[GTK] Add webkit_uri_scheme_request_finish_error
[WebKit-https.git] / Source / WebCore / platform / network / soup / ResourceHandleSoup.cpp
1 /*
2  * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011 Apple Inc. All rights reserved.
3  * Copyright (C) 2008 Alp Toker <alp@atoker.com>
4  * Copyright (C) 2008 Xan Lopez <xan@gnome.org>
5  * Copyright (C) 2008, 2010 Collabora Ltd.
6  * Copyright (C) 2009 Holger Hans Peter Freyther
7  * Copyright (C) 2009 Gustavo Noronha Silva <gns@gnome.org>
8  * Copyright (C) 2009 Christian Dywan <christian@imendio.com>
9  * Copyright (C) 2009, 2010, 2011, 2012 Igalia S.L.
10  * Copyright (C) 2009 John Kjellberg <john.kjellberg@power.alstom.com>
11  * Copyright (C) 2012 Intel Corporation
12  *
13  * This library is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU Library General Public
15  * License as published by the Free Software Foundation; either
16  * version 2 of the License, or (at your option) any later version.
17  *
18  * This library is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
21  * Library General Public License for more details.
22  *
23  * You should have received a copy of the GNU Library General Public License
24  * along with this library; see the file COPYING.LIB.  If not, write to
25  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
26  * Boston, MA 02110-1301, USA.
27  */
28
29 #include "config.h"
30 #include "ResourceHandle.h"
31
32 #include "CachedResourceLoader.h"
33 #include "ChromeClient.h"
34 #include "CookieJarSoup.h"
35 #include "CredentialStorage.h"
36 #include "FileSystem.h"
37 #include "Frame.h"
38 #include "GOwnPtrSoup.h"
39 #include "HTTPParsers.h"
40 #include "LocalizedStrings.h"
41 #include "Logging.h"
42 #include "MIMETypeRegistry.h"
43 #include "NetworkingContext.h"
44 #include "NotImplemented.h"
45 #include "Page.h"
46 #include "ResourceError.h"
47 #include "ResourceHandleClient.h"
48 #include "ResourceHandleInternal.h"
49 #include "ResourceResponse.h"
50 #include "SharedBuffer.h"
51 #include "SoupURIUtils.h"
52 #include "TextEncoding.h"
53 #include <errno.h>
54 #include <fcntl.h>
55 #include <gio/gio.h>
56 #include <glib.h>
57 #include <libsoup/soup.h>
58 #include <sys/stat.h>
59 #include <sys/types.h>
60 #include <unistd.h>
61 #include <wtf/CurrentTime.h>
62 #include <wtf/SHA1.h>
63 #include <wtf/gobject/GRefPtr.h>
64 #include <wtf/text/Base64.h>
65 #include <wtf/text/CString.h>
66
67 #if ENABLE(BLOB)
68 #include "BlobData.h"
69 #include "BlobRegistryImpl.h"
70 #include "BlobStorageData.h"
71 #endif
72
73 #if PLATFORM(GTK)
74 #include "CredentialBackingStore.h"
75 #endif
76
77 namespace WebCore {
78
79 inline static void soupLogPrinter(SoupLogger*, SoupLoggerLogLevel, char direction, const char* data, gpointer)
80 {
81 #if LOG_DISABLED
82     UNUSED_PARAM(direction);
83     UNUSED_PARAM(data);
84 #endif
85     LOG(Network, "%c %s", direction, data);
86 }
87
88 static bool loadingSynchronousRequest = false;
89
90 class WebCoreSynchronousLoader : public ResourceHandleClient {
91     WTF_MAKE_NONCOPYABLE(WebCoreSynchronousLoader);
92 public:
93
94     WebCoreSynchronousLoader(ResourceError& error, ResourceResponse& response, SoupSession* session, Vector<char>& data)
95         : m_error(error)
96         , m_response(response)
97         , m_session(session)
98         , m_data(data)
99         , m_finished(false)
100     {
101         // We don't want any timers to fire while we are doing our synchronous load
102         // so we replace the thread default main context. The main loop iterations
103         // will only process GSources associated with this inner context.
104         loadingSynchronousRequest = true;
105         GRefPtr<GMainContext> innerMainContext = adoptGRef(g_main_context_new());
106         g_main_context_push_thread_default(innerMainContext.get());
107         m_mainLoop = adoptGRef(g_main_loop_new(innerMainContext.get(), false));
108
109         adjustMaxConnections(1);
110     }
111
112     ~WebCoreSynchronousLoader()
113     {
114         adjustMaxConnections(-1);
115
116         GMainContext* context = g_main_context_get_thread_default();
117         while (g_main_context_pending(context))
118             g_main_context_iteration(context, FALSE);
119
120         g_main_context_pop_thread_default(context);
121         loadingSynchronousRequest = false;
122     }
123
124     void adjustMaxConnections(int adjustment)
125     {
126         int maxConnections, maxConnectionsPerHost;
127         g_object_get(m_session,
128                      SOUP_SESSION_MAX_CONNS, &maxConnections,
129                      SOUP_SESSION_MAX_CONNS_PER_HOST, &maxConnectionsPerHost,
130                      NULL);
131         maxConnections += adjustment;
132         maxConnectionsPerHost += adjustment;
133         g_object_set(m_session,
134                      SOUP_SESSION_MAX_CONNS, maxConnections,
135                      SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost,
136                      NULL);
137
138     }
139
140     virtual bool isSynchronousClient()
141     {
142         return true;
143     }
144
145     virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
146     {
147         m_response = response;
148     }
149
150     virtual void didReceiveData(ResourceHandle*, const char* data, int length, int)
151     {
152         m_data.append(data, length);
153     }
154
155     virtual void didFinishLoading(ResourceHandle*, double)
156     {
157         if (g_main_loop_is_running(m_mainLoop.get()))
158             g_main_loop_quit(m_mainLoop.get());
159         m_finished = true;
160     }
161
162     virtual void didFail(ResourceHandle* handle, const ResourceError& error)
163     {
164         m_error = error;
165         didFinishLoading(handle, 0);
166     }
167
168     virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge)
169     {
170         // We do not handle authentication for synchronous XMLHttpRequests.
