[Webkit-unassigned] [Bug 164471] New: [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work

Mon Nov 7 03:07:00 PST 2016

https://bugs.webkit.org/show_bug.cgi?id=164471

            Bug ID: 164471
           Summary: [SOUP] Load options allowStoredCredentials =
                    DoNotAllowStoredCredentials with
                    clientCredentialPolicy = MayAskClientForCredentials
                    doesn't work
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: Gtk, Soup
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: cgarcia at igalia.com
                CC: achristensen at apple.com, bugs-noreply at webkitgtk.org

When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that disables all HTTP authentication, causing the load to always fail with Authorization required even when clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the SoupAuthManager feature. We need to add new API to libsoup to tell the SoupAuthManager not to use the auth cache for that particular SoupMessage.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20161107/b923952b/attachment-0001.html>