e2f3a567f8c24a2685851db4b726516b01f8574e
[WebKit-https.git] / Source / WebCore / platform / network / mac / ResourceHandleMac.mm
1 /*
2  * Copyright (C) 2004, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
24  */
25
26 #import "config.h"
27 #import "ResourceHandleInternal.h"
28
29 #if !USE(CFNETWORK)
30
31 #import "AuthenticationChallenge.h"
32 #import "AuthenticationMac.h"
33 #import "BlockExceptions.h"
34 #import "CookieStorage.h"
35 #import "CredentialStorage.h"
36 #import "CachedResourceLoader.h"
37 #import "EmptyProtocolDefinitions.h"
38 #import "FormDataStreamMac.h"
39 #import "Frame.h"
40 #import "FrameLoader.h"
41 #import "Logging.h"
42 #import "MIMETypeRegistry.h"
43 #import "NetworkingContext.h"
44 #import "Page.h"
45 #import "ResourceError.h"
46 #import "ResourceResponse.h"
47 #import "Settings.h"
48 #import "SharedBuffer.h"
49 #import "SubresourceLoader.h"
50 #import "WebCoreResourceHandleAsDelegate.h"
51 #import "SynchronousLoaderClient.h"
52 #import "WebCoreSystemInterface.h"
53 #import "WebCoreURLResponse.h"
54 #import <wtf/SchedulePair.h>
55 #import <wtf/UnusedParam.h>
56 #import <wtf/text/Base64.h>
57 #import <wtf/text/CString.h>
58
59 using namespace WebCore;
60
61 // WebCoreNSURLConnectionDelegateProxy exists so that we can cast m_proxy to it in order
62 // to disambiguate the argument type in the -setDelegate: call.  This avoids a spurious
63 // warning that the compiler would otherwise emit.
64 @interface WebCoreNSURLConnectionDelegateProxy : NSObject <NSURLConnectionDelegate>
65 - (void)setDelegate:(id<NSURLConnectionDelegate>)delegate;
66 @end
67
68 @interface NSURLConnection (Details)
69 -(id)_initWithRequest:(NSURLRequest *)request delegate:(id)delegate usesCache:(BOOL)usesCacheFlag maxContentLength:(long long)maxContentLength startImmediately:(BOOL)startImmediately connectionProperties:(NSDictionary *)connectionProperties;
70 @end
71
72 namespace WebCore {
73
74 static void applyBasicAuthorizationHeader(ResourceRequest& request, const Credential& credential)
75 {
76     String authenticationHeader = "Basic " + base64Encode(String(credential.user() + ":" + credential.password()).utf8());
77     request.clearHTTPAuthorization(); // FIXME: Should addHTTPHeaderField be smart enough to not build comma-separated lists in headers like Authorization?
78     request.addHTTPHeaderField("Authorization", authenticationHeader);
79 }
80
81 static NSOperationQueue *operationQueueForAsyncClients()
82 {
83     static NSOperationQueue *queue;
84     if (!queue) {
85         queue = [[NSOperationQueue alloc] init];
86         // Default concurrent operation count depends on current system workload, but delegate methods are mostly idling in IPC, so we can run as many as needed.
87         [queue setMaxConcurrentOperationCount:NSIntegerMax];
88     }
89     return queue;
90 }
91
92 ResourceHandleInternal::~ResourceHandleInternal()
93 {
94 }
95
96 ResourceHandle::~ResourceHandle()
97 {
98     releaseDelegate();
99     d->m_currentWebChallenge.setAuthenticationClient(0);
100
101     LOG(Network, "Handle %p destroyed", this);
102 }
103
104 void ResourceHandle::createNSURLConnection(id delegate, bool shouldUseCredentialStorage, bool shouldContentSniff)
105 {
106     // Credentials for ftp can only be passed in URL, the connection:didReceiveAuthenticationChallenge: delegate call won't be made.
107     if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
108         KURL urlWithCredentials(firstRequest().url());
109         urlWithCredentials.setUser(d->m_user);
110         urlWithCredentials.setPass(d->m_pass);
111         firstRequest().setURL(urlWithCredentials);
112     }
113
114     if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
115         if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
116             // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication, 
117             // try and reuse the credential preemptively, as allowed by RFC 2617.
118             d->m_initialCredential = CredentialStorage::get(firstRequest().url());
119         } else {
120             // If there is already a protection space known for the URL, update stored credentials before sending a request.
121             // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
122             // (so that an authentication dialog doesn't pop up).
