426,16 @@
</span><span class="cx"> // The stored credential wasn't accepted, stop using it.
</span><span class="cx"> // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
</span><span class="cx"> // but the observable effect should be very minor, if any.
</span><del>- d->m_context->storageSession().credentialStorage().remove(challenge.protectionSpace());
</del><ins>+ d->m_context->storageSession().credentialStorage().remove(partition, challenge.protectionSpace());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!challenge.previousFailureCount()) {
</span><del>- Credential credential = d->m_context->storageSession().credentialStorage().get(challenge.protectionSpace());
</del><ins>+ Credential credential = d->m_context->storageSession().credentialStorage().get(partition, challenge.protectionSpace());
</ins><span class="cx"> if (!credential.isEmpty() && credential != d->m_initialCredential) {
</span><span class="cx"> ASSERT(credential.persistence() == CredentialPersistenceNone);
</span><span class="cx"> if (challenge.failureResponse().httpStatusCode() == 401) {
</span><span class="cx"> // Store the credential back, possibly adding it as a default for this directory.
</span><del>- d->m_context->storageSession().credentialStorage().set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
</del><ins>+ d->m_context->storageSession().credentialStorage().set(partition, credential, challenge.protectionSpace(), challenge.failureResponse().url());
</ins><span class="cx"> }
</span><span class="cx"> #if PLATFORM(COCOA)
</span><span class="cx"> CFURLConnectionUseCredential(d->m_connection.get(), credential.cfCredential(), challenge.cfURLAuthChallengeRef());
</span><span class="lines">@@ -470,9 +488,16 @@
</span><span class="cx">
</span><span class="cx"> URL urlToStore;
</span><span class="cx"> if (challenge.failureResponse().httpStatusCode() == 401)
</span><del>- urlToStore = challenge.failureResponse().url();
- d->m_context->storageSession().credentialStorage().set(webCredential, challenge.protectionSpace(), urlToStore);
</del><ins>+ urlToStore = challenge.failureResponse().url();
</ins><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
+ d->m_context->storageSession().credentialStorage().set(partition, webCredential, challenge.protectionSpace(), urlToStore);
+
</ins><span class="cx"> if (d->m_connection) {
</span><span class="cx"> #if PLATFORM(COCOA)
</span><span class="cx"> CFURLConnectionUseCredential(d->m_connection.get(), webCredential.cfCredential(), challenge.cfURLAuthChallengeRef());
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcurlResourceHandleCurlcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp (211752 => 211753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp        2017-02-06 23:02:51 UTC (rev 211752)
+++ trunk/Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp        2017-02-06 23:27:48 UTC (rev 211753)
</span><span class="lines">@@ -179,6 +179,12 @@
</span><span class="cx">
</span><span class="cx"> void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
</span><span class="cx"> {
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (!d->m_user.isNull() && !d->m_pass.isNull()) {
</span><span class="cx"> Credential credential(d->m_user, d->m_pass, CredentialPersistenceNone);
</span><span class="cx">
</span><span class="lines">@@ -185,7 +191,7 @@
</span><span class="cx"> URL urlToStore;
</span><span class="cx"> if (challenge.failureResponse().httpStatusCode() == 401)
</span><span class="cx"> urlToStore = challenge.failureResponse().url();
</span><del>- CredentialStorage::defaultCredentialStorage().set(credential, challenge.protectionSpace(), urlToStore);
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, credential, challenge.protectionSpace(), urlToStore);
</ins><span class="cx">
</span><span class="cx"> String userpass = credential.user() + ":" + credential.password();
</span><span class="cx"> curl_easy_setopt(d->m_handle, CURLOPT_USERPWD, userpass.utf8().data());
</span><span class="lines">@@ -201,16 +207,16 @@
</span><span class="cx"> // The stored credential wasn't accepted, stop using it.
</span><span class="cx"> // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
</span><span class="cx"> // but the observable effect should be very minor, if any.
</span><del>- CredentialStorage::defaultCredentialStorage().remove(challenge.protectionSpace());
</del><ins>+ CredentialStorage::defaultCredentialStorage().remove(partition, challenge.protectionSpace());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!challenge.previousFailureCount()) {
</span><del>- Credential credential = CredentialStorage::defaultCredentialStorage().get(challenge.protectionSpace());
</del><ins>+ Credential credential = CredentialStorage::defaultCredentialStorage().get(partition, challenge.protectionSpace());
</ins><span class="cx"> if (!credential.isEmpty() && credential != d->m_initialCredential) {
</span><span class="cx"> ASSERT(credential.persistence() == CredentialPersistenceNone);
</span><span class="cx"> if (challenge.failureResponse().httpStatusCode() == 401) {
</span><span class="cx"> // Store the credential back, possibly adding it as a default for this directory.
</span><del>- CredentialStorage::defaultCredentialStorage().set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, credential, challenge.protectionSpace(), challenge.failureResponse().url());
</ins><span class="cx"> }
</span><span class="cx"> String userpass = credential.user() + ":" + credential.password();
</span><span class="cx"> curl_easy_setopt(d->m_handle, CURLOPT_USERPWD, userpass.utf8().data());
</span><span class="lines">@@ -235,10 +241,16 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (shouldUseCredentialStorage()) {
</span><span class="cx"> if (challenge.failureResponse().httpStatusCode() == 401) {
</span><span class="cx"> URL urlToStore = challenge.failureResponse().url();
</span><del>- CredentialStorage::defaultCredentialStorage().set(credential, challenge.protectionSpace(), urlToStore);
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, credential, challenge.protectionSpace(), urlToStore);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkcurlResourceHandleManagercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/curl/ResourceHandleManager.cpp (211752 => 211753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/curl/ResourceHandleManager.cpp        2017-02-06 23:02:51 UTC (rev 211752)
+++ trunk/Source/WebCore/platform/network/curl/ResourceHandleManager.cpp        2017-02-06 23:27:48 UTC (rev 211753)
</span><span class="lines">@@ -1041,17 +1041,23 @@
</span><span class="cx"> // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open().
