[GLIB] Use GUniquePtr instead of GOwnPtr
[WebKit-https.git] / Source / WebCore / platform / network / soup / ResourceHandleSoup.cpp
1 /*
2  * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011 Apple Inc. All rights reserved.
3  * Copyright (C) 2008 Alp Toker <alp@atoker.com>
4  * Copyright (C) 2008 Xan Lopez <xan@gnome.org>
5  * Copyright (C) 2008, 2010 Collabora Ltd.
6  * Copyright (C) 2009 Holger Hans Peter Freyther
7  * Copyright (C) 2009, 2013 Gustavo Noronha Silva <gns@gnome.org>
8  * Copyright (C) 2009 Christian Dywan <christian@imendio.com>
9  * Copyright (C) 2009, 2010, 2011, 2012 Igalia S.L.
10  * Copyright (C) 2009 John Kjellberg <john.kjellberg@power.alstom.com>
11  * Copyright (C) 2012 Intel Corporation
12  *
13  * This library is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU Library General Public
15  * License as published by the Free Software Foundation; either
16  * version 2 of the License, or (at your option) any later version.
17  *
18  * This library is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
21  * Library General Public License for more details.
22  *
23  * You should have received a copy of the GNU Library General Public License
24  * along with this library; see the file COPYING.LIB.  If not, write to
25  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
26  * Boston, MA 02110-1301, USA.
27  */
28
29 #include "config.h"
30 #include "ResourceHandle.h"
31
32 #include "CookieJarSoup.h"
33 #include "CredentialStorage.h"
34 #include "FileSystem.h"
35 #include "GOwnPtrSoup.h"
36 #include "HTTPParsers.h"
37 #include "LocalizedStrings.h"
38 #include "MIMETypeRegistry.h"
39 #include "NetworkingContext.h"
40 #include "NotImplemented.h"
41 #include "ResourceError.h"
42 #include "ResourceHandleClient.h"
43 #include "ResourceHandleInternal.h"
44 #include "ResourceResponse.h"
45 #include "SharedBuffer.h"
46 #include "SoupNetworkSession.h"
47 #include "SoupURIUtils.h"
48 #include "TextEncoding.h"
49 #include <errno.h>
50 #include <fcntl.h>
51 #include <gio/gio.h>
52 #include <glib.h>
53 #include <libsoup/soup.h>
54 #include <sys/stat.h>
55 #include <sys/types.h>
56 #include <unistd.h>
57 #include <wtf/CurrentTime.h>
58 #include <wtf/SHA1.h>
59 #include <wtf/gobject/GOwnPtr.h>
60 #include <wtf/gobject/GRefPtr.h>
61 #include <wtf/text/Base64.h>
62 #include <wtf/text/CString.h>
63
64 #if ENABLE(BLOB)
65 #include "BlobData.h"
66 #include "BlobRegistryImpl.h"
67 #include "BlobStorageData.h"
68 #endif
69
70 #if PLATFORM(GTK)
71 #include "CredentialBackingStore.h"
72 #endif
73
74 namespace WebCore {
75
76 static bool loadingSynchronousRequest = false;
77 static const size_t gDefaultReadBufferSize = 8192;
78
79 class WebCoreSynchronousLoader : public ResourceHandleClient {
80     WTF_MAKE_NONCOPYABLE(WebCoreSynchronousLoader);
81 public:
82
83     WebCoreSynchronousLoader(ResourceError& error, ResourceResponse& response, SoupSession* session, Vector<char>& data)
84         : m_error(error)
85         , m_response(response)
86         , m_session(session)
87         , m_data(data)
88         , m_finished(false)
89     {
90         // We don't want any timers to fire while we are doing our synchronous load
91         // so we replace the thread default main context. The main loop iterations
92         // will only process GSources associated with this inner context.
93         loadingSynchronousRequest = true;
94         GRefPtr<GMainContext> innerMainContext = adoptGRef(g_main_context_new());
95         g_main_context_push_thread_default(innerMainContext.get());
96         m_mainLoop = adoptGRef(g_main_loop_new(innerMainContext.get(), false));
97
98         adjustMaxConnections(1);
99     }
100
101     ~WebCoreSynchronousLoader()
102     {
103         adjustMaxConnections(-1);
104
105         GMainContext* context = g_main_context_get_thread_default();
106         while (g_main_context_pending(context))
107             g_main_context_iteration(context, FALSE);
108
109         g_main_context_pop_thread_default(context);
110         loadingSynchronousRequest = false;
111     }
112
113     void adjustMaxConnections(int adjustment)
114     {
115         int maxConnections, maxConnectionsPerHost;
116         g_object_get(m_session,
117                      SOUP_SESSION_MAX_CONNS, &maxConnections,
118                      SOUP_SESSION_MAX_CONNS_PER_HOST, &maxConnectionsPerHost,
119                      NULL);
120         maxConnections += adjustment;
121         maxConnectionsPerHost += adjustment;
122         g_object_set(m_session,
123                      SOUP_SESSION_MAX_CONNS, maxConnections,
124                      SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost,
125                      NULL);
126
127     }
128
129     virtual bool isSynchronousClient()
130     {
131         return true;
132     }
133
134     virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
135     {
136         m_response = response;
137     }
138
139     virtual void didReceiveData(ResourceHandle*, const char* /* data */, unsigned /* length */, int)
140     {
141         ASSERT_NOT_REACHED();
142     }
143
144     virtual void didReceiveBuffer(ResourceHandle*, PassRefPtr<SharedBuffer> buffer, int /* encodedLength */)
145     {
146         // This pattern is suggested by SharedBuffer.h.
147         const char* segment;
148         unsigned position = 0;
149         while (unsigned length = buffer->getSomeData(segment, position)) {
150             m_data.append(segment, length);
151             position += length;
152         }
153     }
154
155     virtual void didFinishLoading(ResourceHandle*, double)
156     {
157         if (g_main_loop_is_running(m_mainLoop.get()))
158             g_main_loop_quit(m_mainLoop.get());
159         m_finished = true;
160     }
161
162     virtual void didFail(ResourceHandle* handle, const ResourceError& error)
163     {
164         m_error = error;
165         didFinishLoading(handle, 0);
166     }
167
168     virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge)
169     {
170         // We do not handle authentication for synchronous XMLHttpRequests.