123             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
124         }
125     }
126         
127     if (!d->m_initialCredential.isEmpty()) {
128         // FIXME: Support Digest authentication, and Proxy-Authorization.
129         applyBasicAuthorizationHeader(firstRequest(), d->m_initialCredential);
130     }
131
132     NSURLRequest *nsRequest = firstRequest().nsURLRequest(UpdateHTTPBody);
133     if (!shouldContentSniff) {
134         NSMutableURLRequest *mutableRequest = [[nsRequest mutableCopy] autorelease];
135         wkSetNSURLRequestShouldContentSniff(mutableRequest, NO);
136         nsRequest = mutableRequest;
137     }
138
139     if (d->m_storageSession)
140         nsRequest = [wkCopyRequestWithStorageSession(d->m_storageSession.get(), nsRequest) autorelease];
141
142     ASSERT([NSURLConnection instancesRespondToSelector:@selector(_initWithRequest:delegate:usesCache:maxContentLength:startImmediately:connectionProperties:)]);
143
144     NSMutableDictionary *streamProperties = [NSMutableDictionary dictionary];
145
146     if (!shouldUseCredentialStorage)
147         [streamProperties setObject:@"WebKitPrivateSession" forKey:@"_kCFURLConnectionSessionID"];
148
149 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090
150     RetainPtr<CFDataRef> sourceApplicationAuditData = d->m_context->sourceApplicationAuditData();
151     if (sourceApplicationAuditData)
152         [streamProperties setObject:(NSData *)sourceApplicationAuditData.get() forKey:@"kCFStreamPropertySourceApplication"];
153 #endif
154
155     NSDictionary *propertyDictionary = [NSDictionary dictionaryWithObject:streamProperties forKey:@"kCFURLConnectionSocketStreamProperties"];
156     d->m_connection.adoptNS([[NSURLConnection alloc] _initWithRequest:nsRequest delegate:delegate usesCache:YES maxContentLength:0 startImmediately:NO connectionProperties:propertyDictionary]);
157 }
158
159 bool ResourceHandle::start()
160 {
161     if (!d->m_context)
162         return false;
163
164     BEGIN_BLOCK_OBJC_EXCEPTIONS;
165
166     // If NetworkingContext is invalid then we are no longer attached to a Page,
167     // this must be an attempted load from an unload event handler, so let's just block it.
168     if (!d->m_context->isValid())
169         return false;
170
171     d->m_storageSession = d->m_context->storageSession().platformSession();
172
173     ASSERT(!d->m_proxy);
174     d->m_proxy.adoptNS(wkCreateNSURLConnectionDelegateProxy());
175     [static_cast<WebCoreNSURLConnectionDelegateProxy*>(d->m_proxy.get()) setDelegate:ResourceHandle::delegate()];
176
177     bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this);
178
179     d->m_needsSiteSpecificQuirks = d->m_context->needsSiteSpecificQuirks();
180
181     createNSURLConnection(
182         d->m_proxy.get(),
183         shouldUseCredentialStorage,
184         d->m_shouldContentSniff || d->m_context->localFileContentSniffingEnabled());
185
186     bool scheduled = false;
187     if (SchedulePairHashSet* scheduledPairs = d->m_context->scheduledRunLoopPairs()) {
188         SchedulePairHashSet::iterator end = scheduledPairs->end();
189         for (SchedulePairHashSet::iterator it = scheduledPairs->begin(); it != end; ++it) {
190             if (NSRunLoop *runLoop = (*it)->nsRunLoop()) {
191                 [connection() scheduleInRunLoop:runLoop forMode:(NSString *)(*it)->mode()];
192                 scheduled = true;
193             }
194         }
195     }
196
197     if (client() && client()->usesAsyncCallbacks()) {
198         ASSERT(!scheduled);
199         [connection() setDelegateQueue:operationQueueForAsyncClients()];
200         scheduled = true;
201     }
202
203     // Start the connection if we did schedule with at least one runloop.
204     // We can't start the connection until we have one runloop scheduled.
205     if (scheduled)
206         [connection() start];
207     else
208         d->m_startWhenScheduled = true;
209
210     LOG(Network, "Handle %p starting connection %p for %@", this, connection(), firstRequest().nsURLRequest(DoNotUpdateHTTPBody));
211     
212     if (d->m_connection) {
213         if (d->m_defersLoading)
214             wkSetNSURLConnectionDefersCallbacks(connection(), YES);
215
216         return true;
217     }
218
219     END_BLOCK_OBJC_EXCEPTIONS;
220
221     return false;
222 }
223
224 void ResourceHandle::cancel()
225 {
226     LOG(Network, "Handle %p cancel connection %p", this, d->m_connection.get());
227
228     // Leaks were seen on HTTP tests without this; can be removed once <rdar://problem/6886937> is fixed.
