[Soup] CredentialStorage should only be used for HTTP-family requests
[WebKit-https.git] / Source / WebCore / platform / network / soup / ResourceHandleSoup.cpp
1 /*
2  * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011 Apple Inc. All rights reserved.
3  * Copyright (C) 2008 Alp Toker <alp@atoker.com>
4  * Copyright (C) 2008 Xan Lopez <xan@gnome.org>
5  * Copyright (C) 2008, 2010 Collabora Ltd.
6  * Copyright (C) 2009 Holger Hans Peter Freyther
7  * Copyright (C) 2009 Gustavo Noronha Silva <gns@gnome.org>
8  * Copyright (C) 2009 Christian Dywan <christian@imendio.com>
9  * Copyright (C) 2009, 2010, 2011, 2012 Igalia S.L.
10  * Copyright (C) 2009 John Kjellberg <john.kjellberg@power.alstom.com>
11  * Copyright (C) 2012 Intel Corporation
12  *
13  * This library is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU Library General Public
15  * License as published by the Free Software Foundation; either
16  * version 2 of the License, or (at your option) any later version.
17  *
18  * This library is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
21  * Library General Public License for more details.
22  *
23  * You should have received a copy of the GNU Library General Public License
24  * along with this library; see the file COPYING.LIB.  If not, write to
25  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
26  * Boston, MA 02110-1301, USA.
27  */
28
29 #include "config.h"
30 #include "ResourceHandle.h"
31
32 #include "CachedResourceLoader.h"
33 #include "ChromeClient.h"
34 #include "CookieJarSoup.h"
35 #include "CredentialStorage.h"
36 #include "FileSystem.h"
37 #include "Frame.h"
38 #include "GOwnPtrSoup.h"
39 #include "HTTPParsers.h"
40 #include "LocalizedStrings.h"
41 #include "Logging.h"
42 #include "MIMETypeRegistry.h"
43 #include "NotImplemented.h"
44 #include "Page.h"
45 #include "ResourceError.h"
46 #include "ResourceHandleClient.h"
47 #include "ResourceHandleInternal.h"
48 #include "ResourceResponse.h"
49 #include "SharedBuffer.h"
50 #include "TextEncoding.h"
51 #include <errno.h>
52 #include <fcntl.h>
53 #include <gio/gio.h>
54 #include <glib.h>
55 #define LIBSOUP_USE_UNSTABLE_REQUEST_API
56 #include <libsoup/soup-request-http.h>
57 #include <libsoup/soup-requester.h>
58 #include <libsoup/soup.h>
59 #include <sys/stat.h>
60 #include <sys/types.h>
61 #include <unistd.h>
62 #include <wtf/SHA1.h>
63 #include <wtf/gobject/GRefPtr.h>
64 #include <wtf/text/Base64.h>
65 #include <wtf/text/CString.h>
66
67 #if ENABLE(BLOB)
68 #include "BlobData.h"
69 #include "BlobRegistryImpl.h"
70 #include "BlobStorageData.h"
71 #endif
72
73 #if PLATFORM(GTK)
74 #include "CredentialBackingStore.h"
75 #endif
76
77 namespace WebCore {
78
79 #define READ_BUFFER_SIZE 8192
80
81 static bool loadingSynchronousRequest = false;
82
83 class WebCoreSynchronousLoader : public ResourceHandleClient {
84     WTF_MAKE_NONCOPYABLE(WebCoreSynchronousLoader);
85 public:
86
87     WebCoreSynchronousLoader(ResourceError& error, ResourceResponse& response, SoupSession* session, Vector<char>& data)
88         : m_error(error)
89         , m_response(response)
90         , m_session(session)
91         , m_data(data)
92         , m_finished(false)
93     {
94         // We don't want any timers to fire while we are doing our synchronous load
95         // so we replace the thread default main context. The main loop iterations
96         // will only process GSources associated with this inner context.
97         loadingSynchronousRequest = true;
98         GRefPtr<GMainContext> innerMainContext = adoptGRef(g_main_context_new());
99         g_main_context_push_thread_default(innerMainContext.get());
100         m_mainLoop = adoptGRef(g_main_loop_new(innerMainContext.get(), false));
101
102         adjustMaxConnections(1);
103     }
104
105     ~WebCoreSynchronousLoader()
106     {
107         adjustMaxConnections(-1);
108         g_main_context_pop_thread_default(g_main_context_get_thread_default());
109         loadingSynchronousRequest = false;
110     }
111
112     void adjustMaxConnections(int adjustment)
113     {
114         int maxConnections, maxConnectionsPerHost;
115         g_object_get(m_session,
116                      SOUP_SESSION_MAX_CONNS, &maxConnections,
117                      SOUP_SESSION_MAX_CONNS_PER_HOST, &maxConnectionsPerHost,
118                      NULL);
119         maxConnections += adjustment;
120         maxConnectionsPerHost += adjustment;
121         g_object_set(m_session,
122                      SOUP_SESSION_MAX_CONNS, maxConnections,
123                      SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost,
124                      NULL);
125
126     }
127
128     virtual bool isSynchronousClient()
129     {
130         return true;
131     }
132
133     virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
134     {
135         m_response = response;
136     }
137
138     virtual void didReceiveData(ResourceHandle*, const char* data, int length, int)
139     {
140         m_data.append(data, length);
141     }
142
143     virtual void didFinishLoading(ResourceHandle*, double)
144     {
145         if (g_main_loop_is_running(m_mainLoop.get()))
146             g_main_loop_quit(m_mainLoop.get());
147         m_finished = true;
148     }
149
150     virtual void didFail(ResourceHandle* handle, const ResourceError& error)
151     {
152         m_error = error;
153         didFinishLoading(handle, 0);
154     }
155
156     virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge)
157     {
158         // We do not handle authentication for synchronous XMLHttpRequests.