171         challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge);
172     }
173
174     void run()
175     {
176         if (!m_finished)
177             g_main_loop_run(m_mainLoop.get());
178     }
179
180 private:
181     ResourceError& m_error;
182     ResourceResponse& m_response;
183     SoupSession* m_session;
184     Vector<char>& m_data;
185     bool m_finished;
186     GRefPtr<GMainLoop> m_mainLoop;
187 };
188
189 class HostTLSCertificateSet {
190 public:
191     void add(GTlsCertificate* certificate)
192     {
193         String certificateHash = computeCertificateHash(certificate);
194         if (!certificateHash.isEmpty())
195             m_certificates.add(certificateHash);
196     }
197
198     bool contains(GTlsCertificate* certificate)
199     {
200         return m_certificates.contains(computeCertificateHash(certificate));
201     }
202
203 private:
204     static String computeCertificateHash(GTlsCertificate* certificate)
205     {
206         GRefPtr<GByteArray> certificateData;
207         g_object_get(G_OBJECT(certificate), "certificate", &certificateData.outPtr(), NULL);
208         if (!certificateData)
209             return String();
210
211         SHA1 sha1;
212         sha1.addBytes(certificateData->data, certificateData->len);
213
214         SHA1::Digest digest;
215         sha1.computeHash(digest);
216
217         return base64Encode(reinterpret_cast<const char*>(digest.data()), SHA1::hashSize);
218     }
219
220     HashSet<String> m_certificates;
221 };
222
223 static bool createSoupRequestAndMessageForHandle(ResourceHandle*, const ResourceRequest&, bool isHTTPFamilyRequest);
224 static void cleanupSoupRequestOperation(ResourceHandle*, bool isDestroying = false);
225 static void sendRequestCallback(GObject*, GAsyncResult*, gpointer);
226 static void readCallback(GObject*, GAsyncResult*, gpointer);
227 static gboolean requestTimeoutCallback(void*);
228 #if ENABLE(WEB_TIMING)
229 static int  milisecondsSinceRequest(double requestTime);
230 #endif
231 static void continueAfterDidReceiveResponse(ResourceHandle*);
232
233 static bool gIgnoreSSLErrors = false;
234
235 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
236 {
237     DEFINE_STATIC_LOCAL(HashSet<String>, hosts, ());
238     return hosts;
239 }
240
241 typedef HashMap<String, HostTLSCertificateSet> CertificatesMap;
242 static CertificatesMap& clientCertificates()
243 {
244     DEFINE_STATIC_LOCAL(CertificatesMap, certificates, ());
245     return certificates;
246 }
247
248 ResourceHandleInternal::~ResourceHandleInternal()
249 {
250 }
251
252 static SoupSession* sessionFromContext(NetworkingContext* context)
253 {
254     if (!context || !context->isValid())
255         return SoupNetworkSession::defaultSession().soupSession();
256     return context->storageSession().soupNetworkSession().soupSession();
257 }
258
259 ResourceHandle::~ResourceHandle()
260 {
261     cleanupSoupRequestOperation(this, true);
262 }
263
264 SoupSession* ResourceHandleInternal::soupSession()
265 {
266     return sessionFromContext(m_context.get());
267 }
268
269 bool ResourceHandle::cancelledOrClientless()
270 {
271     if (!client())
272         return true;
273
274     return getInternal()->m_cancelled;
275 }
276
277 void ResourceHandle::ensureReadBuffer()
278 {
279     ResourceHandleInternal* d = getInternal();
280
281     if (d->m_soupBuffer)
282         return;
283
284     // Non-NetworkProcess clients are able to give a buffer to the ResourceHandle to avoid expensive copies. If
285     // we do get a buffer from the client, we want the client to free it, so we create the soup buffer with
286     // SOUP_MEMORY_TEMPORARY.
287     size_t bufferSize;
288     char* bufferFromClient = client()->getOrCreateReadBuffer(gDefaultReadBufferSize, bufferSize);
289     if (bufferFromClient)
290         d->m_soupBuffer.reset(soup_buffer_new(SOUP_MEMORY_TEMPORARY, bufferFromClient, bufferSize));
291     else
292         d->m_soupBuffer.reset(soup_buffer_new(SOUP_MEMORY_TAKE, static_cast<char*>(g_malloc(gDefaultReadBufferSize)), gDefaultReadBufferSize));
293
294     ASSERT(d->m_soupBuffer);
295 }
296
297 static bool isAuthenticationFailureStatusCode(int httpStatusCode)
298 {
299     return httpStatusCode == SOUP_STATUS_PROXY_AUTHENTICATION_REQUIRED || httpStatusCode == SOUP_STATUS_UNAUTHORIZED;
300 }
301
302 static void gotHeadersCallback(SoupMessage* message, gpointer data)
303 {
304     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
305     if (!handle || handle->cancelledOrClientless())
306         return;
307
308     ResourceHandleInternal* d = handle->getInternal();
309
310 #if ENABLE(WEB_TIMING)
311     if (d->m_response.resourceLoadTiming())
312         d->m_response.resourceLoadTiming()->receiveHeadersEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
313 #endif
314
315 #if PLATFORM(GTK)
316     // We are a bit more conservative with the persistent credential storage than the session store,
317     // since we are waiting until we know that this authentication succeeded before actually storing.
318     // This is because we want to avoid hitting the disk twice (once to add and once to remove) for
319     // incorrect credentials or polluting the keychain with invalid credentials.
320     if (!isAuthenticationFailureStatusCode(message->status_code) && message->status_code < 500 && !d->m_credentialDataToSaveInPersistentStore.credential.isEmpty()) {
321         credentialBackingStore().storeCredentialsForChallenge(
322             d->m_credentialDataToSaveInPersistentStore.challenge,
323             d->m_credentialDataToSaveInPersistentStore.credential);
324     }
325 #endif
326
327     // The original response will be needed later to feed to willSendRequest in
328     // doRedirect() in case we are redirected. For this reason, we store it here.
329     d->m_response.updateFromSoupMessage(message);
330 }
331
332 static void applyAuthenticationToRequest(ResourceHandle* handle, ResourceRequest& request, bool redirect)
333 {
334     // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open().
335     ResourceHandleInternal* d = handle->getInternal();
336
337     if (handle->shouldUseCredentialStorage()) {
338         if (d->m_user.isEmpty() && d->m_pass.isEmpty())
339             d->m_initialCredential = CredentialStorage::get(request.url());
340         else if (!redirect) {
341             // If there is already a protection space known for the URL, update stored credentials
342             // before sending a request. This makes it possible to implement logout by sending an
343             // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that
344             // an authentication dialog doesn't pop up).
345             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
346         }
347     }
348
349     String user = d->m_user;
350     String password = d->m_pass;
351     if (!d->m_initialCredential.isEmpty()) {
352         user = d->m_initialCredential.user();
353         password = d->m_initialCredential.password();
354     }
355
356     if (user.isEmpty() && password.isEmpty())
357         return;
358
359     // We always put the credentials into the URL. In the CFNetwork-port HTTP family credentials are applied in
360     // the didReceiveAuthenticationChallenge callback, but libsoup requires us to use this method to override
361     // any previously remembered credentials. It has its own per-session credential storage.
362     URL urlWithCredentials(request.url());
363     urlWithCredentials.setUser(user);
364     urlWithCredentials.setPass(password);
365     request.setURL(urlWithCredentials);
366 }
367
368 #if ENABLE(WEB_TIMING)
369 // Called each time the message is going to be sent again except the first time.
370 // This happens when libsoup handles HTTP authentication.