</span><span class="cx"> ResourceHandleInternal* d = handle->getInternal();
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = handle->firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (handle->shouldUseCredentialStorage()) {
</span><span class="cx"> if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
</span><span class="cx"> // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
</span><span class="cx"> // try and reuse the credential preemptively, as allowed by RFC 2617.
</span><del>- d->m_initialCredential = CredentialStorage::defaultCredentialStorage().get(request.url());
</del><ins>+ d->m_initialCredential = CredentialStorage::defaultCredentialStorage().get(partition, request.url());
</ins><span class="cx"> } else {
</span><span class="cx"> // If there is already a protection space known for the URL, update stored credentials
</span><span class="cx"> // before sending a request. This makes it possible to implement logout by sending an
</span><span class="cx"> // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that
</span><span class="cx"> // an authentication dialog doesn't pop up).
</span><del>- CredentialStorage::defaultCredentialStorage().set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworksoupResourceHandleSoupcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp (211752 => 211753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp        2017-02-06 23:02:51 UTC (rev 211752)
+++ trunk/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp        2017-02-06 23:27:48 UTC (rev 211753)
</span><span class="lines">@@ -201,6 +201,12 @@
</span><span class="cx"> // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open().
</span><span class="cx"> ResourceHandleInternal* d = handle->getInternal();
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (handle->shouldUseCredentialStorage()) {
</span><span class="cx"> if (d->m_user.isEmpty() && d->m_pass.isEmpty())
</span><span class="cx"> d->m_initialCredential = CredentialStorage::defaultCredentialStorage().get(request.url());
</span><span class="lines">@@ -209,7 +215,7 @@
</span><span class="cx"> // before sending a request. This makes it possible to implement logout by sending an
</span><span class="cx"> // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that
</span><span class="cx"> // an authentication dialog doesn't pop up).
</span><del>- CredentialStorage::defaultCredentialStorage().set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -823,6 +829,12 @@
</span><span class="cx"> {
</span><span class="cx"> ASSERT(d->m_currentWebChallenge.isNull());
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
</span><span class="cx"> bool useCredentialStorage = shouldUseCredentialStorage();
</span><span class="cx"> if (useCredentialStorage) {
</span><span class="lines">@@ -830,17 +842,17 @@
</span><span class="cx"> // The stored credential wasn't accepted, stop using it. There is a race condition
</span><span class="cx"> // here, since a different credential might have already been stored by another
</span><span class="cx"> // ResourceHandle, but the observable effect should be very minor, if any.
</span><del>- CredentialStorage::defaultCredentialStorage().remove(challenge.protectionSpace());
</del><ins>+ CredentialStorage::defaultCredentialStorage().remove(partition, challenge.protectionSpace());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!challenge.previousFailureCount()) {
</span><del>- Credential credential = CredentialStorage::defaultCredentialStorage().get(challenge.protectionSpace());
</del><ins>+ Credential credential = CredentialStorage::defaultCredentialStorage().get(partition, challenge.protectionSpace());
</ins><span class="cx"> if (!credential.isEmpty() && credential != d->m_initialCredential) {
</span><span class="cx"> ASSERT(credential.persistence() == CredentialPersistenceNone);
</span><span class="cx">
</span><span class="cx"> // Store the credential back, possibly adding it as a default for this directory.
</span><span class="cx"> if (isAuthenticationFailureStatusCode(challenge.failureResponse().httpStatusCode()))
</span><del>- CredentialStorage::defaultCredentialStorage().set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, credential, challenge.protectionSpace(), challenge.failureResponse().url());
</ins><span class="cx">
</span><span class="cx"> soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
</span><span class="cx"> return;
</span><span class="lines">@@ -887,6 +899,12 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+#if ENABLE(CACHE_PARTITIONING)
+ String partition = firstRequest().cachePartition();
+#else
+ String partition = emptyString();
+#endif
+
</ins><span class="cx"> if (shouldUseCredentialStorage()) {
</span><span class="cx"> // Eventually we will manage per-session credentials only internally or use some newly-exposed API from libsoup,
</span><span class="cx"> // because once we authenticate via libsoup, there is no way to ignore it for a particular request. Right now,
</span><span class="lines">@@ -893,7 +911,7 @@
</span><span class="cx"> // we place the credentials in the store even though libsoup will never fire the authenticate signal again for
</span><span class="cx"> // this protection space.
</span><span class="cx"> if (credential.persistence() == CredentialPersistenceForSession || credential.persistence() == CredentialPersistencePermanent)
</span><del>- CredentialStorage::defaultCredentialStorage().set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
</del><ins>+ CredentialStorage::defaultCredentialStorage().set(partition, credential, challenge.protectionSpace(), challenge.failureResponse().url());
</ins><span class="cx">
</span><span class="cx"> if (credential.persistence() == CredentialPersistencePermanent) {
</span><span class="cx"> d->m_credentialDataToSaveInPersistentStore.credential = credential;
</span></span></pre>
</div>
</div>
</body>
</html>