159         challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge);
160     }
161
162     void run()
163     {
164         if (!m_finished)
165             g_main_loop_run(m_mainLoop.get());
166     }
167
168 private:
169     ResourceError& m_error;
170     ResourceResponse& m_response;
171     SoupSession* m_session;
172     Vector<char>& m_data;
173     bool m_finished;
174     GRefPtr<GMainLoop> m_mainLoop;
175 };
176
177 class HostTLSCertificateSet {
178 public:
179     void add(GTlsCertificate* certificate)
180     {
181         String certificateHash = computeCertificateHash(certificate);
182         if (!certificateHash.isEmpty())
183             m_certificates.add(certificateHash);
184     }
185
186     bool contains(GTlsCertificate* certificate)
187     {
188         return m_certificates.contains(computeCertificateHash(certificate));
189     }
190
191 private:
192     static String computeCertificateHash(GTlsCertificate* certificate)
193     {
194         GByteArray* data = 0;
195         g_object_get(G_OBJECT(certificate), "certificate", &data, NULL);
196         if (!data)
197             return String();
198
199         static const size_t sha1HashSize = 20;
200         GRefPtr<GByteArray> certificateData = adoptGRef(data);
201         SHA1 sha1;
202         sha1.addBytes(certificateData->data, certificateData->len);
203
204         Vector<uint8_t, sha1HashSize> digest;
205         sha1.computeHash(digest);
206
207         return base64Encode(reinterpret_cast<const char*>(digest.data()), sha1HashSize);
208     }
209
210     HashSet<String> m_certificates;
211 };
212
213 static void cleanupSoupRequestOperation(ResourceHandle*, bool isDestroying);
214 static void sendRequestCallback(GObject*, GAsyncResult*, gpointer);
215 static void readCallback(GObject*, GAsyncResult*, gpointer);
216 static void closeCallback(GObject*, GAsyncResult*, gpointer);
217 static gboolean requestTimeoutCallback(void*);
218 #if ENABLE(WEB_TIMING)
219 static int  milisecondsSinceRequest(double requestTime);
220 #endif
221
222 static bool gIgnoreSSLErrors = false;
223
224 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
225 {
226     DEFINE_STATIC_LOCAL(HashSet<String>, hosts, ());
227     return hosts;
228 }
229
230 typedef HashMap<String, HostTLSCertificateSet> CertificatesMap;
231 static CertificatesMap& clientCertificates()
232 {
233     DEFINE_STATIC_LOCAL(CertificatesMap, certificates, ());
234     return certificates;
235 }
236
237 ResourceHandleInternal::~ResourceHandleInternal()
238 {
239 }
240
241 static SoupSession* sessionFromContext(NetworkingContext* context)
242 {
243     return (context && context->isValid()) ? context->soupSession() : ResourceHandle::defaultSession();
244 }
245
246 ResourceHandle::~ResourceHandle()
247 {
248     cleanupSoupRequestOperation(this, true);
249 }
250
251 static void ensureSessionIsInitialized(SoupSession* session)
252 {
253     if (g_object_get_data(G_OBJECT(session), "webkit-init"))
254         return;
255
256     if (session == ResourceHandle::defaultSession()) {
257         SoupCookieJar* jar = SOUP_COOKIE_JAR(soup_session_get_feature(session, SOUP_TYPE_COOKIE_JAR));
258         if (!jar)
259             soup_session_add_feature(session, SOUP_SESSION_FEATURE(soupCookieJar()));
260         else
261             setSoupCookieJar(jar);
262     }
263
264 #if !LOG_DISABLED
265     if (!soup_session_get_feature(session, SOUP_TYPE_LOGGER) && LogNetwork.state == WTFLogChannelOn) {
266         SoupLogger* logger = soup_logger_new(static_cast<SoupLoggerLogLevel>(SOUP_LOGGER_LOG_BODY), -1);
267         soup_session_add_feature(session, SOUP_SESSION_FEATURE(logger));
268         g_object_unref(logger);
269     }
270 #endif // !LOG_DISABLED
271
272     if (!soup_session_get_feature(session, SOUP_TYPE_REQUESTER)) {
273         SoupRequester* requester = soup_requester_new();
274         soup_session_add_feature(session, SOUP_SESSION_FEATURE(requester));
275         g_object_unref(requester);
276     }
277
278     g_object_set_data(G_OBJECT(session), "webkit-init", reinterpret_cast<void*>(0xdeadbeef));
279 }
280
281 SoupSession* ResourceHandleInternal::soupSession()
282 {
283     SoupSession* session = sessionFromContext(m_context.get());
284     ensureSessionIsInitialized(session);
285     return session;
286 }
287
288 static void gotHeadersCallback(SoupMessage* message, gpointer data)
289 {
290     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
291     if (!handle)
292         return;
293     ResourceHandleInternal* d = handle->getInternal();
294     if (d->m_cancelled)
295         return;
296
297 #if ENABLE(WEB_TIMING)
298     if (d->m_response.resourceLoadTiming())
299         d->m_response.resourceLoadTiming()->receiveHeadersEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
300 #endif
301
302 #if PLATFORM(GTK)
303     // We are a bit more conservative with the persistent credential storage than the session store,
304     // since we are waiting until we know that this authentication succeeded before actually storing.
305     // This is because we want to avoid hitting the disk twice (once to add and once to remove) for
306     // incorrect credentials or polluting the keychain with invalid credentials.
307     if (message->status_code != 401 && message->status_code < 500 && !d->m_credentialDataToSaveInPersistentStore.credential.isEmpty()) {
308         credentialBackingStore().storeCredentialsForChallenge(
309             d->m_credentialDataToSaveInPersistentStore.challenge,
310             d->m_credentialDataToSaveInPersistentStore.credential);
311     }
312 #endif
313
314     // The original response will be needed later to feed to willSendRequest in
315     // restartedCallback() in case we are redirected. For this reason, so we store it
316     // here.
317     ResourceResponse response;
318     response.updateFromSoupMessage(message);
319     d->m_response = response;
320 }
321
322 static void applyAuthenticationToRequest(ResourceHandle* handle, bool redirect)
323 {
324     // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open().
325     ResourceHandleInternal* d = handle->getInternal();
326     String user = d->m_user;
327     String password = d->m_pass;
328
329     ResourceRequest& request = d->m_firstRequest;
330     if (handle->shouldUseCredentialStorage()) {
331         if (d->m_user.isEmpty() && d->m_pass.isEmpty())
332             d->m_initialCredential = CredentialStorage::get(request.url());
333         else if (!redirect) {
334             // If there is already a protection space known for the URL, update stored credentials
335             // before sending a request. This makes it possible to implement logout by sending an
336             // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that
337             // an authentication dialog doesn't pop up).