371 static void restartedCallback(SoupMessage*, gpointer data)
372 {
373     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
374     if (!handle || handle->cancelledOrClientless())
375         return;
376
377     ResourceHandleInternal* d = handle->getInternal();
378     ResourceResponse& redirectResponse = d->m_response;
379     redirectResponse.setResourceLoadTiming(ResourceLoadTiming::create());
380     redirectResponse.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime();
381 }
382 #endif
383
384 static bool shouldRedirect(ResourceHandle* handle)
385 {
386     ResourceHandleInternal* d = handle->getInternal();
387     SoupMessage* message = d->m_soupMessage.get();
388
389     // Some 3xx status codes aren't actually redirects.
390     if (message->status_code == 300 || message->status_code == 304 || message->status_code == 305 || message->status_code == 306)
391         return false;
392
393     if (!soup_message_headers_get_one(message->response_headers, "Location"))
394         return false;
395
396     return true;
397 }
398
399 static bool shouldRedirectAsGET(SoupMessage* message, URL& newURL, bool crossOrigin)
400 {
401     if (message->method == SOUP_METHOD_GET || message->method == SOUP_METHOD_HEAD)
402         return false;
403
404     if (!newURL.protocolIsInHTTPFamily())
405         return true;
406
407     switch (message->status_code) {
408     case SOUP_STATUS_SEE_OTHER:
409         return true;
410     case SOUP_STATUS_FOUND:
411     case SOUP_STATUS_MOVED_PERMANENTLY:
412         if (message->method == SOUP_METHOD_POST)
413             return true;
414         break;
415     }
416
417     if (crossOrigin && message->method == SOUP_METHOD_DELETE)
418         return true;
419
420     return false;
421 }
422
423 static void continueAfterWillSendRequest(ResourceHandle* handle, const ResourceRequest& request)
424 {
425     // willSendRequest might cancel the load.
426     if (handle->cancelledOrClientless())
427         return;
428
429     ResourceRequest newRequest(request);
430     ResourceHandleInternal* d = handle->getInternal();
431     if (protocolHostAndPortAreEqual(newRequest.url(), d->m_response.url()))
432         applyAuthenticationToRequest(handle, newRequest, true);
433
434     if (!createSoupRequestAndMessageForHandle(handle, newRequest, true)) {
435         d->client()->cannotShowURL(handle);
436         return;
437     }
438
439     handle->sendPendingRequest();
440 }
441
442 static void doRedirect(ResourceHandle* handle)
443 {
444     ResourceHandleInternal* d = handle->getInternal();
445     static const int maxRedirects = 20;
446
447     if (d->m_redirectCount++ > maxRedirects) {
448         d->client()->didFail(handle, ResourceError::transportError(d->m_soupRequest.get(), SOUP_STATUS_TOO_MANY_REDIRECTS, "Too many redirects"));
449         cleanupSoupRequestOperation(handle);
450         return;
451     }
452
453     ResourceRequest newRequest = handle->firstRequest();
454     SoupMessage* message = d->m_soupMessage.get();
455     const char* location = soup_message_headers_get_one(message->response_headers, "Location");
456     URL newURL = URL(soupURIToKURL(soup_message_get_uri(message)), location);
457     bool crossOrigin = !protocolHostAndPortAreEqual(handle->firstRequest().url(), newURL);
458     newRequest.setURL(newURL);
459     newRequest.setFirstPartyForCookies(newURL);
460
461     if (newRequest.httpMethod() != "GET") {
462         // Change newRequest method to GET if change was made during a previous redirection
463         // or if current redirection says so
464         if (message->method == SOUP_METHOD_GET || shouldRedirectAsGET(message, newURL, crossOrigin)) {
465             newRequest.setHTTPMethod("GET");
466             newRequest.setHTTPBody(0);
467             newRequest.clearHTTPContentType();
468         }
469     }
470
471     // Should not set Referer after a redirect from a secure resource to non-secure one.
472     if (!newURL.protocolIs("https") && protocolIs(newRequest.httpReferrer(), "https") && handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect())
473         newRequest.clearHTTPReferrer();
474
475     d->m_user = newURL.user();
476     d->m_pass = newURL.pass();
477     newRequest.removeCredentials();
478
479     if (crossOrigin) {
480         // If the network layer carries over authentication headers from the original request
481         // in a cross-origin redirect, we want to clear those headers here. 
482         newRequest.clearHTTPAuthorization();
483
484         // TODO: We are losing any username and password specified in the redirect URL, as this is the 
485         // same behavior as the CFNet port. We should investigate if this is really what we want.
486     }
487
488     cleanupSoupRequestOperation(handle);
489
490     if (d->client()->usesAsyncCallbacks())
491         d->client()->willSendRequestAsync(handle, newRequest, d->m_response);
492     else {
493         d->client()->willSendRequest(handle, newRequest, d->m_response);
494         continueAfterWillSendRequest(handle, newRequest);
495     }
496
497 }
498
499 static void redirectSkipCallback(GObject*, GAsyncResult* asyncResult, gpointer data)
500 {
501     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
502
503     if (handle->cancelledOrClientless()) {
504         cleanupSoupRequestOperation(handle.get());
505         return;
506     }
507
508     GOwnPtr<GError> error;
509     ResourceHandleInternal* d = handle->getInternal();
510     gssize bytesSkipped = g_input_stream_skip_finish(d->m_inputStream.get(), asyncResult, &error.outPtr());
511     if (error) {
512         handle->client()->didFail(handle.get(), ResourceError::genericGError(error.get(), d->m_soupRequest.get()));
513         cleanupSoupRequestOperation(handle.get());
514         return;
515     }
516
517     if (bytesSkipped > 0) {
518         g_input_stream_skip_async(d->m_inputStream.get(), gDefaultReadBufferSize, G_PRIORITY_DEFAULT,
519             d->m_cancellable.get(), redirectSkipCallback, handle.get());
520         return;
521     }
522
523     g_input_stream_close(d->m_inputStream.get(), 0, 0);
524     doRedirect(handle.get());
525 }
526
527 static void wroteBodyDataCallback(SoupMessage*, SoupBuffer* buffer, gpointer data)
528 {
529     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
530     if (!handle)
531         return;
532
533     ASSERT(buffer);
534     ResourceHandleInternal* d = handle->getInternal();
535     d->m_bodyDataSent += buffer->length;
536
537     if (handle->cancelledOrClientless())
538         return;
539
540     handle->client()->didSendData(handle.get(), d->m_bodyDataSent, d->m_bodySize);
541 }
542
543 static void cleanupSoupRequestOperation(ResourceHandle* handle, bool isDestroying)
544 {
545     ResourceHandleInternal* d = handle->getInternal();
546
547     d->m_soupRequest.clear();
548     d->m_inputStream.clear();
549     d->m_multipartInputStream.clear();
550     d->m_cancellable.clear();
551     d->m_soupBuffer.reset();
552
553     if (d->m_soupMessage) {
554         g_signal_handlers_disconnect_matched(d->m_soupMessage.get(), G_SIGNAL_MATCH_DATA,
555                                              0, 0, 0, 0, handle);
556         g_object_set_data(G_OBJECT(d->m_soupMessage.get()), "handle", 0);
557         d->m_soupMessage.clear();
558     }
559
560     if (d->m_timeoutSource) {
561         g_source_destroy(d->m_timeoutSource.get());
562         d->m_timeoutSource.clear();
563     }
564
565     if (!isDestroying)
566         handle->deref();
567 }
568
569 static bool handleUnignoredTLSErrors(ResourceHandle* handle)
570 {
571     ResourceHandleInternal* d = handle->getInternal();
572     const ResourceResponse& response = d->m_response;
573
574     if (!response.soupMessageTLSErrors() || gIgnoreSSLErrors)
575         return false;
576
577     String lowercaseHostURL = handle->firstRequest().url().host().lower();
578     if (allowsAnyHTTPSCertificateHosts().contains(lowercaseHostURL))
579         return false;
580
581     // We aren't ignoring errors globally, but the user may have already decided to accept this certificate.