171         challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge);
172     }
173
174     void run()
175     {
176         if (!m_finished)
177             g_main_loop_run(m_mainLoop.get());
178     }
179
180 private:
181     ResourceError& m_error;
182     ResourceResponse& m_response;
183     SoupSession* m_session;
184     Vector<char>& m_data;
185     bool m_finished;
186     GRefPtr<GMainLoop> m_mainLoop;
187 };
188
189 class HostTLSCertificateSet {
190 public:
191     void add(GTlsCertificate* certificate)
192     {
193         String certificateHash = computeCertificateHash(certificate);
194         if (!certificateHash.isEmpty())
195             m_certificates.add(certificateHash);
196     }
197
198     bool contains(GTlsCertificate* certificate)
199     {
200         return m_certificates.contains(computeCertificateHash(certificate));
201     }
202
203 private:
204     static String computeCertificateHash(GTlsCertificate* certificate)
205     {
206         GByteArray* data = 0;
207         g_object_get(G_OBJECT(certificate), "certificate", &data, NULL);
208         if (!data)
209             return String();
210
211         static const size_t sha1HashSize = 20;
212         GRefPtr<GByteArray> certificateData = adoptGRef(data);
213         SHA1 sha1;
214         sha1.addBytes(certificateData->data, certificateData->len);
215
216         Vector<uint8_t, sha1HashSize> digest;
217         sha1.computeHash(digest);
218
219         return base64Encode(reinterpret_cast<const char*>(digest.data()), sha1HashSize);
220     }
221
222     HashSet<String> m_certificates;
223 };
224
225 static bool createSoupRequestAndMessageForHandle(ResourceHandle*, const ResourceRequest&, bool isHTTPFamilyRequest);
226 static void cleanupSoupRequestOperation(ResourceHandle*, bool isDestroying = false);
227 static void sendRequestCallback(GObject*, GAsyncResult*, gpointer);
228 static void readCallback(GObject*, GAsyncResult*, gpointer);
229 static gboolean requestTimeoutCallback(void*);
230 #if ENABLE(WEB_TIMING)
231 static int  milisecondsSinceRequest(double requestTime);
232 #endif
233
234 static bool gIgnoreSSLErrors = false;
235
236 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
237 {
238     DEFINE_STATIC_LOCAL(HashSet<String>, hosts, ());
239     return hosts;
240 }
241
242 typedef HashMap<String, HostTLSCertificateSet> CertificatesMap;
243 static CertificatesMap& clientCertificates()
244 {
245     DEFINE_STATIC_LOCAL(CertificatesMap, certificates, ());
246     return certificates;
247 }
248
249 ResourceHandleInternal::~ResourceHandleInternal()
250 {
251 }
252
253 static SoupSession* sessionFromContext(NetworkingContext* context)
254 {
255     if (!context || !context->isValid())
256         return ResourceHandle::defaultSession();
257     return context->storageSession().soupSession();
258 }
259
260 ResourceHandle::~ResourceHandle()
261 {
262     cleanupSoupRequestOperation(this, true);
263 }
264
265 static void ensureSessionIsInitialized(SoupSession* session)
266 {
267     if (g_object_get_data(G_OBJECT(session), "webkit-init"))
268         return;
269
270     if (session == ResourceHandle::defaultSession()) {
271         SoupCookieJar* jar = SOUP_COOKIE_JAR(soup_session_get_feature(session, SOUP_TYPE_COOKIE_JAR));
272         if (!jar)
273             soup_session_add_feature(session, SOUP_SESSION_FEATURE(soupCookieJar()));
274         else
275             setSoupCookieJar(jar);
276     }
277
278 #if !LOG_DISABLED
279     if (!soup_session_get_feature(session, SOUP_TYPE_LOGGER) && LogNetwork.state == WTFLogChannelOn) {
280         SoupLogger* logger = soup_logger_new(static_cast<SoupLoggerLogLevel>(SOUP_LOGGER_LOG_BODY), -1);
281         soup_session_add_feature(session, SOUP_SESSION_FEATURE(logger));
282         soup_logger_set_printer(logger, soupLogPrinter, 0, 0);
283         g_object_unref(logger);
284     }
285 #endif // !LOG_DISABLED
286
287     g_object_set_data(G_OBJECT(session), "webkit-init", reinterpret_cast<void*>(0xdeadbeef));
288 }
289
290 SoupSession* ResourceHandleInternal::soupSession()
291 {
292     SoupSession* session = sessionFromContext(m_context.get());
293     ensureSessionIsInitialized(session);
294     return session;
295 }
296
297 bool ResourceHandle::cancelledOrClientless()
298 {
299     if (!client())
300         return true;
301
302     return getInternal()->m_cancelled;
303 }
304
305 void ResourceHandle::ensureReadBuffer()
306 {
307     ResourceHandleInternal* d = getInternal();
308
309     static const size_t defaultReadBufferSize = 8192;
310     size_t bufferSize;
311     char* bufferPtr = client()->getOrCreateReadBuffer(defaultReadBufferSize, bufferSize);
312     if (bufferPtr) {
313         d->m_defaultReadBuffer.clear();
314         d->m_readBufferPtr = bufferPtr;
315         d->m_readBufferSize = bufferSize;
316     } else if (!d->m_defaultReadBuffer) {
317         d->m_defaultReadBuffer.set(static_cast<char*>(g_malloc(defaultReadBufferSize)));
318         d->m_readBufferPtr = d->m_defaultReadBuffer.get();
319         d->m_readBufferSize = defaultReadBufferSize;
320     } else
321         d->m_readBufferPtr = d->m_defaultReadBuffer.get();
322
323     ASSERT(d->m_readBufferPtr);
324     ASSERT(d->m_readBufferSize);
325 }
326
327 static bool isAuthenticationFailureStatusCode(int httpStatusCode)
328 {
329     return httpStatusCode == SOUP_STATUS_PROXY_AUTHENTICATION_REQUIRED || httpStatusCode == SOUP_STATUS_UNAUTHORIZED;
330 }
331
332 static void gotHeadersCallback(SoupMessage* message, gpointer data)
333 {
334     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
335     if (!handle || handle->cancelledOrClientless())
336         return;
337
338     ResourceHandleInternal* d = handle->getInternal();
339
340 #if ENABLE(WEB_TIMING)
341     if (d->m_response.resourceLoadTiming())
342         d->m_response.resourceLoadTiming()->receiveHeadersEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
343 #endif
344
345 #if PLATFORM(GTK)
346     // We are a bit more conservative with the persistent credential storage than the session store,
347     // since we are waiting until we know that this authentication succeeded before actually storing.
348     // This is because we want to avoid hitting the disk twice (once to add and once to remove) for
349     // incorrect credentials or polluting the keychain with invalid credentials.
350     if (!isAuthenticationFailureStatusCode(message->status_code) && message->status_code < 500 && !d->m_credentialDataToSaveInPersistentStore.credential.isEmpty()) {
351         credentialBackingStore().storeCredentialsForChallenge(
352             d->m_credentialDataToSaveInPersistentStore.challenge,
353             d->m_credentialDataToSaveInPersistentStore.credential);
354     }
355 #endif
356
357     // The original response will be needed later to feed to willSendRequest in
358     // doRedirect() in case we are redirected. For this reason, we store it here.
359     ResourceResponse response;
360     response.updateFromSoupMessage(message);
361     d->m_response = response;
362 }
363
364 static void applyAuthenticationToRequest(ResourceHandle* handle, ResourceRequest& request, bool redirect)
365 {
366     // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open().
367     ResourceHandleInternal* d = handle->getInternal();
368
369     if (handle->shouldUseCredentialStorage()) {
370         if (d->m_user.isEmpty() && d->m_pass.isEmpty())
371             d->m_initialCredential = CredentialStorage::get(request.url());
372         else if (!redirect) {
373             // If there is already a protection space known for the URL, update stored credentials
374             // before sending a request. This makes it possible to implement logout by sending an
375             // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that
376             // an authentication dialog doesn't pop up).