338             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
339         }
340     }
341
342     if (!d->m_initialCredential.isEmpty()) {
343         user = d->m_initialCredential.user();
344         password = d->m_initialCredential.password();
345     }
346
347     // We always put the credentials into the URL. In the CFNetwork-port HTTP family credentials are applied in
348     // the didReceiveAuthenticationChallenge callback, but libsoup requires us to use this method to override
349     // any previously remembered credentials. It has its own per-session credential storage.
350     if (!user.isEmpty() || !password.isEmpty()) {
351         KURL urlWithCredentials(request.url());
352         urlWithCredentials.setUser(d->m_user);
353         urlWithCredentials.setPass(d->m_pass);
354         request.setURL(urlWithCredentials);
355     }
356 }
357
358 // Called each time the message is going to be sent again except the first time.
359 // It's used mostly to let webkit know about redirects.
360 static void restartedCallback(SoupMessage* message, gpointer data)
361 {
362     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
363     if (!handle)
364         return;
365     ResourceHandleInternal* d = handle->getInternal();
366     if (d->m_cancelled)
367         return;
368
369     GOwnPtr<char> uri(soup_uri_to_string(soup_message_get_uri(message), false));
370     String location = String::fromUTF8(uri.get());
371     KURL newURL = KURL(handle->firstRequest().url(), location);
372
373     ResourceRequest request = handle->firstRequest();
374     request.setURL(newURL);
375     request.setHTTPMethod(message->method);
376
377     // Should not set Referer after a redirect from a secure resource to non-secure one.
378     if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https")) {
379         request.clearHTTPReferrer();
380         soup_message_headers_remove(message->request_headers, "Referer");
381     }
382
383     const KURL& url = request.url();
384     d->m_user = url.user();
385     d->m_pass = url.pass();
386     request.removeCredentials();
387
388     ResourceResponse& redirectResponse = d->m_response;
389     if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url())) {
390         // If the network layer carries over authentication headers from the original request
391         // in a cross-origin redirect, we want to clear those headers here. 
392         request.clearHTTPAuthorization();
393         soup_message_headers_remove(message->request_headers, "Authorization");
394
395         // TODO: We are losing any username and password specified in the redirect URL, as this is the 
396         // same behavior as the CFNet port. We should investigate if this is really what we want.
397     } else
398         applyAuthenticationToRequest(handle, true);
399
400     // Per-request authentication is handled via the URI-embedded username/password.
401     GOwnPtr<SoupURI> newSoupURI(soup_uri_new(request.urlStringForSoup().utf8().data()));
402     soup_message_set_uri(message, newSoupURI.get());
403
404     if (d->client())
405         d->client()->willSendRequest(handle, request, redirectResponse);
406
407     if (d->m_cancelled)
408         return;
409
410 #if ENABLE(WEB_TIMING)
411     redirectResponse.setResourceLoadTiming(ResourceLoadTiming::create());
412     redirectResponse.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime();
413 #endif
414
415     // Update the first party in case the base URL changed with the redirect
416     String firstPartyString = request.firstPartyForCookies().string();
417     if (!firstPartyString.isEmpty()) {
418         GOwnPtr<SoupURI> firstParty(soup_uri_new(firstPartyString.utf8().data()));
419         soup_message_set_first_party(d->m_soupMessage.get(), firstParty.get());
420     }
421 }
422
423 static void wroteBodyDataCallback(SoupMessage*, SoupBuffer* buffer, gpointer data)
424 {
425     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
426     if (!handle)
427         return;
428
429     ASSERT(buffer);
430     ResourceHandleInternal* internal = handle->getInternal();
431     internal->m_bodyDataSent += buffer->length;
432
433     if (internal->m_cancelled)
434         return;
435     ResourceHandleClient* client = handle->client();
436     if (!client)
437         return;
438
439     client->didSendData(handle.get(), internal->m_bodyDataSent, internal->m_bodySize);
440 }
441
442 static void cleanupSoupRequestOperation(ResourceHandle* handle, bool isDestroying = false)
443 {
444     ResourceHandleInternal* d = handle->getInternal();
445
446     if (d->m_soupRequest)
447         d->m_soupRequest.clear();
448
449     if (d->m_inputStream)
450         d->m_inputStream.clear();
451
452     d->m_cancellable.clear();
453
454     if (d->m_soupMessage) {
455         g_signal_handlers_disconnect_matched(d->m_soupMessage.get(), G_SIGNAL_MATCH_DATA,
456                                              0, 0, 0, 0, handle);
457         g_object_set_data(G_OBJECT(d->m_soupMessage.get()), "handle", 0);
458         d->m_soupMessage.clear();
459     }
460
461     if (d->m_buffer) {
462         g_slice_free1(READ_BUFFER_SIZE, d->m_buffer);
463         d->m_buffer = 0;
464     }
465
466     if (d->m_timeoutSource) {
467         g_source_destroy(d->m_timeoutSource.get());
468         d->m_timeoutSource.clear();
469     }
470
471     if (!isDestroying)
472         handle->deref();
473 }
474
475 static bool handleUnignoredTLSErrors(ResourceHandle* handle)
476 {
477     ResourceHandleInternal* d = handle->getInternal();
478     const ResourceResponse& response = d->m_response;
479
480     if (!response.soupMessageTLSErrors() || gIgnoreSSLErrors)
481         return false;
482
483     String lowercaseHostURL = handle->firstRequest().url().host().lower();
484     if (allowsAnyHTTPSCertificateHosts().contains(lowercaseHostURL))
485         return false;
486
487     // We aren't ignoring errors globally, but the user may have already decided to accept this certificate.