582     CertificatesMap::iterator i = clientCertificates().find(lowercaseHostURL);
583     if (i != clientCertificates().end() && i->value.contains(response.soupMessageCertificate()))
584         return false;
585
586     handle->client()->didFail(handle, ResourceError::tlsError(d->m_soupRequest.get(), response.soupMessageTLSErrors(), response.soupMessageCertificate()));
587     return true;
588 }
589
590 size_t ResourceHandle::currentStreamPosition() const
591 {
592     GInputStream* baseStream = d->m_inputStream.get();
593     while (!G_IS_SEEKABLE(baseStream) && G_IS_FILTER_INPUT_STREAM(baseStream))
594         baseStream = g_filter_input_stream_get_base_stream(G_FILTER_INPUT_STREAM(baseStream));
595
596     if (!G_IS_SEEKABLE(baseStream))
597         return 0;
598
599     return g_seekable_tell(G_SEEKABLE(baseStream));
600 }
601
602 static void nextMultipartResponsePartCallback(GObject* /*source*/, GAsyncResult* result, gpointer data)
603 {
604     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
605
606     if (handle->cancelledOrClientless()) {
607         cleanupSoupRequestOperation(handle.get());
608         return;
609     }
610
611     ResourceHandleInternal* d = handle->getInternal();
612     ASSERT(!d->m_inputStream);
613
614     GOwnPtr<GError> error;
615     d->m_inputStream = adoptGRef(soup_multipart_input_stream_next_part_finish(d->m_multipartInputStream.get(), result, &error.outPtr()));
616
617     if (error) {
618         handle->client()->didFail(handle.get(), ResourceError::httpError(d->m_soupMessage.get(), error.get(), d->m_soupRequest.get()));
619         cleanupSoupRequestOperation(handle.get());
620         return;
621     }
622
623     if (!d->m_inputStream) {
624         handle->client()->didFinishLoading(handle.get(), 0);
625         cleanupSoupRequestOperation(handle.get());
626         return;
627     }
628
629     d->m_response = ResourceResponse();
630     d->m_response.setURL(handle->firstRequest().url());
631     d->m_response.updateFromSoupMessageHeaders(soup_multipart_input_stream_get_headers(d->m_multipartInputStream.get()));
632
633     d->m_previousPosition = 0;
634
635     if (handle->client()->usesAsyncCallbacks())
636         handle->client()->didReceiveResponseAsync(handle.get(), d->m_response);
637     else {
638         handle->client()->didReceiveResponse(handle.get(), d->m_response);
639         continueAfterDidReceiveResponse(handle.get());
640     }
641 }
642
643 static void sendRequestCallback(GObject*, GAsyncResult* result, gpointer data)
644 {
645     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
646
647     if (handle->cancelledOrClientless()) {
648         cleanupSoupRequestOperation(handle.get());
649         return;
650     }
651
652     ResourceHandleInternal* d = handle->getInternal();
653     SoupMessage* soupMessage = d->m_soupMessage.get();
654
655
656     if (d->m_defersLoading) {
657         d->m_deferredResult = result;
658         return;
659     }
660
661     GOwnPtr<GError> error;
662     GRefPtr<GInputStream> inputStream = adoptGRef(soup_request_send_finish(d->m_soupRequest.get(), result, &error.outPtr()));
663     if (error) {
664         handle->client()->didFail(handle.get(), ResourceError::httpError(soupMessage, error.get(), d->m_soupRequest.get()));
665         cleanupSoupRequestOperation(handle.get());
666         return;
667     }
668
669     if (soupMessage) {
670         if (SOUP_STATUS_IS_REDIRECTION(soupMessage->status_code) && shouldRedirect(handle.get())) {
671             d->m_inputStream = inputStream;
672             g_input_stream_skip_async(d->m_inputStream.get(), gDefaultReadBufferSize, G_PRIORITY_DEFAULT,
673                 d->m_cancellable.get(), redirectSkipCallback, handle.get());
674             return;
675         }
676
677         if (handle->shouldContentSniff() && soupMessage->status_code != SOUP_STATUS_NOT_MODIFIED) {
678             const char* sniffedType = soup_request_get_content_type(d->m_soupRequest.get());
679             d->m_response.setSniffedContentType(sniffedType);
680         }
681         d->m_response.updateFromSoupMessage(soupMessage);
682
683         if (handleUnignoredTLSErrors(handle.get())) {
684             cleanupSoupRequestOperation(handle.get());
685             return;
686         }
687
688     } else {
689         d->m_response.setURL(handle->firstRequest().url());
690         const gchar* contentType = soup_request_get_content_type(d->m_soupRequest.get());
691         d->m_response.setMimeType(extractMIMETypeFromMediaType(contentType));
692         d->m_response.setTextEncodingName(extractCharsetFromMediaType(contentType));
693         d->m_response.setExpectedContentLength(soup_request_get_content_length(d->m_soupRequest.get()));
694     }
695
696     if (soupMessage && d->m_response.isMultipart())
697         d->m_multipartInputStream = adoptGRef(soup_multipart_input_stream_new(soupMessage, inputStream.get()));
698     else
699         d->m_inputStream = inputStream;
700
701     if (d->client()->usesAsyncCallbacks())
702         handle->client()->didReceiveResponseAsync(handle.get(), d->m_response);
703     else {
704         handle->client()->didReceiveResponse(handle.get(), d->m_response);
705         continueAfterDidReceiveResponse(handle.get());
706     }
707 }
708
709 static void continueAfterDidReceiveResponse(ResourceHandle* handle)
710 {
711     if (handle->cancelledOrClientless()) {
712         cleanupSoupRequestOperation(handle);
713         return;
714     }
715
716     ResourceHandleInternal* d = handle->getInternal();
717     if (d->m_soupMessage && d->m_multipartInputStream && !d->m_inputStream) {
718         soup_multipart_input_stream_next_part_async(d->m_multipartInputStream.get(), G_PRIORITY_DEFAULT,
719             d->m_cancellable.get(), nextMultipartResponsePartCallback, handle);
720         return;
721     }
722
723     ASSERT(d->m_inputStream);
724     handle->ensureReadBuffer();
725     g_input_stream_read_async(d->m_inputStream.get(), const_cast<char*>(d->m_soupBuffer->data), d->m_soupBuffer->length,
726         G_PRIORITY_DEFAULT, d->m_cancellable.get(), readCallback, handle);
727 }
728
729 static bool addFileToSoupMessageBody(SoupMessage* message, const String& fileNameString, size_t offset, size_t lengthToSend, unsigned long& totalBodySize)
730 {
731     GOwnPtr<GError> error;
732     CString fileName = fileSystemRepresentation(fileNameString);
733     GMappedFile* fileMapping = g_mapped_file_new(fileName.data(), false, &error.outPtr());
734     if (error)
735         return false;
736
737     gsize bufferLength = lengthToSend;
738     if (!lengthToSend)
739         bufferLength = g_mapped_file_get_length(fileMapping);
740     totalBodySize += bufferLength;
741