377             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
378         }
379     }
380
381     String user = d->m_user;
382     String password = d->m_pass;
383     if (!d->m_initialCredential.isEmpty()) {
384         user = d->m_initialCredential.user();
385         password = d->m_initialCredential.password();
386     }
387
388     if (user.isEmpty() && password.isEmpty())
389         return;
390
391     // We always put the credentials into the URL. In the CFNetwork-port HTTP family credentials are applied in
392     // the didReceiveAuthenticationChallenge callback, but libsoup requires us to use this method to override
393     // any previously remembered credentials. It has its own per-session credential storage.
394     KURL urlWithCredentials(request.url());
395     urlWithCredentials.setUser(user);
396     urlWithCredentials.setPass(password);
397     request.setURL(urlWithCredentials);
398 }
399
400 // Called each time the message is going to be sent again except the first time.
401 // This happens when libsoup handles HTTP authentication.
402 static void restartedCallback(SoupMessage*, gpointer data)
403 {
404     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
405     if (!handle || handle->cancelledOrClientless())
406         return;
407
408 #if ENABLE(WEB_TIMING)
409     ResourceHandleInternal* d = handle->getInternal();
410     ResourceResponse& redirectResponse = d->m_response;
411     redirectResponse.setResourceLoadTiming(ResourceLoadTiming::create());
412     redirectResponse.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime();
413 #endif
414 }
415
416 static bool shouldRedirect(ResourceHandle* handle)
417 {
418     ResourceHandleInternal* d = handle->getInternal();
419     SoupMessage* message = d->m_soupMessage.get();
420
421     // Some 3xx status codes aren't actually redirects.
422     if (message->status_code == 300 || message->status_code == 304 || message->status_code == 305 || message->status_code == 306)
423         return false;
424
425     if (!soup_message_headers_get_one(message->response_headers, "Location"))
426         return false;
427
428     return true;
429 }
430
431 static bool shouldRedirectAsGET(SoupMessage* message, KURL& newURL, bool crossOrigin)
432 {
433     if (message->method == SOUP_METHOD_GET || message->method == SOUP_METHOD_HEAD)
434         return false;
435
436     if (!newURL.protocolIsInHTTPFamily())
437         return true;
438
439     switch (message->status_code) {
440     case SOUP_STATUS_SEE_OTHER:
441         return true;
442     case SOUP_STATUS_FOUND:
443     case SOUP_STATUS_MOVED_PERMANENTLY:
444         if (message->method == SOUP_METHOD_POST)
445             return true;
446         break;
447     }
448
449     if (crossOrigin && message->method == SOUP_METHOD_DELETE)
450         return true;
451
452     return false;
453 }
454
455 static void doRedirect(ResourceHandle* handle)
456 {
457     ResourceHandleInternal* d = handle->getInternal();
458     static const int maxRedirects = 20;
459
460     if (d->m_redirectCount++ > maxRedirects) {
461         d->client()->didFail(handle, ResourceError::transportError(d->m_soupRequest.get(), SOUP_STATUS_TOO_MANY_REDIRECTS, "Too many redirects"));
462         cleanupSoupRequestOperation(handle);
463         return;
464     }
465
466     ResourceRequest newRequest = handle->firstRequest();
467     SoupMessage* message = d->m_soupMessage.get();
468     const char* location = soup_message_headers_get_one(message->response_headers, "Location");
469     KURL newURL = KURL(soupURIToKURL(soup_message_get_uri(message)), location);
470     bool crossOrigin = !protocolHostAndPortAreEqual(handle->firstRequest().url(), newURL);
471     newRequest.setURL(newURL);
472     newRequest.setFirstPartyForCookies(newURL);
473
474     if (newRequest.httpMethod() != "GET") {
475         // Change newRequest method to GET if change was made during a previous redirection
476         // or if current redirection says so
477         if (message->method == SOUP_METHOD_GET || shouldRedirectAsGET(message, newURL, crossOrigin)) {
478             newRequest.setHTTPMethod("GET");
479             newRequest.setHTTPBody(0);
480             newRequest.clearHTTPContentType();
481         }
482     }
483
484     // Should not set Referer after a redirect from a secure resource to non-secure one.
485     if (!newURL.protocolIs("https") && protocolIs(newRequest.httpReferrer(), "https") && handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect())
486         newRequest.clearHTTPReferrer();
487
488     d->m_user = newURL.user();
489     d->m_pass = newURL.pass();
490     newRequest.removeCredentials();
491
492     if (crossOrigin) {
493         // If the network layer carries over authentication headers from the original request
494         // in a cross-origin redirect, we want to clear those headers here. 
495         newRequest.clearHTTPAuthorization();
496
497         // TODO: We are losing any username and password specified in the redirect URL, as this is the 
498         // same behavior as the CFNet port. We should investigate if this is really what we want.
499     } else
500         applyAuthenticationToRequest(handle, newRequest, true);
501
502     cleanupSoupRequestOperation(handle);
503     if (!createSoupRequestAndMessageForHandle(handle, newRequest, true)) {
504         d->client()->cannotShowURL(handle);
505         return;
506     }
507
508     // If we sent credentials with this request's URL, we don't want the response to carry them to
509     // the WebKit layer. They were only placed in the URL for the benefit of libsoup.