488     CertificatesMap::iterator i = clientCertificates().find(lowercaseHostURL);
489     if (i != clientCertificates().end() && i->value.contains(response.soupMessageCertificate()))
490         return false;
491
492     handle->client()->didFail(handle, ResourceError::tlsError(d->m_soupRequest.get(), response.soupMessageTLSErrors(), response.soupMessageCertificate()));
493     return true;
494 }
495
496 static void sendRequestCallback(GObject*, GAsyncResult* res, gpointer data)
497 {
498     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
499
500     ResourceHandleInternal* d = handle->getInternal();
501     ResourceHandleClient* client = handle->client();
502     SoupMessage* soupMessage = d->m_soupMessage.get();
503
504     if (d->m_cancelled || !client) {
505         cleanupSoupRequestOperation(handle.get());
506         return;
507     }
508
509     if (d->m_defersLoading) {
510         d->m_deferredResult = res;
511         return;
512     }
513
514     GOwnPtr<GError> error;
515     GInputStream* in = soup_request_send_finish(d->m_soupRequest.get(), res, &error.outPtr());
516     if (error) {
517         client->didFail(handle.get(), ResourceError::httpError(soupMessage, error.get(), d->m_soupRequest.get()));
518         cleanupSoupRequestOperation(handle.get());
519         return;
520     }
521
522     d->m_inputStream = adoptGRef(in);
523     d->m_buffer = static_cast<char*>(g_slice_alloc(READ_BUFFER_SIZE));
524
525     if (soupMessage) {
526         if (handle->shouldContentSniff() && soupMessage->status_code != SOUP_STATUS_NOT_MODIFIED) {
527             const char* sniffedType = soup_request_get_content_type(d->m_soupRequest.get());
528             d->m_response.setSniffedContentType(sniffedType);
529         }
530         d->m_response.updateFromSoupMessage(soupMessage);
531
532         if (handleUnignoredTLSErrors(handle.get())) {
533             cleanupSoupRequestOperation(handle.get());
534             return;
535         }
536
537     } else {
538         d->m_response.setURL(handle->firstRequest().url());
539         const gchar* contentType = soup_request_get_content_type(d->m_soupRequest.get());
540         d->m_response.setMimeType(extractMIMETypeFromMediaType(contentType));
541         d->m_response.setTextEncodingName(extractCharsetFromMediaType(contentType));
542         d->m_response.setExpectedContentLength(soup_request_get_content_length(d->m_soupRequest.get()));
543     }
544
545     client->didReceiveResponse(handle.get(), d->m_response);
546
547     if (d->m_cancelled) {
548         cleanupSoupRequestOperation(handle.get());
549         return;
550     }
551
552     g_input_stream_read_async(d->m_inputStream.get(), d->m_buffer, READ_BUFFER_SIZE,
553                               G_PRIORITY_DEFAULT, d->m_cancellable.get(), readCallback, handle.get());
554 }
555
556 static bool addFileToSoupMessageBody(SoupMessage* message, const String& fileNameString, size_t offset, size_t lengthToSend, unsigned long& totalBodySize)
557 {
558     GOwnPtr<GError> error;
559     CString fileName = fileSystemRepresentation(fileNameString);
560     GMappedFile* fileMapping = g_mapped_file_new(fileName.data(), false, &error.outPtr());
561     if (error)
562         return false;
563
564     gsize bufferLength = lengthToSend;
565     if (!lengthToSend)
566         bufferLength = g_mapped_file_get_length(fileMapping);
567     totalBodySize += bufferLength;
568
569     SoupBuffer* soupBuffer = soup_buffer_new_with_owner(g_mapped_file_get_contents(fileMapping) + offset,
570                                                         bufferLength,
571                                                         fileMapping,
572                                                         reinterpret_cast<GDestroyNotify>(g_mapped_file_unref));
573     soup_message_body_append_buffer(message->request_body, soupBuffer);
574     soup_buffer_free(soupBuffer);
575     return true;
576 }
577
578 #if ENABLE(BLOB)
579 static bool blobIsOutOfDate(const BlobDataItem& blobItem)
580 {
581     ASSERT(blobItem.type == BlobDataItem::File);
582     if (!isValidFileTime(blobItem.expectedModificationTime))
583         return false;
584
585     time_t fileModificationTime;
586     if (!getFileModificationTime(blobItem.path, fileModificationTime))
587         return true;
588
589     return fileModificationTime != static_cast<time_t>(blobItem.expectedModificationTime);
590 }
591
592 static void addEncodedBlobItemToSoupMessageBody(SoupMessage* message, const BlobDataItem& blobItem, unsigned long& totalBodySize)
593 {
594     if (blobItem.type == BlobDataItem::Data) {
595         totalBodySize += blobItem.length;
596         soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY,
597                                  blobItem.data->data() + blobItem.offset, blobItem.length);
598         return;
599     }
600
601     ASSERT(blobItem.type == BlobDataItem::File);
602     if (blobIsOutOfDate(blobItem))
603         return;
604
605     addFileToSoupMessageBody(message,
606                              blobItem.path,
607                              blobItem.offset,
608                              blobItem.length == BlobDataItem::toEndOfFile ? 0 : blobItem.length,
609                              totalBodySize);
610 }
611
612 static void addEncodedBlobToSoupMessageBody(SoupMessage* message, const FormDataElement& element, unsigned long& totalBodySize)
613 {
614     RefPtr<BlobStorageData> blobData = static_cast<BlobRegistryImpl&>(blobRegistry()).getBlobDataFromURL(KURL(ParsedURLString, element.m_url));
615     if (!blobData)
616         return;
617
618     for (size_t i = 0; i < blobData->items().size(); ++i)
619         addEncodedBlobItemToSoupMessageBody(message, blobData->items()[i], totalBodySize);
620 }
621 #endif // ENABLE(BLOB)
622
623 static bool addFormElementsToSoupMessage(SoupMessage* message, const char*, FormData* httpBody, unsigned long& totalBodySize)
624 {
625     soup_message_body_set_accumulate(message->request_body, FALSE);
626     size_t numElements = httpBody->elements().size();
627     for (size_t i = 0; i < numElements; i++) {
628         const FormDataElement& element = httpBody->elements()[i];
629
630         if (element.m_type == FormDataElement::data) {
631             totalBodySize += element.m_data.size();
632             soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY,
633                                      element.m_data.data(), element.m_data.size());
634             continue;
635         }
636
637         if (element.m_type == FormDataElement::encodedFile) {
638             if (!addFileToSoupMessageBody(message ,
639                                          element.m_filename,
640                                          0 /* offset */,
641                                          0 /* lengthToSend */,
642                                          totalBodySize))
643                 return false;
644             continue;
645         }
646
647 #if ENABLE(BLOB)
648         ASSERT(element.m_type == FormDataElement::encodedBlob);
649         addEncodedBlobToSoupMessageBody(message, element, totalBodySize);
650 #endif
651     }
652     return true;
653 }
654
655 #if ENABLE(WEB_TIMING)
656 static int milisecondsSinceRequest(double requestTime)
657 {
658     return static_cast<int>((monotonicallyIncreasingTime() - requestTime) * 1000.0);
659 }
660
661 static void wroteBodyCallback(SoupMessage*, gpointer data)
662 {
663     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
664     if (!handle)
665         return;
666
667     ResourceHandleInternal* d = handle->getInternal();
668     if (!d->m_response.resourceLoadTiming())
669         return;
670
671     d->m_response.resourceLoadTiming()->sendEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
672 }
673
674 static void requestStartedCallback(SoupSession*, SoupMessage* soupMessage, SoupSocket*, gpointer)
675 {
676     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(g_object_get_data(G_OBJECT(soupMessage), "handle"));
677     if (!handle)
678         return;
679
680     ResourceHandleInternal* d = handle->getInternal();
681     if (!d->m_response.resourceLoadTiming())
682         return;
683
684     d->m_response.resourceLoadTiming()->sendStart = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
685     if (d->m_response.resourceLoadTiming()->sslStart != -1) {
686         // WebCore/inspector/front-end/RequestTimingView.js assumes
687         // that SSL time is included in connection time so must
688         // substract here the SSL delta that will be added later (see
689         // WebInspector.RequestTimingView.createTimingTable in the
690         // file above for more details).