742     SoupBuffer* soupBuffer = soup_buffer_new_with_owner(g_mapped_file_get_contents(fileMapping) + offset,
743                                                         bufferLength,
744                                                         fileMapping,
745                                                         reinterpret_cast<GDestroyNotify>(g_mapped_file_unref));
746     soup_message_body_append_buffer(message->request_body, soupBuffer);
747     soup_buffer_free(soupBuffer);
748     return true;
749 }
750
751 #if ENABLE(BLOB)
752 static bool blobIsOutOfDate(const BlobDataItem& blobItem)
753 {
754     ASSERT(blobItem.type == BlobDataItem::File);
755     if (!isValidFileTime(blobItem.expectedModificationTime))
756         return false;
757
758     time_t fileModificationTime;
759     if (!getFileModificationTime(blobItem.path, fileModificationTime))
760         return true;
761
762     return fileModificationTime != static_cast<time_t>(blobItem.expectedModificationTime);
763 }
764
765 static void addEncodedBlobItemToSoupMessageBody(SoupMessage* message, const BlobDataItem& blobItem, unsigned long& totalBodySize)
766 {
767     if (blobItem.type == BlobDataItem::Data) {
768         totalBodySize += blobItem.length;
769         soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY,
770                                  blobItem.data->data() + blobItem.offset, blobItem.length);
771         return;
772     }
773
774     ASSERT(blobItem.type == BlobDataItem::File);
775     if (blobIsOutOfDate(blobItem))
776         return;
777
778     addFileToSoupMessageBody(message,
779                              blobItem.path,
780                              blobItem.offset,
781                              blobItem.length == BlobDataItem::toEndOfFile ? 0 : blobItem.length,
782                              totalBodySize);
783 }
784
785 static void addEncodedBlobToSoupMessageBody(SoupMessage* message, const FormDataElement& element, unsigned long& totalBodySize)
786 {
787     RefPtr<BlobStorageData> blobData = static_cast<BlobRegistryImpl&>(blobRegistry()).getBlobDataFromURL(URL(ParsedURLString, element.m_url));
788     if (!blobData)
789         return;
790
791     for (size_t i = 0; i < blobData->items().size(); ++i)
792         addEncodedBlobItemToSoupMessageBody(message, blobData->items()[i], totalBodySize);
793 }
794 #endif // ENABLE(BLOB)
795
796 static bool addFormElementsToSoupMessage(SoupMessage* message, const char*, FormData* httpBody, unsigned long& totalBodySize)
797 {
798     soup_message_body_set_accumulate(message->request_body, FALSE);
799     size_t numElements = httpBody->elements().size();
800     for (size_t i = 0; i < numElements; i++) {
801         const FormDataElement& element = httpBody->elements()[i];
802
803         if (element.m_type == FormDataElement::data) {
804             totalBodySize += element.m_data.size();
805             soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY,
806                                      element.m_data.data(), element.m_data.size());
807             continue;
808         }
809
810         if (element.m_type == FormDataElement::encodedFile) {
811             if (!addFileToSoupMessageBody(message ,
812                                          element.m_filename,
813                                          0 /* offset */,
814                                          0 /* lengthToSend */,
815                                          totalBodySize))
816                 return false;
817             continue;
818         }
819
820 #if ENABLE(BLOB)
821         ASSERT(element.m_type == FormDataElement::encodedBlob);
822         addEncodedBlobToSoupMessageBody(message, element, totalBodySize);
823 #endif
824     }
825     return true;
826 }
827
828 #if ENABLE(WEB_TIMING)
829 static int milisecondsSinceRequest(double requestTime)
830 {
831     return static_cast<int>((monotonicallyIncreasingTime() - requestTime) * 1000.0);
832 }
833
834 static void wroteBodyCallback(SoupMessage*, gpointer data)
835 {
836     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
837     if (!handle)
838         return;
839
840     ResourceHandleInternal* d = handle->getInternal();
841     if (!d->m_response.resourceLoadTiming())
842         return;
843
844     d->m_response.resourceLoadTiming()->sendEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
845 }
846
847 void ResourceHandle::didStartRequest()
848 {
849     ResourceHandleInternal* d = getInternal();
850     if (!d->m_response.resourceLoadTiming())
851         return;
852
853     d->m_response.resourceLoadTiming()->sendStart = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
854     if (d->m_response.resourceLoadTiming()->sslStart != -1) {
855         // WebCore/inspector/front-end/RequestTimingView.js assumes
856         // that SSL time is included in connection time so must
857         // substract here the SSL delta that will be added later (see
858         // WebInspector.RequestTimingView.createTimingTable in the
859         // file above for more details).
860         d->m_response.resourceLoadTiming()->sendStart -=
861             d->m_response.resourceLoadTiming()->sslEnd - d->m_response.resourceLoadTiming()->sslStart;
862     }
863 }
864
865 static void networkEventCallback(SoupMessage*, GSocketClientEvent event, GIOStream*, gpointer data)
866 {
867     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
868     if (!handle)
869         return;
870
871     if (handle->cancelledOrClientless())
872         return;
873
874     ResourceHandleInternal* d = handle->getInternal();
875     int deltaTime = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
876     switch (event) {
877     case G_SOCKET_CLIENT_RESOLVING:
878         d->m_response.resourceLoadTiming()->dnsStart = deltaTime;
879         break;
880     case G_SOCKET_CLIENT_RESOLVED:
881         d->m_response.resourceLoadTiming()->dnsEnd = deltaTime;
882         break;
883     case G_SOCKET_CLIENT_CONNECTING:
884         d->m_response.resourceLoadTiming()->connectStart = deltaTime;
885         if (d->m_response.resourceLoadTiming()->dnsStart != -1)
886             // WebCore/inspector/front-end/RequestTimingView.js assumes
887             // that DNS time is included in connection time so must
888             // substract here the DNS delta that will be added later (see
889             // WebInspector.RequestTimingView.createTimingTable in the
890             // file above for more details).
891             d->m_response.resourceLoadTiming()->connectStart -=
892                 d->m_response.resourceLoadTiming()->dnsEnd - d->m_response.resourceLoadTiming()->dnsStart;
893         break;
894     case G_SOCKET_CLIENT_CONNECTED:
895         // Web Timing considers that connection time involves dns, proxy & TLS negotiation...