229     if (d->m_currentMacChallenge)
230         [[d->m_currentMacChallenge sender] cancelAuthenticationChallenge:d->m_currentMacChallenge];
231
232     [d->m_connection.get() cancel];
233 }
234
235 void ResourceHandle::platformSetDefersLoading(bool defers)
236 {
237     if (d->m_connection)
238         wkSetNSURLConnectionDefersCallbacks(d->m_connection.get(), defers);
239 }
240
241 void ResourceHandle::schedule(SchedulePair* pair)
242 {
243     NSRunLoop *runLoop = pair->nsRunLoop();
244     if (!runLoop)
245         return;
246     [d->m_connection.get() scheduleInRunLoop:runLoop forMode:(NSString *)pair->mode()];
247     if (d->m_startWhenScheduled) {
248         [d->m_connection.get() start];
249         d->m_startWhenScheduled = false;
250     }
251 }
252
253 void ResourceHandle::unschedule(SchedulePair* pair)
254 {
255     if (NSRunLoop *runLoop = pair->nsRunLoop())
256         [d->m_connection.get() unscheduleFromRunLoop:runLoop forMode:(NSString *)pair->mode()];
257 }
258
259 WebCoreResourceHandleAsDelegate *ResourceHandle::delegate()
260 {
261     if (!d->m_delegate) {
262         WebCoreResourceHandleAsDelegate *delegate = [[WebCoreResourceHandleAsDelegate alloc] initWithHandle:this];
263         d->m_delegate = delegate;
264         [delegate release];
265     }
266     return d->m_delegate.get();
267 }
268
269 void ResourceHandle::releaseDelegate()
270 {
271     if (!d->m_delegate)
272         return;
273     if (d->m_proxy)
274         [d->m_proxy.get() setDelegate:nil];
275     [d->m_delegate.get() detachHandle];
276     d->m_delegate = nil;
277 }
278
279 id ResourceHandle::releaseProxy()
280 {
281     id proxy = [[d->m_proxy.get() retain] autorelease];
282     d->m_proxy = nil;
283     [proxy setDelegate:nil];
284     return proxy;
285 }
286
287 NSURLConnection *ResourceHandle::connection() const
288 {
289     return d->m_connection.get();
290 }
291
292 bool ResourceHandle::loadsBlocked()
293 {
294     return false;
295 }
296
297 CFStringRef ResourceHandle::synchronousLoadRunLoopMode()
298 {
299     return CFSTR("WebCoreSynchronousLoaderRunLoopMode");
300 }
301
302 void ResourceHandle::platformLoadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials storedCredentials, ResourceError& error, ResourceResponse& response, Vector<char>& data)
303 {
304     LOG(Network, "ResourceHandle::platformLoadResourceSynchronously:%@ allowStoredCredentials:%u", request.nsURLRequest(DoNotUpdateHTTPBody), storedCredentials);
305
306     ASSERT(!request.isEmpty());
307     
308     OwnPtr<SynchronousLoaderClient> client = SynchronousLoaderClient::create();
309     client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials);
310
311     RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));
312
313     handle->d->m_storageSession = context->storageSession().platformSession();
314
315     if (context && handle->d->m_scheduledFailureType != NoFailure) {
316         error = context->blockedError(request);
317         return;
318     }
319
320     handle->createNSURLConnection(
321         handle->delegate(), // A synchronous request cannot turn into a download, so there is no need to proxy the delegate.
322         storedCredentials == AllowStoredCredentials,
323         handle->shouldContentSniff() || context->localFileContentSniffingEnabled());
324
325     [handle->connection() scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:(NSString *)synchronousLoadRunLoopMode()];
326     [handle->connection() start];
327     
328     while (!client->isDone())
329         [[NSRunLoop currentRunLoop] runMode:(NSString *)synchronousLoadRunLoopMode() beforeDate:[NSDate distantFuture]];
330
331     error = client->error();
332     
333     [handle->connection() cancel];
334
335     if (error.isNull())
336         response = client->response();
337     else {
338         response = ResourceResponse(request.url(), String(), 0, String(), String());
339         if (error.domain() == String(NSURLErrorDomain))
340             switch (error.errorCode()) {
341             case NSURLErrorUserCancelledAuthentication:
342                 // FIXME: we should really return the actual HTTP response, but sendSynchronousRequest doesn't provide us with one.
