<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work"
href="https://bugs.webkit.org/show_bug.cgi?id=164471">164471</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr>
<tr>
<th>Product</th>
<td>WebKit
</td>
</tr>
<tr>
<th>Version</th>
<td>WebKit Local Build
</td>
</tr>
<tr>
<th>Hardware</th>
<td>Unspecified
</td>
</tr>
<tr>
<th>OS</th>
<td>Unspecified
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Keywords</th>
<td>Gtk, Soup
</td>
</tr>
<tr>
<th>Severity</th>
<td>Normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P2
</td>
</tr>
<tr>
<th>Component</th>
<td>WebKit2
</td>
</tr>
<tr>
<th>Assignee</th>
<td>webkit-unassigned@lists.webkit.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>cgarcia@igalia.com
</td>
</tr>
<tr>
<th>CC</th>
<td>achristensen@apple.com, bugs-noreply@webkitgtk.org
</td>
</tr></table>
<p>
<div>
<pre>When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that disables all HTTP authentication, causing the load to always fail with Authorization required even when clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the SoupAuthManager feature. We need to add new API to libsoup to tell the SoupAuthManager not to use the auth cache for that particular SoupMessage.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>