896         // so we better pick G_SOCKET_CLIENT_COMPLETE for connectEnd
897         break;
898     case G_SOCKET_CLIENT_PROXY_NEGOTIATING:
899         d->m_response.resourceLoadTiming()->proxyStart = deltaTime;
900         break;
901     case G_SOCKET_CLIENT_PROXY_NEGOTIATED:
902         d->m_response.resourceLoadTiming()->proxyEnd = deltaTime;
903         break;
904     case G_SOCKET_CLIENT_TLS_HANDSHAKING:
905         d->m_response.resourceLoadTiming()->sslStart = deltaTime;
906         break;
907     case G_SOCKET_CLIENT_TLS_HANDSHAKED:
908         d->m_response.resourceLoadTiming()->sslEnd = deltaTime;
909         break;
910     case G_SOCKET_CLIENT_COMPLETE:
911         d->m_response.resourceLoadTiming()->connectEnd = deltaTime;
912         break;
913     default:
914         ASSERT_NOT_REACHED();
915         break;
916     }
917 }
918 #endif
919
920 static const char* gSoupRequestInitiatingPageIDKey = "wk-soup-request-initiating-page-id";
921
922 static void setSoupRequestInitiatingPageIDFromNetworkingContext(SoupRequest* request, NetworkingContext* context)
923 {
924     if (!context || !context->isValid())
925         return;
926
927     uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(fastMalloc(sizeof(uint64_t)));
928     *initiatingPageIDPtr = context->initiatingPageID();
929     g_object_set_data_full(G_OBJECT(request), g_intern_static_string(gSoupRequestInitiatingPageIDKey), initiatingPageIDPtr, fastFree);
930 }
931
932 static bool createSoupMessageForHandleAndRequest(ResourceHandle* handle, const ResourceRequest& request)
933 {
934     ASSERT(handle);
935
936     ResourceHandleInternal* d = handle->getInternal();
937     ASSERT(d->m_soupRequest);
938
939     d->m_soupMessage = adoptGRef(soup_request_http_get_message(SOUP_REQUEST_HTTP(d->m_soupRequest.get())));
940     if (!d->m_soupMessage)
941         return false;
942
943     SoupMessage* soupMessage = d->m_soupMessage.get();
944     request.updateSoupMessage(soupMessage);
945
946     g_object_set_data(G_OBJECT(soupMessage), "handle", handle);
947     if (!handle->shouldContentSniff())
948         soup_message_disable_feature(soupMessage, SOUP_TYPE_CONTENT_SNIFFER);
949
950     FormData* httpBody = request.httpBody();
951     CString contentType = request.httpContentType().utf8().data();
952     if (httpBody && !httpBody->isEmpty() && !addFormElementsToSoupMessage(soupMessage, contentType.data(), httpBody, d->m_bodySize)) {
953         // We failed to prepare the body data, so just fail this load.
954         d->m_soupMessage.clear();
955         return false;
956     }
957
958     // Make sure we have an Accept header for subresources; some sites
959     // want this to serve some of their subresources
960     if (!soup_message_headers_get_one(soupMessage->request_headers, "Accept"))
961         soup_message_headers_append(soupMessage->request_headers, "Accept", "*/*");
962
963     // In the case of XHR .send() and .send("") explicitly tell libsoup to send a zero content-lenght header
964     // for consistency with other backends (e.g. Chromium's) and other UA implementations like FF. It's done
965     // in the backend here instead of in XHR code since in XHR CORS checking prevents us from this kind of
966     // late header manipulation.
967     if ((request.httpMethod() == "POST" || request.httpMethod() == "PUT")
968         && (!request.httpBody() || request.httpBody()->isEmpty()))
969         soup_message_headers_set_content_length(soupMessage->request_headers, 0);
970
971     g_signal_connect(d->m_soupMessage.get(), "got-headers", G_CALLBACK(gotHeadersCallback), handle);
972     g_signal_connect(d->m_soupMessage.get(), "wrote-body-data", G_CALLBACK(wroteBodyDataCallback), handle);
973
974     soup_message_set_flags(d->m_soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(d->m_soupMessage.get()) | SOUP_MESSAGE_NO_REDIRECT));
975
976 #if ENABLE(WEB_TIMING)
977     d->m_response.setResourceLoadTiming(ResourceLoadTiming::create());
978     g_signal_connect(d->m_soupMessage.get(), "network-event", G_CALLBACK(networkEventCallback), handle);
979     g_signal_connect(d->m_soupMessage.get(), "restarted", G_CALLBACK(restartedCallback), handle);
980     g_signal_connect(d->m_soupMessage.get(), "wrote-body", G_CALLBACK(wroteBodyCallback), handle);
981 #endif
982
983 #if SOUP_CHECK_VERSION(2, 43, 1)
984     soup_message_set_priority(d->m_soupMessage.get(), toSoupMessagePriority(request.priority()));
985 #endif
986
987     return true;
988 }
989
990 static bool createSoupRequestAndMessageForHandle(ResourceHandle* handle, const ResourceRequest& request, bool isHTTPFamilyRequest)
991 {
992     ResourceHandleInternal* d = handle->getInternal();
993
994     GOwnPtr<GError> error;
995
996     GUniquePtr<SoupURI> soupURI(request.soupURI());
997     if (!soupURI)
998         return false;
999
1000     d->m_soupRequest = adoptGRef(soup_session_request_uri(d->soupSession(), soupURI.get(), &error.outPtr()));
1001     if (error) {
1002         d->m_soupRequest.clear();
1003         return false;
1004     }
1005
1006     // SoupMessages are only applicable to HTTP-family requests.
1007     if (isHTTPFamilyRequest && !createSoupMessageForHandleAndRequest(handle, request)) {
1008         d->m_soupRequest.clear();
1009         return false;
1010     }
1011
1012     setSoupRequestInitiatingPageIDFromNetworkingContext(d->m_soupRequest.get(), d->m_context.get());
1013
1014     return true;
1015 }
1016
1017 bool ResourceHandle::start()
1018 {
1019     ASSERT(!d->m_soupMessage);
1020
1021     // The frame could be null if the ResourceHandle is not associated to any
1022     // Frame, e.g. if we are downloading a file.
1023     // If the frame is not null but the page is null this must be an attempted
1024     // load from an unload handler, so let's just block it.
1025     // If both the frame and the page are not null the context is valid.
1026     if (d->m_context && !d->m_context->isValid())
1027         return false;
1028
1029     // Only allow the POST and GET methods for non-HTTP requests.
1030     const ResourceRequest& request = firstRequest();
1031     bool isHTTPFamilyRequest = request.url().protocolIsInHTTPFamily();
1032     if (!isHTTPFamilyRequest && request.httpMethod() != "GET" && request.httpMethod() != "POST") {
1033         this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately
1034         return true;
1035     }
1036
1037     applyAuthenticationToRequest(this, firstRequest(), false);
1038
1039     if (!createSoupRequestAndMessageForHandle(this, request, isHTTPFamilyRequest)) {
1040         this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately
1041         return true;
1042     }
1043
1044     // Send the request only if it's not been explicitly deferred.