510     newRequest.removeCredentials();
511
512     d->client()->willSendRequest(handle, newRequest, d->m_response);
513     handle->sendPendingRequest();
514 }
515
516 static void redirectSkipCallback(GObject*, GAsyncResult* asyncResult, gpointer data)
517 {
518     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
519
520     if (handle->cancelledOrClientless()) {
521         cleanupSoupRequestOperation(handle.get());
522         return;
523     }
524
525     GOwnPtr<GError> error;
526     ResourceHandleInternal* d = handle->getInternal();
527     gssize bytesSkipped = g_input_stream_read_finish(d->m_inputStream.get(), asyncResult, &error.outPtr());
528     if (error) {
529         handle->client()->didFail(handle.get(), ResourceError::genericGError(error.get(), d->m_soupRequest.get()));
530         cleanupSoupRequestOperation(handle.get());
531         return;
532     }
533
534     if (bytesSkipped > 0) {
535         handle->ensureReadBuffer();
536         g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize, G_PRIORITY_DEFAULT,
537             d->m_cancellable.get(), redirectSkipCallback, handle.get());
538         return;
539     }
540
541     g_input_stream_close(d->m_inputStream.get(), 0, 0);
542     doRedirect(handle.get());
543 }
544
545 static void wroteBodyDataCallback(SoupMessage*, SoupBuffer* buffer, gpointer data)
546 {
547     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
548     if (!handle)
549         return;
550
551     ASSERT(buffer);
552     ResourceHandleInternal* d = handle->getInternal();
553     d->m_bodyDataSent += buffer->length;
554
555     if (handle->cancelledOrClientless())
556         return;
557
558     handle->client()->didSendData(handle.get(), d->m_bodyDataSent, d->m_bodySize);
559 }
560
561 static void cleanupSoupRequestOperation(ResourceHandle* handle, bool isDestroying)
562 {
563     ResourceHandleInternal* d = handle->getInternal();
564
565     d->m_soupRequest.clear();
566     d->m_inputStream.clear();
567     d->m_multipartInputStream.clear();
568     d->m_cancellable.clear();
569
570     if (d->m_soupMessage) {
571         g_signal_handlers_disconnect_matched(d->m_soupMessage.get(), G_SIGNAL_MATCH_DATA,
572                                              0, 0, 0, 0, handle);
573         g_object_set_data(G_OBJECT(d->m_soupMessage.get()), "handle", 0);
574         d->m_soupMessage.clear();
575     }
576
577     if (d->m_readBufferPtr)
578         d->m_readBufferPtr = 0;
579     if (!d->m_defaultReadBuffer)
580         d->m_readBufferSize = 0;
581
582     if (d->m_timeoutSource) {
583         g_source_destroy(d->m_timeoutSource.get());
584         d->m_timeoutSource.clear();
585     }
586
587     if (!isDestroying)
588         handle->deref();
589 }
590
591 static bool handleUnignoredTLSErrors(ResourceHandle* handle)
592 {
593     ResourceHandleInternal* d = handle->getInternal();
594     const ResourceResponse& response = d->m_response;
595
596     if (!response.soupMessageTLSErrors() || gIgnoreSSLErrors)
597         return false;
598
599     String lowercaseHostURL = handle->firstRequest().url().host().lower();
600     if (allowsAnyHTTPSCertificateHosts().contains(lowercaseHostURL))
601         return false;
602
603     // We aren't ignoring errors globally, but the user may have already decided to accept this certificate.
604     CertificatesMap::iterator i = clientCertificates().find(lowercaseHostURL);
605     if (i != clientCertificates().end() && i->value.contains(response.soupMessageCertificate()))
606         return false;
607
608     handle->client()->didFail(handle, ResourceError::tlsError(d->m_soupRequest.get(), response.soupMessageTLSErrors(), response.soupMessageCertificate()));
609     return true;
610 }
611
612 static void nextMultipartResponsePartCallback(GObject* /*source*/, GAsyncResult* result, gpointer data)
613 {
614     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
615
616     if (handle->cancelledOrClientless()) {
617         cleanupSoupRequestOperation(handle.get());
618         return;
619     }
620
621     ResourceHandleInternal* d = handle->getInternal();
622     ASSERT(!d->m_inputStream);
623
624     GOwnPtr<GError> error;
625     d->m_inputStream = adoptGRef(soup_multipart_input_stream_next_part_finish(d->m_multipartInputStream.get(), result, &error.outPtr()));
626
627     if (error) {
628         handle->client()->didFail(handle.get(), ResourceError::httpError(d->m_soupMessage.get(), error.get(), d->m_soupRequest.get()));
629         cleanupSoupRequestOperation(handle.get());
630         return;
631     }
632
633     if (!d->m_inputStream) {
634         handle->client()->didFinishLoading(handle.get(), 0);
635         cleanupSoupRequestOperation(handle.get());
636         return;
637     }
638
639     d->m_response = ResourceResponse();
640     d->m_response.setURL(handle->firstRequest().url());
641     d->m_response.updateFromSoupMessageHeaders(soup_multipart_input_stream_get_headers(d->m_multipartInputStream.get()));
642
643     handle->client()->didReceiveResponse(handle.get(), d->m_response);
644
645     if (handle->cancelledOrClientless()) {
646         cleanupSoupRequestOperation(handle.get());
647         return;
648     }
649
650     handle->ensureReadBuffer();
651     g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize,
652         G_PRIORITY_DEFAULT, d->m_cancellable.get(), readCallback, handle.get());
653 }
654
655 static void sendRequestCallback(GObject*, GAsyncResult* result, gpointer data)
656 {
657     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
658
659     if (handle->cancelledOrClientless()) {
660         cleanupSoupRequestOperation(handle.get());
661         return;
662     }
663
664     ResourceHandleInternal* d = handle->getInternal();
665     SoupMessage* soupMessage = d->m_soupMessage.get();
666
667
668     if (d->m_defersLoading) {
669         d->m_deferredResult = result;
670         return;
671     }
672
673     GOwnPtr<GError> error;
674     GRefPtr<GInputStream> inputStream = adoptGRef(soup_request_send_finish(d->m_soupRequest.get(), result, &error.outPtr()));
675     if (error) {
676         handle->client()->didFail(handle.get(), ResourceError::httpError(soupMessage, error.get(), d->m_soupRequest.get()));
677         cleanupSoupRequestOperation(handle.get());
678         return;
679     }
680
681     ASSERT(!d->m_readBufferPtr);
682
683     if (soupMessage) {
684         if (SOUP_STATUS_IS_REDIRECTION(soupMessage->status_code) && shouldRedirect(handle.get())) {
685             d->m_inputStream = inputStream;
686             // We use read_async() rather than skip_async() to work around
687             // https://bugzilla.gnome.org/show_bug.cgi?id=691489 until we can
688             // depend on glib > 2.35.4
689             handle->ensureReadBuffer();
690             g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize, G_PRIORITY_DEFAULT,
691                 d->m_cancellable.get(), redirectSkipCallback, handle.get());
692             return;
693         }
694
695         if (handle->shouldContentSniff() && soupMessage->status_code != SOUP_STATUS_NOT_MODIFIED) {
696             const char* sniffedType = soup_request_get_content_type(d->m_soupRequest.get());
697             d->m_response.setSniffedContentType(sniffedType);
698         }
699         d->m_response.updateFromSoupMessage(soupMessage);
700
701         if (handleUnignoredTLSErrors(handle.get())) {
702             cleanupSoupRequestOperation(handle.get());
703             return;
704         }
705
706     } else {
707         d->m_response.setURL(handle->firstRequest().url());
708         const gchar* contentType = soup_request_get_content_type(d->m_soupRequest.get());
709         d->m_response.setMimeType(extractMIMETypeFromMediaType(contentType));
710         d->m_response.setTextEncodingName(extractCharsetFromMediaType(contentType));
711         d->m_response.setExpectedContentLength(soup_request_get_content_length(d->m_soupRequest.get()));
712     }
713
714     handle->client()->didReceiveResponse(handle.get(), d->m_response);
715