691         d->m_response.resourceLoadTiming()->sendStart -=
692             d->m_response.resourceLoadTiming()->sslEnd - d->m_response.resourceLoadTiming()->sslStart;
693     }
694 }
695
696 static void networkEventCallback(SoupMessage*, GSocketClientEvent event, GIOStream*, gpointer data)
697 {
698     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
699     if (!handle)
700         return;
701     ResourceHandleInternal* d = handle->getInternal();
702     if (d->m_cancelled)
703         return;
704
705     int deltaTime = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
706     switch (event) {
707     case G_SOCKET_CLIENT_RESOLVING:
708         d->m_response.resourceLoadTiming()->dnsStart = deltaTime;
709         break;
710     case G_SOCKET_CLIENT_RESOLVED:
711         d->m_response.resourceLoadTiming()->dnsEnd = deltaTime;
712         break;
713     case G_SOCKET_CLIENT_CONNECTING:
714         d->m_response.resourceLoadTiming()->connectStart = deltaTime;
715         if (d->m_response.resourceLoadTiming()->dnsStart != -1)
716             // WebCore/inspector/front-end/RequestTimingView.js assumes
717             // that DNS time is included in connection time so must
718             // substract here the DNS delta that will be added later (see
719             // WebInspector.RequestTimingView.createTimingTable in the
720             // file above for more details).
721             d->m_response.resourceLoadTiming()->connectStart -=
722                 d->m_response.resourceLoadTiming()->dnsEnd - d->m_response.resourceLoadTiming()->dnsStart;
723         break;
724     case G_SOCKET_CLIENT_CONNECTED:
725         // Web Timing considers that connection time involves dns, proxy & TLS negotiation...
726         // so we better pick G_SOCKET_CLIENT_COMPLETE for connectEnd
727         break;
728     case G_SOCKET_CLIENT_PROXY_NEGOTIATING:
729         d->m_response.resourceLoadTiming()->proxyStart = deltaTime;
730         break;
731     case G_SOCKET_CLIENT_PROXY_NEGOTIATED:
732         d->m_response.resourceLoadTiming()->proxyEnd = deltaTime;
733         break;
734     case G_SOCKET_CLIENT_TLS_HANDSHAKING:
735         d->m_response.resourceLoadTiming()->sslStart = deltaTime;
736         break;
737     case G_SOCKET_CLIENT_TLS_HANDSHAKED:
738         d->m_response.resourceLoadTiming()->sslEnd = deltaTime;
739         break;
740     case G_SOCKET_CLIENT_COMPLETE:
741         d->m_response.resourceLoadTiming()->connectEnd = deltaTime;
742         break;
743     default:
744         ASSERT_NOT_REACHED();
745         break;
746     }
747 }
748 #endif
749
750 static const char* gSoupRequestInitiaingPageIDKey = "wk-soup-request-initiaing-page-id";
751
752 static void setSoupRequestInitiaingPageIDFromNetworkingContext(SoupRequest* request, NetworkingContext* context)
753 {
754     if (!context || !context->isValid())
755         return;
756
757     uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(fastMalloc(sizeof(uint64_t)));
758     *initiatingPageIDPtr = context->initiatingPageID();
759     g_object_set_data_full(G_OBJECT(request), g_intern_static_string(gSoupRequestInitiaingPageIDKey), initiatingPageIDPtr, fastFree);
760 }
761
762 static bool createSoupMessageForHandleAndRequest(ResourceHandle* handle, const ResourceRequest& request)
763 {
764     ASSERT(handle);
765
766     ResourceHandleInternal* d = handle->getInternal();
767     ASSERT(d->m_soupRequest);
768
769     d->m_soupMessage = adoptGRef(soup_request_http_get_message(SOUP_REQUEST_HTTP(d->m_soupRequest.get())));
770     if (!d->m_soupMessage)
771         return false;
772
773     SoupMessage* soupMessage = d->m_soupMessage.get();
774     request.updateSoupMessage(soupMessage);
775
776     g_object_set_data(G_OBJECT(soupMessage), "handle", handle);
777     if (!handle->shouldContentSniff())
778         soup_message_disable_feature(soupMessage, SOUP_TYPE_CONTENT_SNIFFER);
779
780     String firstPartyString = request.firstPartyForCookies().string();
781     if (!firstPartyString.isEmpty()) {
782         GOwnPtr<SoupURI> firstParty(soup_uri_new(firstPartyString.utf8().data()));
783         soup_message_set_first_party(soupMessage, firstParty.get());
784     }
785
786     FormData* httpBody = request.httpBody();
787     CString contentType = request.httpContentType().utf8().data();
788     if (httpBody && !httpBody->isEmpty() && !addFormElementsToSoupMessage(soupMessage, contentType.data(), httpBody, d->m_bodySize)) {
789         // We failed to prepare the body data, so just fail this load.