343                 response.setHTTPStatusCode(401);
344                 break;
345             default:
346                 response.setHTTPStatusCode(error.errorCode());
347             }
348         else
349             response.setHTTPStatusCode(404);
350     }
351
352     data.swap(client->mutableData());
353 }
354
355 void ResourceHandle::willSendRequest(ResourceRequest& request, const ResourceResponse& redirectResponse)
356 {
357     ASSERT(!redirectResponse.isNull());
358
359     if (redirectResponse.httpStatusCode() == 307) {
360         String lastHTTPMethod = d->m_lastHTTPMethod;
361         if (!equalIgnoringCase(lastHTTPMethod, request.httpMethod())) {
362             request.setHTTPMethod(lastHTTPMethod);
363     
364             FormData* body = d->m_firstRequest.httpBody();
365             if (!equalIgnoringCase(lastHTTPMethod, "GET") && body && !body->isEmpty())
366                 request.setHTTPBody(body);
367
368             String originalContentType = d->m_firstRequest.httpContentType();
369             if (!originalContentType.isEmpty())
370                 request.setHTTPHeaderField("Content-Type", originalContentType);
371         }
372     }
373
374     // Should not set Referer after a redirect from a secure resource to non-secure one.
375     if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") && d->m_context->shouldClearReferrerOnHTTPSToHTTPRedirect())
376         request.clearHTTPReferrer();
377
378     const KURL& url = request.url();
379     d->m_user = url.user();
380     d->m_pass = url.pass();
381     d->m_lastHTTPMethod = request.httpMethod();
382     request.removeCredentials();
383
384     if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url())) {
385         // If the network layer carries over authentication headers from the original request
386         // in a cross-origin redirect, we want to clear those headers here.
387         // As of Lion, CFNetwork no longer does this.
388         request.clearHTTPAuthorization();
389     } else {
390         // Only consider applying authentication credentials if this is actually a redirect and the redirect
391         // URL didn't include credentials of its own.
392         if (d->m_user.isEmpty() && d->m_pass.isEmpty() && !redirectResponse.isNull()) {
393             Credential credential = CredentialStorage::get(request.url());
394             if (!credential.isEmpty()) {
395                 d->m_initialCredential = credential;
396                 
397                 // FIXME: Support Digest authentication, and Proxy-Authorization.
398                 applyBasicAuthorizationHeader(request, d->m_initialCredential);
399             }
400         }
401     }
402
403     RefPtr<ResourceHandle> protect(this);
404     client()->willSendRequest(this, request, redirectResponse);
405
406     // Client call may not preserve the session, especially if the request is sent over IPC.
407     if (!request.isNull())
408         request.setStorageSession(d->m_storageSession.get());
409 }
410
411 bool ResourceHandle::shouldUseCredentialStorage()
412 {
413     if (client())
414         return client()->shouldUseCredentialStorage(this);
415
416     return false;
417 }
418
419 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
420 {
421     ASSERT(!d->m_currentMacChallenge);
422     ASSERT(d->m_currentWebChallenge.isNull());
423     // Since NSURLConnection networking relies on keeping a reference to the original NSURLAuthenticationChallenge,
424     // we make sure that is actually present
425     ASSERT(challenge.nsURLAuthenticationChallenge());
426
427     // Proxy authentication is handled by CFNetwork internally. We can get here if the user cancels
428     // CFNetwork authentication dialog, and we shouldn't ask the client to display another one in that case.
429     if (challenge.protectionSpace().isProxy()) {
430         // Cannot use receivedRequestToContinueWithoutCredential(), because current challenge is not yet set.
431         [challenge.sender() continueWithoutCredentialForAuthenticationChallenge:challenge.nsURLAuthenticationChallenge()];
432         return;
433     }
434
435     if (!d->m_user.isNull() && !d->m_pass.isNull()) {
436         NSURLCredential *credential = [[NSURLCredential alloc] initWithUser:d->m_user
437                                                                    password:d->m_pass
438                                                                 persistence:NSURLCredentialPersistenceForSession];
439         d->m_currentMacChallenge = challenge.nsURLAuthenticationChallenge();
440         d->m_currentWebChallenge = challenge;
441         receivedCredential(challenge, core(credential));
442         [credential release];
443         // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
444         d->m_user = String();
445         d->m_pass = String();
446         return;
447     }
448
449     if (!client() || client()->shouldUseCredentialStorage(this)) {
450         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
451             // The stored credential wasn't accepted, stop using it.