716     if (handle->cancelledOrClientless()) {
717         cleanupSoupRequestOperation(handle.get());
718         return;
719     }
720
721     if (soupMessage && d->m_response.isMultipart()) {
722         d->m_multipartInputStream = adoptGRef(soup_multipart_input_stream_new(soupMessage, inputStream.get()));
723         soup_multipart_input_stream_next_part_async(d->m_multipartInputStream.get(), G_PRIORITY_DEFAULT,
724             d->m_cancellable.get(), nextMultipartResponsePartCallback, handle.get());
725         return;
726     }
727
728     d->m_inputStream = inputStream;
729
730     handle->ensureReadBuffer();
731     g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize,
732         G_PRIORITY_DEFAULT, d->m_cancellable.get(), readCallback, handle.get());
733 }
734
735 static bool addFileToSoupMessageBody(SoupMessage* message, const String& fileNameString, size_t offset, size_t lengthToSend, unsigned long& totalBodySize)
736 {
737     GOwnPtr<GError> error;
738     CString fileName = fileSystemRepresentation(fileNameString);
739     GMappedFile* fileMapping = g_mapped_file_new(fileName.data(), false, &error.outPtr());
740     if (error)
741         return false;
742
743     gsize bufferLength = lengthToSend;
744     if (!lengthToSend)
745         bufferLength = g_mapped_file_get_length(fileMapping);
746     totalBodySize += bufferLength;
747
748     SoupBuffer* soupBuffer = soup_buffer_new_with_owner(g_mapped_file_get_contents(fileMapping) + offset,
749                                                         bufferLength,
750                                                         fileMapping,
751                                                         reinterpret_cast<GDestroyNotify>(g_mapped_file_unref));
752     soup_message_body_append_buffer(message->request_body, soupBuffer);
753     soup_buffer_free(soupBuffer);
754     return true;
755 }
756
757 #if ENABLE(BLOB)
758 static bool blobIsOutOfDate(const BlobDataItem& blobItem)
759 {
760     ASSERT(blobItem.type == BlobDataItem::File);
761     if (!isValidFileTime(blobItem.expectedModificationTime))
762         return false;
763
764     time_t fileModificationTime;
765     if (!getFileModificationTime(blobItem.path, fileModificationTime))
766         return true;
767
768     return fileModificationTime != static_cast<time_t>(blobItem.expectedModificationTime);
769 }
770
771 static void addEncodedBlobItemToSoupMessageBody(SoupMessage* message, const BlobDataItem& blobItem, unsigned long& totalBodySize)
772 {
773     if (blobItem.type == BlobDataItem::Data) {
774         totalBodySize += blobItem.length;
775         soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY,
776                                  blobItem.data->data() + blobItem.offset, blobItem.length);
777         return;
778     }
779
780     ASSERT(blobItem.type == BlobDataItem::File);
781     if (blobIsOutOfDate(blobItem))
782         return;
783
784     addFileToSoupMessageBody(message,
785                              blobItem.path,
786                              blobItem.offset,
787                              blobItem.length == BlobDataItem::toEndOfFile ? 0 : blobItem.length,
788                              totalBodySize);
789 }
790
791 static void addEncodedBlobToSoupMessageBody(SoupMessage* message, const FormDataElement& element, unsigned long& totalBodySize)
792 {
793     RefPtr<BlobStorageData> blobData = static_cast<BlobRegistryImpl&>(blobRegistry()).getBlobDataFromURL(KURL(ParsedURLString, element.m_url));
794     if (!blobData)
795         return;
796
797     for (size_t i = 0; i < blobData->items().size(); ++i)
798         addEncodedBlobItemToSoupMessageBody(message, blobData->items()[i], totalBodySize);
799 }
800 #endif // ENABLE(BLOB)
801
802 static bool addFormElementsToSoupMessage(SoupMessage* message, const char*, FormData* httpBody, unsigned long& totalBodySize)
803 {
804     soup_message_body_set_accumulate(message->request_body, FALSE);
805     size_t numElements = httpBody->elements().size();
806     for (size_t i = 0; i < numElements; i++) {
807         const FormDataElement& element = httpBody->elements()[i];
808
809         if (element.m_type == FormDataElement::data) {
810             totalBodySize += element.m_data.size();
811             soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY,
812                                      element.m_data.data(), element.m_data.size());
813             continue;
814         }
815
816         if (element.m_type == FormDataElement::encodedFile) {
817             if (!addFileToSoupMessageBody(message ,
818                                          element.m_filename,
819                                          0 /* offset */,
820                                          0 /* lengthToSend */,
821                                          totalBodySize))
822                 return false;
823             continue;
824         }
825
826 #if ENABLE(BLOB)
827         ASSERT(element.m_type == FormDataElement::encodedBlob);
828         addEncodedBlobToSoupMessageBody(message, element, totalBodySize);
829 #endif
830     }
831     return true;
832 }
833
834 #if ENABLE(WEB_TIMING)
835 static int milisecondsSinceRequest(double requestTime)
836 {
837     return static_cast<int>((monotonicallyIncreasingTime() - requestTime) * 1000.0);
838 }
839
840 static void wroteBodyCallback(SoupMessage*, gpointer data)
841 {
842     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
843     if (!handle)
844         return;
845
846     ResourceHandleInternal* d = handle->getInternal();
847     if (!d->m_response.resourceLoadTiming())
848         return;
849
850     d->m_response.resourceLoadTiming()->sendEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
851 }
852
853 static void requestStartedCallback(SoupSession*, SoupMessage* soupMessage, SoupSocket*, gpointer)
854 {
855     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(g_object_get_data(G_OBJECT(soupMessage), "handle"));
856     if (!handle)
857         return;
858
859     ResourceHandleInternal* d = handle->getInternal();
860     if (!d->m_response.resourceLoadTiming())
861         return;
862
863     d->m_response.resourceLoadTiming()->sendStart = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
864     if (d->m_response.resourceLoadTiming()->sslStart != -1) {
865         // WebCore/inspector/front-end/RequestTimingView.js assumes
866         // that SSL time is included in connection time so must
867         // substract here the SSL delta that will be added later (see
868         // WebInspector.RequestTimingView.createTimingTable in the
869         // file above for more details).
870         d->m_response.resourceLoadTiming()->sendStart -=
871             d->m_response.resourceLoadTiming()->sslEnd - d->m_response.resourceLoadTiming()->sslStart;
872     }
873 }
874
875 static void networkEventCallback(SoupMessage*, GSocketClientEvent event, GIOStream*, gpointer data)
876 {
877     ResourceHandle* handle = static_cast<ResourceHandle*>(data);
878     if (!handle)
879         return;
880
881     if (handle->cancelledOrClientless())
882         return;
883
884     ResourceHandleInternal* d = handle->getInternal();
885     int deltaTime = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime);
886     switch (event) {
887     case G_SOCKET_CLIENT_RESOLVING:
888         d->m_response.resourceLoadTiming()->dnsStart = deltaTime;
889         break;
890     case G_SOCKET_CLIENT_RESOLVED:
891         d->m_response.resourceLoadTiming()->dnsEnd = deltaTime;
892         break;
893     case G_SOCKET_CLIENT_CONNECTING:
894         d->m_response.resourceLoadTiming()->connectStart = deltaTime;
895         if (d->m_response.resourceLoadTiming()->dnsStart != -1)
896             // WebCore/inspector/front-end/RequestTimingView.js assumes
897             // that DNS time is included in connection time so must
898             // substract here the DNS delta that will be added later (see
899             // WebInspector.RequestTimingView.createTimingTable in the
900             // file above for more details).