790         d->m_soupMessage.clear();
791         return false;
792     }
793
794     // Make sure we have an Accept header for subresources; some sites
795     // want this to serve some of their subresources
796     if (!soup_message_headers_get_one(soupMessage->request_headers, "Accept"))
797         soup_message_headers_append(soupMessage->request_headers, "Accept", "*/*");
798
799     // In the case of XHR .send() and .send("") explicitly tell libsoup to send a zero content-lenght header
800     // for consistency with other backends (e.g. Chromium's) and other UA implementations like FF. It's done
801     // in the backend here instead of in XHR code since in XHR CORS checking prevents us from this kind of
802     // late header manipulation.
803     if ((request.httpMethod() == "POST" || request.httpMethod() == "PUT")
804         && (!request.httpBody() || request.httpBody()->isEmpty()))
805         soup_message_headers_set_content_length(soupMessage->request_headers, 0);
806
807     g_signal_connect(d->m_soupMessage.get(), "got-headers", G_CALLBACK(gotHeadersCallback), handle);
808     g_signal_connect(d->m_soupMessage.get(), "restarted", G_CALLBACK(restartedCallback), handle);
809     g_signal_connect(d->m_soupMessage.get(), "wrote-body-data", G_CALLBACK(wroteBodyDataCallback), handle);
810
811 #if ENABLE(WEB_TIMING)
812     d->m_response.setResourceLoadTiming(ResourceLoadTiming::create());
813     g_signal_connect(d->m_soupMessage.get(), "network-event", G_CALLBACK(networkEventCallback), handle);
814     g_signal_connect(d->m_soupMessage.get(), "wrote-body", G_CALLBACK(wroteBodyCallback), handle);
815 #endif
816
817     return true;
818 }
819
820 static bool createSoupRequestAndMessageForHandle(ResourceHandle* handle, bool isHTTPFamilyRequest)
821 {
822     ResourceHandleInternal* d = handle->getInternal();
823     SoupRequester* requester = SOUP_REQUESTER(soup_session_get_feature(d->soupSession(), SOUP_TYPE_REQUESTER));
824
825     GOwnPtr<GError> error;
826     ResourceRequest& request = handle->firstRequest();
827
828     d->m_soupRequest = adoptGRef(soup_requester_request(requester, request.urlStringForSoup().utf8().data(), &error.outPtr()));
829     if (error) {
830         d->m_soupRequest.clear();
831         return false;
832     }
833
834     // SoupMessages are only applicable to HTTP-family requests.
835     if (isHTTPFamilyRequest && !createSoupMessageForHandleAndRequest(handle, request)) {
836         d->m_soupRequest.clear();
837         return false;
838     }
839
840     return true;
841 }
842
843 bool ResourceHandle::start(NetworkingContext* context)
844 {
845     ASSERT(!d->m_soupMessage);
846
847     // The frame could be null if the ResourceHandle is not associated to any
848     // Frame, e.g. if we are downloading a file.
849     // If the frame is not null but the page is null this must be an attempted
850     // load from an unload handler, so let's just block it.
851     // If both the frame and the page are not null the context is valid.
852     if (context && !context->isValid())
853         return false;
854
855     // Used to set the keep track of custom SoupSessions for ports that support it (EFL).
856     d->m_context = context;
857
858     // Only allow the POST and GET methods for non-HTTP requests.
859     const ResourceRequest& request = firstRequest();
860     bool isHTTPFamilyRequest = request.url().protocolIsInHTTPFamily();
861     if (!isHTTPFamilyRequest && request.httpMethod() != "GET" && request.httpMethod() != "POST") {
862         this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately
863         return true;
864     }
865
866     applyAuthenticationToRequest(this, false);
867     // The CFNet backend clears these, so we do as well.
868     d->m_user = String();
869     d->m_pass = String();
870
871     if (!createSoupRequestAndMessageForHandle(this, isHTTPFamilyRequest)) {
872         this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately
873         return true;
874     }
875
876     setSoupRequestInitiaingPageIDFromNetworkingContext(d->m_soupRequest.get(), context);
877
878     // Send the request only if it's not been explicitly deferred.
879     if (!d->m_defersLoading)
880         sendPendingRequest();
881
882     return true;
883 }
884
885 void ResourceHandle::sendPendingRequest()
886 {
887 #if ENABLE(WEB_TIMING)
888     if (d->m_response.resourceLoadTiming())
889         d->m_response.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime();
890 #endif
891
892     if (d->m_firstRequest.timeoutInterval() > 0) {
893         // soup_add_timeout returns a GSource* whose only reference is owned by
894         // the context. We need to have our own reference to it, hence not using adoptRef.
895         d->m_timeoutSource = soup_add_timeout(g_main_context_get_thread_default(),
896             d->m_firstRequest.timeoutInterval() * 1000, requestTimeoutCallback, this);
897     }
898
899     // Balanced by a deref() in cleanupSoupRequestOperation, which should always run.
900     ref();
901
902     d->m_cancellable = adoptGRef(g_cancellable_new());
903     soup_request_send_async(d->m_soupRequest.get(), d->m_cancellable.get(), sendRequestCallback, this);
904 }
905
906 void ResourceHandle::cancel()
907 {
908     d->m_cancelled = true;
909     if (d->m_soupMessage)
910         soup_session_cancel_message(d->soupSession(), d->m_soupMessage.get(), SOUP_STATUS_CANCELLED);
911     else if (d->m_cancellable)
912         g_cancellable_cancel(d->m_cancellable.get());
913 }
914
915 bool ResourceHandle::shouldUseCredentialStorage()
916 {
917     return (!client() || client()->shouldUseCredentialStorage(this)) && firstRequest().url().protocolIsInHTTPFamily();
918 }
919
920 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
921 {
922     allowsAnyHTTPSCertificateHosts().add(host.lower());
923 }
924
925 void ResourceHandle::setClientCertificate(const String& host, GTlsCertificate* certificate)
926 {
927     clientCertificates().add(host.lower(), HostTLSCertificateSet()).iterator->value.add(certificate);
928 }
929
930 void ResourceHandle::setIgnoreSSLErrors(bool ignoreSSLErrors)
931 {
932     gIgnoreSSLErrors = ignoreSSLErrors;
933 }
934
935 #if PLATFORM(GTK)
936 void getCredentialFromPersistentStoreCallback(const Credential& credential, void* data)
937 {
938     static_cast<ResourceHandle*>(data)->continueDidReceiveAuthenticationChallenge(credential);
939 }
940 #endif
941
942 void ResourceHandle::continueDidReceiveAuthenticationChallenge(const Credential& credentialFromPersistentStorage)
943 {
944     ASSERT(!d->m_currentWebChallenge.isNull());
945     AuthenticationChallenge& challenge = d->m_currentWebChallenge;
946
947     ASSERT(challenge.soupSession());
948     ASSERT(challenge.soupMessage());
949     if (!credentialFromPersistentStorage.isEmpty())
950         challenge.setProposedCredential(credentialFromPersistentStorage);
951
952     if (!client()) {
953         soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
954         clearAuthentication();
955         return;
956     }
957
958     ASSERT(challenge.soupSession());
959     ASSERT(challenge.soupMessage());
960     client()->didReceiveAuthenticationChallenge(this, challenge);
961 }
962
963 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
964 {
965     ASSERT(d->m_currentWebChallenge.isNull());
966
967     bool useCredentialStorage = shouldUseCredentialStorage();
968     if (!d->m_user.isNull() && !d->m_pass.isNull()) {
969         Credential credential = Credential(d->m_user, d->m_pass, CredentialPersistenceForSession);
970         if (useCredentialStorage)
971             CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
972         soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
973
974         return;
975     }
976
977     // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
978     if (useCredentialStorage) {
979         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
980             // The stored credential wasn't accepted, stop using it. There is a race condition
981             // here, since a different credential might have already been stored by another
982             // ResourceHandle, but the observable effect should be very minor, if any.