1045     if (!d->m_defersLoading)
1046         sendPendingRequest();
1047
1048     return true;
1049 }
1050
1051 void ResourceHandle::sendPendingRequest()
1052 {
1053 #if ENABLE(WEB_TIMING)
1054     if (d->m_response.resourceLoadTiming())
1055         d->m_response.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime();
1056 #endif
1057
1058     if (d->m_firstRequest.timeoutInterval() > 0) {
1059         // soup_add_timeout returns a GSource* whose only reference is owned by
1060         // the context. We need to have our own reference to it, hence not using adoptRef.
1061         d->m_timeoutSource = soup_add_timeout(g_main_context_get_thread_default(),
1062             d->m_firstRequest.timeoutInterval() * 1000, requestTimeoutCallback, this);
1063     }
1064
1065     // Balanced by a deref() in cleanupSoupRequestOperation, which should always run.
1066     ref();
1067
1068     d->m_cancellable = adoptGRef(g_cancellable_new());
1069     soup_request_send_async(d->m_soupRequest.get(), d->m_cancellable.get(), sendRequestCallback, this);
1070 }
1071
1072 void ResourceHandle::cancel()
1073 {
1074     d->m_cancelled = true;
1075     if (d->m_soupMessage)
1076         soup_session_cancel_message(d->soupSession(), d->m_soupMessage.get(), SOUP_STATUS_CANCELLED);
1077     else if (d->m_cancellable)
1078         g_cancellable_cancel(d->m_cancellable.get());
1079 }
1080
1081 bool ResourceHandle::shouldUseCredentialStorage()
1082 {
1083     return (!client() || client()->shouldUseCredentialStorage(this)) && firstRequest().url().protocolIsInHTTPFamily();
1084 }
1085
1086 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
1087 {
1088     allowsAnyHTTPSCertificateHosts().add(host.lower());
1089 }
1090
1091 void ResourceHandle::setClientCertificate(const String& host, GTlsCertificate* certificate)
1092 {
1093     clientCertificates().add(host.lower(), HostTLSCertificateSet()).iterator->value.add(certificate);
1094 }
1095
1096 void ResourceHandle::setIgnoreSSLErrors(bool ignoreSSLErrors)
1097 {
1098     gIgnoreSSLErrors = ignoreSSLErrors;
1099 }
1100
1101 #if PLATFORM(GTK)
1102 void getCredentialFromPersistentStoreCallback(const Credential& credential, void* data)
1103 {
1104     static_cast<ResourceHandle*>(data)->continueDidReceiveAuthenticationChallenge(credential);
1105 }
1106 #endif
1107
1108 void ResourceHandle::continueDidReceiveAuthenticationChallenge(const Credential& credentialFromPersistentStorage)
1109 {
1110     ASSERT(!d->m_currentWebChallenge.isNull());
1111     AuthenticationChallenge& challenge = d->m_currentWebChallenge;
1112
1113     ASSERT(challenge.soupSession());
1114     ASSERT(challenge.soupMessage());
1115     if (!credentialFromPersistentStorage.isEmpty())
1116         challenge.setProposedCredential(credentialFromPersistentStorage);
1117
1118     if (!client()) {
1119         soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1120         clearAuthentication();
1121         return;
1122     }
1123
1124     ASSERT(challenge.soupSession());
1125     ASSERT(challenge.soupMessage());
1126     client()->didReceiveAuthenticationChallenge(this, challenge);
1127 }
1128
1129 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
1130 {
1131     ASSERT(d->m_currentWebChallenge.isNull());
1132
1133     // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
1134     bool useCredentialStorage = shouldUseCredentialStorage();
1135     if (useCredentialStorage) {
1136         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
1137             // The stored credential wasn't accepted, stop using it. There is a race condition
1138             // here, since a different credential might have already been stored by another
1139             // ResourceHandle, but the observable effect should be very minor, if any.
1140             CredentialStorage::remove(challenge.protectionSpace());
1141         }
1142
1143         if (!challenge.previousFailureCount()) {
1144             Credential credential = CredentialStorage::get(challenge.protectionSpace());
1145             if (!credential.isEmpty() && credential != d->m_initialCredential) {
1146                 ASSERT(credential.persistence() == CredentialPersistenceNone);
1147
1148                 // Store the credential back, possibly adding it as a default for this directory.
1149                 if (isAuthenticationFailureStatusCode(challenge.failureResponse().httpStatusCode()))
1150                     CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
1151
1152                 soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
1153                 return;
1154             }
1155         }
1156     }
1157
1158     d->m_currentWebChallenge = challenge;
1159     soup_session_pause_message(challenge.soupSession(), challenge.soupMessage());
1160
1161 #if PLATFORM(GTK)
1162     // We could also do this before we even start the request, but that would be at the expense
1163     // of all request latency, versus a one-time latency for the small subset of requests that
1164     // use HTTP authentication. In the end, this doesn't matter much, because persistent credentials
1165     // will become session credentials after the first use.
1166     if (useCredentialStorage) {
1167         credentialBackingStore().credentialForChallenge(challenge, getCredentialFromPersistentStoreCallback, this);
1168         return;
1169     }
1170 #endif
1171
1172     continueDidReceiveAuthenticationChallenge(Credential());
1173 }
1174
1175 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
1176 {
1177     ASSERT(!challenge.isNull());
1178     if (challenge != d->m_currentWebChallenge)
1179         return;
1180     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1181
1182     clearAuthentication();
1183 }
1184
1185 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
1186 {
1187     ASSERT(!challenge.isNull());
1188     if (challenge != d->m_currentWebChallenge)
1189         return;
1190
1191     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
1192     if (credential.isEmpty()) {
1193         receivedRequestToContinueWithoutCredential(challenge);
1194         return;
1195     }
1196
1197     if (shouldUseCredentialStorage()) {
1198         // Eventually we will manage per-session credentials only internally or use some newly-exposed API from libsoup,
1199         // because once we authenticate via libsoup, there is no way to ignore it for a particular request. Right now,
1200         // we place the credentials in the store even though libsoup will never fire the authenticate signal again for
1201         // this protection space.
1202         if (credential.persistence() == CredentialPersistenceForSession || credential.persistence() == CredentialPersistencePermanent)
1203             CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
1204
1205 #if PLATFORM(GTK)
1206         if (credential.persistence() == CredentialPersistencePermanent) {
1207             d->m_credentialDataToSaveInPersistentStore.credential = credential;
1208             d->m_credentialDataToSaveInPersistentStore.challenge = challenge;
1209         }
1210 #endif
1211     }
1212
1213     ASSERT(challenge.soupSession());
1214     ASSERT(challenge.soupMessage());
1215     soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
1216     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1217
1218     clearAuthentication();
1219 }
1220
1221 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
1222 {
1223     ASSERT(!challenge.isNull());
1224     if (challenge != d->m_currentWebChallenge)
1225         return;
1226
1227     if (cancelledOrClientless()) {
1228         clearAuthentication();
1229         return;
1230     }
1231
1232     ASSERT(challenge.soupSession());
1233     ASSERT(challenge.soupMessage());
1234     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1235
1236     if (client())
1237         client()->receivedCancellation(this, challenge);
1238
1239     clearAuthentication();
1240 }
1241
1242 static bool waitingToSendRequest(ResourceHandle* handle)
1243 {
1244     // We need to check for d->m_soupRequest because the request may have raised a failure
1245     // (for example invalid URLs). We cannot  simply check for d->m_scheduledFailure because
1246     // it's cleared as soon as the failure event is fired.