901             d->m_response.resourceLoadTiming()->connectStart -=
902                 d->m_response.resourceLoadTiming()->dnsEnd - d->m_response.resourceLoadTiming()->dnsStart;
903         break;
904     case G_SOCKET_CLIENT_CONNECTED:
905         // Web Timing considers that connection time involves dns, proxy & TLS negotiation...
906         // so we better pick G_SOCKET_CLIENT_COMPLETE for connectEnd
907         break;
908     case G_SOCKET_CLIENT_PROXY_NEGOTIATING:
909         d->m_response.resourceLoadTiming()->proxyStart = deltaTime;
910         break;
911     case G_SOCKET_CLIENT_PROXY_NEGOTIATED:
912         d->m_response.resourceLoadTiming()->proxyEnd = deltaTime;
913         break;
914     case G_SOCKET_CLIENT_TLS_HANDSHAKING:
915         d->m_response.resourceLoadTiming()->sslStart = deltaTime;
916         break;
917     case G_SOCKET_CLIENT_TLS_HANDSHAKED:
918         d->m_response.resourceLoadTiming()->sslEnd = deltaTime;
919         break;
920     case G_SOCKET_CLIENT_COMPLETE:
921         d->m_response.resourceLoadTiming()->connectEnd = deltaTime;
922         break;
923     default:
924         ASSERT_NOT_REACHED();
925         break;
926     }
927 }
928 #endif
929
930 static const char* gSoupRequestInitiatingPageIDKey = "wk-soup-request-initiating-page-id";
931
932 static void setSoupRequestInitiatingPageIDFromNetworkingContext(SoupRequest* request, NetworkingContext* context)
933 {
934     if (!context || !context->isValid())
935         return;
936
937     uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(fastMalloc(sizeof(uint64_t)));
938     *initiatingPageIDPtr = context->initiatingPageID();
939     g_object_set_data_full(G_OBJECT(request), g_intern_static_string(gSoupRequestInitiatingPageIDKey), initiatingPageIDPtr, fastFree);
940 }
941
942 static bool createSoupMessageForHandleAndRequest(ResourceHandle* handle, const ResourceRequest& request)
943 {
944     ASSERT(handle);
945
946     ResourceHandleInternal* d = handle->getInternal();
947     ASSERT(d->m_soupRequest);
948
949     d->m_soupMessage = adoptGRef(soup_request_http_get_message(SOUP_REQUEST_HTTP(d->m_soupRequest.get())));
950     if (!d->m_soupMessage)
951         return false;
952
953     SoupMessage* soupMessage = d->m_soupMessage.get();
954     request.updateSoupMessage(soupMessage);
955
956     g_object_set_data(G_OBJECT(soupMessage), "handle", handle);
957     if (!handle->shouldContentSniff())
958         soup_message_disable_feature(soupMessage, SOUP_TYPE_CONTENT_SNIFFER);
959
960     FormData* httpBody = request.httpBody();
961     CString contentType = request.httpContentType().utf8().data();
962     if (httpBody && !httpBody->isEmpty() && !addFormElementsToSoupMessage(soupMessage, contentType.data(), httpBody, d->m_bodySize)) {
963         // We failed to prepare the body data, so just fail this load.
964         d->m_soupMessage.clear();
965         return false;
966     }
967
968     // Make sure we have an Accept header for subresources; some sites
969     // want this to serve some of their subresources
970     if (!soup_message_headers_get_one(soupMessage->request_headers, "Accept"))
971         soup_message_headers_append(soupMessage->request_headers, "Accept", "*/*");
972
973     // In the case of XHR .send() and .send("") explicitly tell libsoup to send a zero content-lenght header
974     // for consistency with other backends (e.g. Chromium's) and other UA implementations like FF. It's done
975     // in the backend here instead of in XHR code since in XHR CORS checking prevents us from this kind of
976     // late header manipulation.
977     if ((request.httpMethod() == "POST" || request.httpMethod() == "PUT")
978         && (!request.httpBody() || request.httpBody()->isEmpty()))
979         soup_message_headers_set_content_length(soupMessage->request_headers, 0);
980
981     g_signal_connect(d->m_soupMessage.get(), "got-headers", G_CALLBACK(gotHeadersCallback), handle);
982     g_signal_connect(d->m_soupMessage.get(), "restarted", G_CALLBACK(restartedCallback), handle);
983     g_signal_connect(d->m_soupMessage.get(), "wrote-body-data", G_CALLBACK(wroteBodyDataCallback), handle);
984
985     soup_message_set_flags(d->m_soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(d->m_soupMessage.get()) | SOUP_MESSAGE_NO_REDIRECT));
986
987 #if ENABLE(WEB_TIMING)
988     d->m_response.setResourceLoadTiming(ResourceLoadTiming::create());
989     g_signal_connect(d->m_soupMessage.get(), "network-event", G_CALLBACK(networkEventCallback), handle);
990     g_signal_connect(d->m_soupMessage.get(), "wrote-body", G_CALLBACK(wroteBodyCallback), handle);
991 #endif
992
993     return true;
994 }
995
996 static bool createSoupRequestAndMessageForHandle(ResourceHandle* handle, const ResourceRequest& request, bool isHTTPFamilyRequest)
997 {
998     ResourceHandleInternal* d = handle->getInternal();
999
1000     GOwnPtr<GError> error;
1001
1002     GOwnPtr<SoupURI> soupURI(request.soupURI());
1003     if (!soupURI)
1004         return false;
1005
1006     d->m_soupRequest = adoptGRef(soup_session_request_uri(d->soupSession(), soupURI.get(), &error.outPtr()));
1007     if (error) {
1008         d->m_soupRequest.clear();
1009         return false;
1010     }
1011
1012     // SoupMessages are only applicable to HTTP-family requests.
1013     if (isHTTPFamilyRequest && !createSoupMessageForHandleAndRequest(handle, request)) {
1014         d->m_soupRequest.clear();
1015         return false;
1016     }
1017
1018     return true;
1019 }
1020
1021 bool ResourceHandle::start()
1022 {
1023     ASSERT(!d->m_soupMessage);
1024
1025     // The frame could be null if the ResourceHandle is not associated to any
1026     // Frame, e.g. if we are downloading a file.
1027     // If the frame is not null but the page is null this must be an attempted
1028     // load from an unload handler, so let's just block it.
1029     // If both the frame and the page are not null the context is valid.
1030     if (d->m_context && !d->m_context->isValid())
1031         return false;
1032
1033     // Only allow the POST and GET methods for non-HTTP requests.
1034     const ResourceRequest& request = firstRequest();
1035     bool isHTTPFamilyRequest = request.url().protocolIsInHTTPFamily();
1036     if (!isHTTPFamilyRequest && request.httpMethod() != "GET" && request.httpMethod() != "POST") {
1037         this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately
1038         return true;
1039     }
1040
1041     applyAuthenticationToRequest(this, firstRequest(), false);
1042
1043     if (!createSoupRequestAndMessageForHandle(this, request, isHTTPFamilyRequest)) {
1044         this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately
1045         return true;
1046     }
1047
1048     setSoupRequestInitiatingPageIDFromNetworkingContext(d->m_soupRequest.get(), d->m_context.get());
1049
1050     // Send the request only if it's not been explicitly deferred.