983             CredentialStorage::remove(challenge.protectionSpace());
984         }
985
986         if (!challenge.previousFailureCount()) {
987             Credential credential = CredentialStorage::get(challenge.protectionSpace());
988             if (!credential.isEmpty() && credential != d->m_initialCredential) {
989                 ASSERT(credential.persistence() == CredentialPersistenceNone);
990
991                 // Store the credential back, possibly adding it as a default for this directory.
992                 if (challenge.failureResponse().httpStatusCode() == 401)
993                     CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
994
995                 soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
996                 return;
997             }
998         }
999     }
1000
1001     d->m_currentWebChallenge = challenge;
1002     soup_session_pause_message(challenge.soupSession(), challenge.soupMessage());
1003
1004 #if PLATFORM(GTK)
1005     // We could also do this before we even start the request, but that would be at the expense
1006     // of all request latency, versus a one-time latency for the small subset of requests that
1007     // use HTTP authentication. In the end, this doesn't matter much, because persistent credentials
1008     // will become session credentials after the first use.
1009     if (useCredentialStorage) {
1010         credentialBackingStore().credentialForChallenge(challenge, getCredentialFromPersistentStoreCallback, this);
1011         return;
1012     }
1013 #endif
1014
1015     continueDidReceiveAuthenticationChallenge(Credential());
1016 }
1017
1018 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
1019 {
1020     ASSERT(!challenge.isNull());
1021     if (challenge != d->m_currentWebChallenge)
1022         return;
1023     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1024
1025     clearAuthentication();
1026 }
1027
1028 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
1029 {
1030     ASSERT(!challenge.isNull());
1031     if (challenge != d->m_currentWebChallenge)
1032         return;
1033
1034     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
1035     if (credential.isEmpty()) {
1036         receivedRequestToContinueWithoutCredential(challenge);
1037         return;
1038     }
1039
1040     if (shouldUseCredentialStorage()) {
1041         // Eventually we will manage per-session credentials only internally or use some newly-exposed API from libsoup,
1042         // because once we authenticate via libsoup, there is no way to ignore it for a particular request. Right now,
1043         // we place the credentials in the store even though libsoup will never fire the authenticate signal again for
1044         // this protection space.
1045         if (credential.persistence() == CredentialPersistenceForSession || credential.persistence() == CredentialPersistencePermanent)
1046             CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
1047
1048 #if PLATFORM(GTK)
1049         if (credential.persistence() == CredentialPersistencePermanent) {
1050             d->m_credentialDataToSaveInPersistentStore.credential = credential;
1051             d->m_credentialDataToSaveInPersistentStore.challenge = challenge;
1052         }
1053 #endif
1054     }
1055
1056     ASSERT(challenge.soupSession());
1057     ASSERT(challenge.soupMessage());
1058     soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
1059     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1060
1061     clearAuthentication();
1062 }
1063
1064 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
1065 {
1066     ASSERT(!challenge.isNull());
1067     if (challenge != d->m_currentWebChallenge)
1068         return;
1069
1070     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1071
1072     if (client())
1073         client()->receivedCancellation(this, challenge);
1074
1075     clearAuthentication();
1076 }
1077
1078 static bool waitingToSendRequest(ResourceHandle* handle)
1079 {
1080     // We need to check for d->m_soupRequest because the request may have raised a failure
1081     // (for example invalid URLs). We cannot  simply check for d->m_scheduledFailure because
1082     // it's cleared as soon as the failure event is fired.
1083     return handle->getInternal()->m_soupRequest && !handle->getInternal()->m_cancellable;
1084 }
1085
1086 void ResourceHandle::platformSetDefersLoading(bool defersLoading)
1087 {
1088     if (d->m_cancelled)
1089         return;
1090
1091     // Except when canceling a possible timeout timer, we only need to take action here to UN-defer loading.
1092     if (defersLoading) {
1093         if (d->m_timeoutSource) {
1094             g_source_destroy(d->m_timeoutSource.get());
1095             d->m_timeoutSource.clear();
1096         }
1097         return;
1098     }
1099
1100     if (waitingToSendRequest(this)) {
1101         sendPendingRequest();
1102         return;
1103     }
1104
1105     if (d->m_deferredResult) {
1106         GRefPtr<GAsyncResult> asyncResult = adoptGRef(d->m_deferredResult.leakRef());
1107
1108         if (d->m_inputStream)
1109             readCallback(G_OBJECT(d->m_inputStream.get()), asyncResult.get(), this);
1110         else
1111             sendRequestCallback(G_OBJECT(d->m_soupRequest.get()), asyncResult.get(), this);
1112     }
1113 }
1114
1115 bool ResourceHandle::loadsBlocked()
1116 {
1117     return false;
1118 }
1119
1120 bool ResourceHandle::willLoadFromCache(ResourceRequest&, Frame*)
1121 {
1122     // Not having this function means that we'll ask the user about re-posting a form
1123     // even when we go back to a page that's still in the cache.