452             // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
453             // but the observable effect should be very minor, if any.
454             CredentialStorage::remove(challenge.protectionSpace());
455         }
456
457         if (!challenge.previousFailureCount()) {
458             Credential credential = CredentialStorage::get(challenge.protectionSpace());
459             if (!credential.isEmpty() && credential != d->m_initialCredential) {
460                 ASSERT(credential.persistence() == CredentialPersistenceNone);
461                 if (challenge.failureResponse().httpStatusCode() == 401) {
462                     // Store the credential back, possibly adding it as a default for this directory.
463                     CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
464                 }
465                 [challenge.sender() useCredential:mac(credential) forAuthenticationChallenge:mac(challenge)];
466                 return;
467             }
468         }
469     }
470
471     d->m_currentMacChallenge = challenge.nsURLAuthenticationChallenge();
472     d->m_currentWebChallenge = core(d->m_currentMacChallenge);
473     d->m_currentWebChallenge.setAuthenticationClient(this);
474
475     // FIXME: Several concurrent requests can return with the an authentication challenge for the same protection space.
476     // We should avoid making additional client calls for the same protection space when already waiting for the user,
477     // because typing the same credentials several times is annoying.
478     if (client())
479         client()->didReceiveAuthenticationChallenge(this, d->m_currentWebChallenge);
480 }
481
482 void ResourceHandle::didCancelAuthenticationChallenge(const AuthenticationChallenge& challenge)
483 {
484     ASSERT(d->m_currentMacChallenge);
485     ASSERT(d->m_currentMacChallenge == challenge.nsURLAuthenticationChallenge());
486     ASSERT(!d->m_currentWebChallenge.isNull());
487
488     if (client())
489         client()->didCancelAuthenticationChallenge(this, challenge);
490 }
491
492 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
493 bool ResourceHandle::canAuthenticateAgainstProtectionSpace(const ProtectionSpace& protectionSpace)
494 {
495     if (client())
496         return client()->canAuthenticateAgainstProtectionSpace(this, protectionSpace);
497         
498     return false;
499 }
500 #endif
501
502 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
503 {
504     LOG(Network, "Handle %p receivedCredential", this);
505
506     ASSERT(!challenge.isNull());
507     if (challenge != d->m_currentWebChallenge)
508         return;
509
510     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
511     if (credential.isEmpty()) {
512         receivedRequestToContinueWithoutCredential(challenge);
513         return;
514     }
515
516     if (credential.persistence() == CredentialPersistenceForSession && (!d->m_needsSiteSpecificQuirks || ![[[mac(challenge) protectionSpace] host] isEqualToString:@"gallery.me.com"])) {
517         // Manage per-session credentials internally, because once NSURLCredentialPersistenceForSession is used, there is no way
518         // to ignore it for a particular request (short of removing it altogether).
519         // <rdar://problem/6867598> gallery.me.com is temporarily whitelisted, so that QuickTime plug-in could see the credentials.
520         Credential webCredential(credential, CredentialPersistenceNone);
521         KURL urlToStore;
522         if (challenge.failureResponse().httpStatusCode() == 401)
523             urlToStore = challenge.failureResponse().url();
524         CredentialStorage::set(webCredential, core([d->m_currentMacChallenge protectionSpace]), urlToStore);
525         [[d->m_currentMacChallenge sender] useCredential:mac(webCredential) forAuthenticationChallenge:d->m_currentMacChallenge];
526     } else
527         [[d->m_currentMacChallenge sender] useCredential:mac(credential) forAuthenticationChallenge:d->m_currentMacChallenge];
528
529     clearAuthentication();
530 }
531
532 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
533 {
534     LOG(Network, "Handle %p receivedRequestToContinueWithoutCredential", this);
535
536     ASSERT(!challenge.isNull());
537     if (challenge != d->m_currentWebChallenge)
538         return;
539
540     [[d->m_currentMacChallenge sender] continueWithoutCredentialForAuthenticationChallenge:d->m_currentMacChallenge];
541
542     clearAuthentication();
543 }
544
545 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
546 {
547     LOG(Network, "Handle %p receivedCancellation", this);
548
549     if (challenge != d->m_currentWebChallenge)
550         return;
551
552     if (client())
553         client()->receivedCancellation(this, challenge);
554 }
555
556 } // namespace WebCore
557
558 #endif // !USE(CFNETWORK)