1051     if (!d->m_defersLoading)
1052         sendPendingRequest();
1053
1054     return true;
1055 }
1056
1057 void ResourceHandle::sendPendingRequest()
1058 {
1059 #if ENABLE(WEB_TIMING)
1060     if (d->m_response.resourceLoadTiming())
1061         d->m_response.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime();
1062 #endif
1063
1064     if (d->m_firstRequest.timeoutInterval() > 0) {
1065         // soup_add_timeout returns a GSource* whose only reference is owned by
1066         // the context. We need to have our own reference to it, hence not using adoptRef.
1067         d->m_timeoutSource = soup_add_timeout(g_main_context_get_thread_default(),
1068             d->m_firstRequest.timeoutInterval() * 1000, requestTimeoutCallback, this);
1069     }
1070
1071     // Balanced by a deref() in cleanupSoupRequestOperation, which should always run.
1072     ref();
1073
1074     d->m_cancellable = adoptGRef(g_cancellable_new());
1075     soup_request_send_async(d->m_soupRequest.get(), d->m_cancellable.get(), sendRequestCallback, this);
1076 }
1077
1078 void ResourceHandle::cancel()
1079 {
1080     d->m_cancelled = true;
1081     if (d->m_soupMessage)
1082         soup_session_cancel_message(d->soupSession(), d->m_soupMessage.get(), SOUP_STATUS_CANCELLED);
1083     else if (d->m_cancellable)
1084         g_cancellable_cancel(d->m_cancellable.get());
1085 }
1086
1087 bool ResourceHandle::shouldUseCredentialStorage()
1088 {
1089     return (!client() || client()->shouldUseCredentialStorage(this)) && firstRequest().url().protocolIsInHTTPFamily();
1090 }
1091
1092 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
1093 {
1094     allowsAnyHTTPSCertificateHosts().add(host.lower());
1095 }
1096
1097 void ResourceHandle::setClientCertificate(const String& host, GTlsCertificate* certificate)
1098 {
1099     clientCertificates().add(host.lower(), HostTLSCertificateSet()).iterator->value.add(certificate);
1100 }
1101
1102 void ResourceHandle::setIgnoreSSLErrors(bool ignoreSSLErrors)
1103 {
1104     gIgnoreSSLErrors = ignoreSSLErrors;
1105 }
1106
1107 #if PLATFORM(GTK)
1108 void getCredentialFromPersistentStoreCallback(const Credential& credential, void* data)
1109 {
1110     static_cast<ResourceHandle*>(data)->continueDidReceiveAuthenticationChallenge(credential);
1111 }
1112 #endif
1113
1114 void ResourceHandle::continueDidReceiveAuthenticationChallenge(const Credential& credentialFromPersistentStorage)
1115 {
1116     ASSERT(!d->m_currentWebChallenge.isNull());
1117     AuthenticationChallenge& challenge = d->m_currentWebChallenge;
1118
1119     ASSERT(challenge.soupSession());
1120     ASSERT(challenge.soupMessage());
1121     if (!credentialFromPersistentStorage.isEmpty())
1122         challenge.setProposedCredential(credentialFromPersistentStorage);
1123
1124     if (!client()) {
1125         soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1126         clearAuthentication();
1127         return;
1128     }
1129
1130     ASSERT(challenge.soupSession());
1131     ASSERT(challenge.soupMessage());
1132     client()->didReceiveAuthenticationChallenge(this, challenge);
1133 }
1134
1135 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
1136 {
1137     ASSERT(d->m_currentWebChallenge.isNull());
1138
1139     // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
1140     bool useCredentialStorage = shouldUseCredentialStorage();
1141     if (useCredentialStorage) {
1142         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
1143             // The stored credential wasn't accepted, stop using it. There is a race condition
1144             // here, since a different credential might have already been stored by another
1145             // ResourceHandle, but the observable effect should be very minor, if any.
1146             CredentialStorage::remove(challenge.protectionSpace());
1147         }
1148
1149         if (!challenge.previousFailureCount()) {
1150             Credential credential = CredentialStorage::get(challenge.protectionSpace());
1151             if (!credential.isEmpty() && credential != d->m_initialCredential) {
1152                 ASSERT(credential.persistence() == CredentialPersistenceNone);
1153
1154                 // Store the credential back, possibly adding it as a default for this directory.
1155                 if (isAuthenticationFailureStatusCode(challenge.failureResponse().httpStatusCode()))
1156                     CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
1157
1158                 soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
1159                 return;
1160             }
1161         }
1162     }
1163
1164     d->m_currentWebChallenge = challenge;
1165     soup_session_pause_message(challenge.soupSession(), challenge.soupMessage());
1166
1167 #if PLATFORM(GTK)
1168     // We could also do this before we even start the request, but that would be at the expense
1169     // of all request latency, versus a one-time latency for the small subset of requests that
1170     // use HTTP authentication. In the end, this doesn't matter much, because persistent credentials
1171     // will become session credentials after the first use.
1172     if (useCredentialStorage) {
1173         credentialBackingStore().credentialForChallenge(challenge, getCredentialFromPersistentStoreCallback, this);
1174         return;
1175     }
1176 #endif
1177
1178     continueDidReceiveAuthenticationChallenge(Credential());
1179 }
1180
1181 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
1182 {
1183     ASSERT(!challenge.isNull());
1184     if (challenge != d->m_currentWebChallenge)
1185         return;
1186     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1187
1188     clearAuthentication();
1189 }
1190
1191 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
1192 {
1193     ASSERT(!challenge.isNull());
1194     if (challenge != d->m_currentWebChallenge)
1195         return;
1196
1197     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
1198     if (credential.isEmpty()) {
1199         receivedRequestToContinueWithoutCredential(challenge);
1200         return;
1201     }
1202
1203     if (shouldUseCredentialStorage()) {
1204         // Eventually we will manage per-session credentials only internally or use some newly-exposed API from libsoup,
1205         // because once we authenticate via libsoup, there is no way to ignore it for a particular request. Right now,
1206         // we place the credentials in the store even though libsoup will never fire the authenticate signal again for
1207         // this protection space.
1208         if (credential.persistence() == CredentialPersistenceForSession || credential.persistence() == CredentialPersistencePermanent)
1209             CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
1210
1211 #if PLATFORM(GTK)
1212         if (credential.persistence() == CredentialPersistencePermanent) {
1213             d->m_credentialDataToSaveInPersistentStore.credential = credential;
1214             d->m_credentialDataToSaveInPersistentStore.challenge = challenge;
1215         }
1216 #endif
1217     }
1218
1219     ASSERT(challenge.soupSession());
1220     ASSERT(challenge.soupMessage());
1221     soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data());
1222     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1223
1224     clearAuthentication();
1225 }
1226
1227 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
1228 {
1229     ASSERT(!challenge.isNull());
1230     if (challenge != d->m_currentWebChallenge)
1231         return;
1232
1233     soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage());
1234
1235     if (client())
1236         client()->receivedCancellation(this, challenge);
1237
1238     clearAuthentication();
1239 }
1240
1241 static bool waitingToSendRequest(ResourceHandle* handle)
1242 {
1243     // We need to check for d->m_soupRequest because the request may have raised a failure
1244     // (for example invalid URLs). We cannot  simply check for d->m_scheduledFailure because
1245     // it's cleared as soon as the failure event is fired.