1247     return handle->getInternal()->m_soupRequest && !handle->getInternal()->m_cancellable;
1248 }
1249
1250 void ResourceHandle::platformSetDefersLoading(bool defersLoading)
1251 {
1252     if (cancelledOrClientless())
1253         return;
1254
1255     // Except when canceling a possible timeout timer, we only need to take action here to UN-defer loading.
1256     if (defersLoading) {
1257         if (d->m_timeoutSource) {
1258             g_source_destroy(d->m_timeoutSource.get());
1259             d->m_timeoutSource.clear();
1260         }
1261         return;
1262     }
1263
1264     if (waitingToSendRequest(this)) {
1265         sendPendingRequest();
1266         return;
1267     }
1268
1269     if (d->m_deferredResult) {
1270         GRefPtr<GAsyncResult> asyncResult = adoptGRef(d->m_deferredResult.leakRef());
1271
1272         if (d->m_inputStream)
1273             readCallback(G_OBJECT(d->m_inputStream.get()), asyncResult.get(), this);
1274         else
1275             sendRequestCallback(G_OBJECT(d->m_soupRequest.get()), asyncResult.get(), this);
1276     }
1277 }
1278
1279 bool ResourceHandle::loadsBlocked()
1280 {
1281     return false;
1282 }
1283
1284 void ResourceHandle::platformLoadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials /*storedCredentials*/, ResourceError& error, ResourceResponse& response, Vector<char>& data)
1285 {
1286     ASSERT(!loadingSynchronousRequest);
1287     if (loadingSynchronousRequest) // In practice this cannot happen, but if for some reason it does,
1288         return;                    // we want to avoid accidentally going into an infinite loop of requests.
1289
1290     WebCoreSynchronousLoader syncLoader(error, response, sessionFromContext(context), data);
1291     RefPtr<ResourceHandle> handle = create(context, request, &syncLoader, false /*defersLoading*/, false /*shouldContentSniff*/);
1292     if (!handle)
1293         return;
1294
1295     // If the request has already failed, do not run the main loop, or else we'll block indefinitely.
1296     if (handle->d->m_scheduledFailureType != NoFailure)
1297         return;
1298
1299     syncLoader.run();
1300 }
1301
1302 static void readCallback(GObject*, GAsyncResult* asyncResult, gpointer data)
1303 {
1304     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1305
1306     if (handle->cancelledOrClientless()) {
1307         cleanupSoupRequestOperation(handle.get());
1308         return;
1309     }
1310
1311     ResourceHandleInternal* d = handle->getInternal();
1312     if (d->m_defersLoading) {
1313         d->m_deferredResult = asyncResult;
1314         return;
1315     }
1316
1317     GOwnPtr<GError> error;
1318     gssize bytesRead = g_input_stream_read_finish(d->m_inputStream.get(), asyncResult, &error.outPtr());
1319
1320     if (error) {
1321         handle->client()->didFail(handle.get(), ResourceError::genericGError(error.get(), d->m_soupRequest.get()));
1322         cleanupSoupRequestOperation(handle.get());
1323         return;
1324     }
1325
1326     if (!bytesRead) {
1327         // If this is a multipart message, we'll look for another part.
1328         if (d->m_soupMessage && d->m_multipartInputStream) {
1329             d->m_inputStream.clear();
1330             soup_multipart_input_stream_next_part_async(d->m_multipartInputStream.get(), G_PRIORITY_DEFAULT,
1331                 d->m_cancellable.get(), nextMultipartResponsePartCallback, handle.get());
1332             return;
1333         }
1334
1335         g_input_stream_close(d->m_inputStream.get(), 0, 0);
1336
1337         handle->client()->didFinishLoading(handle.get(), 0);
1338         cleanupSoupRequestOperation(handle.get());
1339         return;
1340     }
1341
1342     // It's mandatory to have sent a response before sending data
1343     ASSERT(!d->m_response.isNull());
1344
1345     size_t currentPosition = handle->currentStreamPosition();
1346     size_t encodedDataLength = currentPosition ? currentPosition - d->m_previousPosition : bytesRead;
1347
1348     ASSERT(d->m_soupBuffer);
1349     d->m_soupBuffer->length = bytesRead; // The buffer might be larger than the number of bytes read. SharedBuffer looks at the length property.
1350     handle->client()->didReceiveBuffer(handle.get(), SharedBuffer::wrapSoupBuffer(d->m_soupBuffer.release()), encodedDataLength);
1351
1352     d->m_previousPosition = currentPosition;
1353
1354     // didReceiveBuffer may cancel the load, which may release the last reference.
1355     if (handle->cancelledOrClientless()) {
1356         cleanupSoupRequestOperation(handle.get());
1357         return;
1358     }
1359
1360     handle->ensureReadBuffer();
1361     g_input_stream_read_async(d->m_inputStream.get(), const_cast<char*>(d->m_soupBuffer->data), d->m_soupBuffer->length, G_PRIORITY_DEFAULT,
1362         d->m_cancellable.get(), readCallback, handle.get());
1363 }
1364
1365 void ResourceHandle::continueWillSendRequest(const ResourceRequest& request)
1366 {
1367     ASSERT(client());
1368     ASSERT(client()->usesAsyncCallbacks());
1369     continueAfterWillSendRequest(this, request);
1370 }
1371
1372 void ResourceHandle::continueDidReceiveResponse()
1373 {
1374     ASSERT(client());
1375     ASSERT(client()->usesAsyncCallbacks());
1376     continueAfterDidReceiveResponse(this);
1377 }
1378
1379 void ResourceHandle::continueShouldUseCredentialStorage(bool)
1380 {
1381     ASSERT(client());
1382     ASSERT(client()->usesAsyncCallbacks());
1383     // FIXME: Implement this method if needed: https://bugs.webkit.org/show_bug.cgi?id=126114.
1384 }
1385
1386 static gboolean requestTimeoutCallback(gpointer data)
1387 {
1388     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1389     handle->client()->didFail(handle.get(), ResourceError::timeoutError(handle->getInternal()->m_firstRequest.url().string()));
1390     handle->cancel();
1391
1392     return FALSE;
1393 }
1394
1395 uint64_t ResourceHandle::getSoupRequestInitiatingPageID(SoupRequest* request)
1396 {
1397     uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(g_object_get_data(G_OBJECT(request), gSoupRequestInitiatingPageIDKey));
1398     return initiatingPageIDPtr ? *initiatingPageIDPtr : 0;
1399 }
1400
1401 }