[webkit-reviews] review denied: [Bug 196870] Add a WebsiteDataStore delegate to handle AuthenticationChallenge that do not come from pages : [Attachment 367351] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Apr 22 15:10:59 PDT 2019
Alex Christensen <achristensen at apple.com> has denied youenn fablet
<youennf at gmail.com>'s request for review:
Bug 196870: Add a WebsiteDataStore delegate to handle AuthenticationChallenge
that do not come from pages
https://bugs.webkit.org/show_bug.cgi?id=196870
Attachment 367351: Patch
https://bugs.webkit.org/attachment.cgi?id=367351&action=review
--- Comment #7 from Alex Christensen <achristensen at apple.com> ---
Comment on attachment 367351
--> https://bugs.webkit.org/attachment.cgi?id=367351
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=367351&action=review
I think this needs an API test that verifies this delegate is being called
under the correct circumstances and the credentials are used as expected.
> Source/WebKit/NetworkProcess/PingLoad.cpp:135
> -
completionHandler(AuthenticationChallengeDisposition::PerformDefaultHandling, {
});
> +
m_networkLoadChecker->networkProcess().authenticationManager().didReceiveAuthen
ticationChallenge(m_parameters.sessionID, 0, 0, challenge,
WTFMove(completionHandler));
We almost certainly don't want ping loads to handle authentication challenges.
Then there would be random popups asking for credentials.
> Source/WebKit/UIProcess/API/Cocoa/WKWebsiteDataStore.mm:82
> + case NSURLSessionAuthChallengeUseCredential:
This is duplicate code with NavigationState.mm
> LayoutTests/ChangeLog:8
> + *
http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight.html:
Wouldn't this changed test have passed before because we performed default
behavior? Now we're just performing default behavior in a different place, so
this test does not verify the change works.
More information about the webkit-reviews
mailing list