1124     notImplemented();
1125     return false;
1126 }
1127
1128 void ResourceHandle::loadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials /*storedCredentials*/, ResourceError& error, ResourceResponse& response, Vector<char>& data)
1129 {
1130 #if ENABLE(BLOB)
1131     if (request.url().protocolIs("blob")) {
1132         blobRegistry().loadResourceSynchronously(request, error, response, data);
1133         return;
1134     }
1135 #endif
1136  
1137     ASSERT(!loadingSynchronousRequest);
1138     if (loadingSynchronousRequest) // In practice this cannot happen, but if for some reason it does,
1139         return;                    // we want to avoid accidentally going into an infinite loop of requests.
1140
1141     WebCoreSynchronousLoader syncLoader(error, response, sessionFromContext(context), data);
1142     RefPtr<ResourceHandle> handle = create(context, request, &syncLoader, false /*defersLoading*/, false /*shouldContentSniff*/);
1143     if (!handle)
1144         return;
1145
1146     // If the request has already failed, do not run the main loop, or else we'll block indefinitely.
1147     if (handle->d->m_scheduledFailureType != NoFailure)
1148         return;
1149
1150     syncLoader.run();
1151 }
1152
1153 static void closeCallback(GObject*, GAsyncResult* res, gpointer data)
1154 {
1155     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1156     ResourceHandleInternal* d = handle->getInternal();
1157
1158     g_input_stream_close_finish(d->m_inputStream.get(), res, 0);
1159
1160     ResourceHandleClient* client = handle->client();
1161     if (client && loadingSynchronousRequest)
1162         client->didFinishLoading(handle.get(), 0);
1163
1164     cleanupSoupRequestOperation(handle.get());
1165 }
1166
1167 static void readCallback(GObject*, GAsyncResult* asyncResult, gpointer data)
1168 {
1169     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1170
1171     ResourceHandleInternal* d = handle->getInternal();
1172     ResourceHandleClient* client = handle->client();
1173
1174     if (d->m_cancelled || !client) {
1175         cleanupSoupRequestOperation(handle.get());
1176         return;
1177     }
1178
1179     if (d->m_defersLoading) {
1180         d->m_deferredResult = asyncResult;
1181         return;
1182     }
1183
1184     GOwnPtr<GError> error;
1185     gssize bytesRead = g_input_stream_read_finish(d->m_inputStream.get(), asyncResult, &error.outPtr());
1186     if (error) {
1187         client->didFail(handle.get(), ResourceError::genericIOError(error.get(), d->m_soupRequest.get()));
1188         cleanupSoupRequestOperation(handle.get());
1189         return;
1190     }
1191
1192     if (!bytesRead) {
1193         // We inform WebCore of load completion now instead of waiting for the input
1194         // stream to close because the input stream is closed asynchronously. If this
1195         // is a synchronous request, we wait until the closeCallback, because we don't
1196         // want to halt the internal main loop before the input stream closes.
1197         if (client && !loadingSynchronousRequest) {
1198             client->didFinishLoading(handle.get(), 0);
1199             handle->setClient(0); // Unset the client so that we do not try to access th
1200                                   // client in the closeCallback.
1201         }
1202         g_input_stream_close_async(d->m_inputStream.get(), G_PRIORITY_DEFAULT, 0, closeCallback, handle.get());
1203         return;
1204     }
1205
1206     // It's mandatory to have sent a response before sending data
1207     ASSERT(!d->m_response.isNull());
1208
1209     client->didReceiveData(handle.get(), d->m_buffer, bytesRead, bytesRead);
1210
1211     // didReceiveData may cancel the load, which may release the last reference.
1212     if (d->m_cancelled || !client) {
1213         cleanupSoupRequestOperation(handle.get());
1214         return;
1215     }
1216
1217     g_input_stream_read_async(d->m_inputStream.get(), d->m_buffer, READ_BUFFER_SIZE, G_PRIORITY_DEFAULT,
1218                               d->m_cancellable.get(), readCallback, handle.get());
1219 }
1220
1221 static gboolean requestTimeoutCallback(gpointer data)
1222 {
1223     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1224     handle->client()->didFail(handle.get(), ResourceError::timeoutError(handle->getInternal()->m_firstRequest.url().string()));
1225     handle->cancel();
1226
1227     return FALSE;
1228 }
1229
1230 static void authenticateCallback(SoupSession* session, SoupMessage* soupMessage, SoupAuth* soupAuth, gboolean retrying)
1231 {
1232     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(g_object_get_data(G_OBJECT(soupMessage), "handle"));
1233     if (!handle)
1234         return;
1235     handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(session, soupMessage, soupAuth, retrying, handle.get()));
1236 }
1237
1238 SoupSession* ResourceHandle::defaultSession()
1239 {
1240     static SoupSession* session = 0;
1241     // Values taken from http://www.browserscope.org/  following
1242     // the rule "Do What Every Other Modern Browser Is Doing". They seem
1243     // to significantly improve page loading time compared to soup's
1244     // default values.
1245     static const int maxConnections = 35;
1246     static const int maxConnectionsPerHost = 6;
1247
1248     if (!session) {
1249         session = soup_session_async_new();
1250         g_object_set(session,
1251                      SOUP_SESSION_MAX_CONNS, maxConnections,
1252                      SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost,
1253                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_DECODER,
1254                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_SNIFFER,
1255                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_PROXY_RESOLVER_DEFAULT,
1256                      SOUP_SESSION_USE_THREAD_CONTEXT, TRUE,
1257                      NULL);
1258         g_signal_connect(session, "authenticate", G_CALLBACK(authenticateCallback), 0);
1259
1260 #if ENABLE(WEB_TIMING)
1261         g_signal_connect(session, "request-started", G_CALLBACK(requestStartedCallback), 0);
1262 #endif
1263     }
1264
1265     return session;
1266 }
1267
1268 uint64_t ResourceHandle::getSoupRequestInitiaingPageID(SoupRequest* request)
1269 {
1270     uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(g_object_get_data(G_OBJECT(request), gSoupRequestInitiaingPageIDKey));
1271     return initiatingPageIDPtr ? *initiatingPageIDPtr : 0;
1272 }
1273
1274 }