1246     return handle->getInternal()->m_soupRequest && !handle->getInternal()->m_cancellable;
1247 }
1248
1249 void ResourceHandle::platformSetDefersLoading(bool defersLoading)
1250 {
1251     if (cancelledOrClientless())
1252         return;
1253
1254     // Except when canceling a possible timeout timer, we only need to take action here to UN-defer loading.
1255     if (defersLoading) {
1256         if (d->m_timeoutSource) {
1257             g_source_destroy(d->m_timeoutSource.get());
1258             d->m_timeoutSource.clear();
1259         }
1260         return;
1261     }
1262
1263     if (waitingToSendRequest(this)) {
1264         sendPendingRequest();
1265         return;
1266     }
1267
1268     if (d->m_deferredResult) {
1269         GRefPtr<GAsyncResult> asyncResult = adoptGRef(d->m_deferredResult.leakRef());
1270
1271         if (d->m_inputStream)
1272             readCallback(G_OBJECT(d->m_inputStream.get()), asyncResult.get(), this);
1273         else
1274             sendRequestCallback(G_OBJECT(d->m_soupRequest.get()), asyncResult.get(), this);
1275     }
1276 }
1277
1278 bool ResourceHandle::loadsBlocked()
1279 {
1280     return false;
1281 }
1282
1283 void ResourceHandle::platformLoadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials /*storedCredentials*/, ResourceError& error, ResourceResponse& response, Vector<char>& data)
1284 {
1285     ASSERT(!loadingSynchronousRequest);
1286     if (loadingSynchronousRequest) // In practice this cannot happen, but if for some reason it does,
1287         return;                    // we want to avoid accidentally going into an infinite loop of requests.
1288
1289     WebCoreSynchronousLoader syncLoader(error, response, sessionFromContext(context), data);
1290     RefPtr<ResourceHandle> handle = create(context, request, &syncLoader, false /*defersLoading*/, false /*shouldContentSniff*/);
1291     if (!handle)
1292         return;
1293
1294     // If the request has already failed, do not run the main loop, or else we'll block indefinitely.
1295     if (handle->d->m_scheduledFailureType != NoFailure)
1296         return;
1297
1298     syncLoader.run();
1299 }
1300
1301 static void readCallback(GObject*, GAsyncResult* asyncResult, gpointer data)
1302 {
1303     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1304
1305     if (handle->cancelledOrClientless()) {
1306         cleanupSoupRequestOperation(handle.get());
1307         return;
1308     }
1309
1310     ResourceHandleInternal* d = handle->getInternal();
1311     if (d->m_defersLoading) {
1312         d->m_deferredResult = asyncResult;
1313         return;
1314     }
1315
1316     GOwnPtr<GError> error;
1317     gssize bytesRead = g_input_stream_read_finish(d->m_inputStream.get(), asyncResult, &error.outPtr());
1318
1319     if (error) {
1320         handle->client()->didFail(handle.get(), ResourceError::genericGError(error.get(), d->m_soupRequest.get()));
1321         cleanupSoupRequestOperation(handle.get());
1322         return;
1323     }
1324
1325     if (!bytesRead) {
1326         // If this is a multipart message, we'll look for another part.
1327         if (d->m_soupMessage && d->m_multipartInputStream) {
1328             d->m_inputStream.clear();
1329             soup_multipart_input_stream_next_part_async(d->m_multipartInputStream.get(), G_PRIORITY_DEFAULT,
1330                 d->m_cancellable.get(), nextMultipartResponsePartCallback, handle.get());
1331             return;
1332         }
1333
1334         g_input_stream_close(d->m_inputStream.get(), 0, 0);
1335
1336         handle->client()->didFinishLoading(handle.get(), 0);
1337         cleanupSoupRequestOperation(handle.get());
1338         return;
1339     }
1340
1341     // It's mandatory to have sent a response before sending data
1342     ASSERT(!d->m_response.isNull());
1343
1344     handle->client()->didReceiveData(handle.get(), d->m_readBufferPtr, bytesRead, bytesRead);
1345
1346     // didReceiveData may cancel the load, which may release the last reference.
1347     if (handle->cancelledOrClientless()) {
1348         cleanupSoupRequestOperation(handle.get());
1349         return;
1350     }
1351
1352     handle->ensureReadBuffer();
1353     g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize, G_PRIORITY_DEFAULT,
1354         d->m_cancellable.get(), readCallback, handle.get());
1355 }
1356
1357 static gboolean requestTimeoutCallback(gpointer data)
1358 {
1359     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
1360     handle->client()->didFail(handle.get(), ResourceError::timeoutError(handle->getInternal()->m_firstRequest.url().string()));
1361     handle->cancel();
1362
1363     return FALSE;
1364 }
1365
1366 static void authenticateCallback(SoupSession* session, SoupMessage* soupMessage, SoupAuth* soupAuth, gboolean retrying)
1367 {
1368     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(g_object_get_data(G_OBJECT(soupMessage), "handle"));
1369     if (!handle)
1370         return;
1371     handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(session, soupMessage, soupAuth, retrying, handle.get()));
1372 }
1373
1374 SoupSession* ResourceHandle::defaultSession()
1375 {
1376     static SoupSession* session = 0;
1377     // Values taken from http://www.browserscope.org/  following
1378     // the rule "Do What Every Other Modern Browser Is Doing". They seem
1379     // to significantly improve page loading time compared to soup's
1380     // default values.
1381     static const int maxConnections = 35;
1382     static const int maxConnectionsPerHost = 6;
1383
1384     if (!session) {
1385         session = soup_session_async_new();
1386         g_object_set(session,
1387                      SOUP_SESSION_MAX_CONNS, maxConnections,
1388                      SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost,
1389                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_DECODER,
1390                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_SNIFFER,
1391                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_PROXY_RESOLVER_DEFAULT,
1392                      SOUP_SESSION_USE_THREAD_CONTEXT, TRUE,
1393                      NULL);
1394         g_signal_connect(session, "authenticate", G_CALLBACK(authenticateCallback), 0);
1395
1396 #if ENABLE(WEB_TIMING)
1397         g_signal_connect(session, "request-started", G_CALLBACK(requestStartedCallback), 0);
1398 #endif
1399     }
1400
1401     return session;
1402 }
1403
1404 uint64_t ResourceHandle::getSoupRequestInitiatingPageID(SoupRequest* request)
1405 {
1406     uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(g_object_get_data(G_OBJECT(request), gSoupRequestInitiatingPageIDKey));
1407     return initiatingPageIDPtr ? *initiatingPageIDPtr : 0;
1408 }
1409
1410 }