[Curl] Respond with requested authentication scheme for authentication challenge.
authorBasuke.Suzuki@sony.com <Basuke.Suzuki@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 17 Sep 2018 18:19:34 +0000 (18:19 +0000)
committerBasuke.Suzuki@sony.com <Basuke.Suzuki@sony.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 17 Sep 2018 18:19:34 +0000 (18:19 +0000)
commit1a7b86182e155b0431c02b57af047e9aef88ccd7
tree9120376a286de24d09fd1924e3245b4466cea3d6
parent669f0726e4c714839cd66ebc3d75a2aeab3f650d
[Curl] Respond with requested authentication scheme for authentication challenge.
https://bugs.webkit.org/show_bug.cgi?id=189318

Reviewed by Alex Christensen.

Source/WebCore:

Curl port depends on libcurl's authentication handling by enabling CURLAUTH_ANY. With this
mode, the round-trip communication between the client and the server is handled by libcurl
internally. That's okay for many cases. But when initial request has a credentials
(i.e. XMLHttpRequest), there's no valid chance to store credential to the storage because
the returned response is not 401.

Passes following tests:
- http/tests/websocket/tests/hybi/httponly-cookie.pl
- http/tests/websocket/tests/hybi/secure-cookie-insecure-connection.pl
- http/tests/websocket/tests/hybi/secure-cookie-secure-connection.pl
- http/tests/xmlhttprequest/basic-auth-default.html
- http/tests/xmlhttprequest/cross-origin-authorization.html
- http/tests/xmlhttprequest/logout.html
- http/tests/xmlhttprequest/null-auth.php
- http/tests/xmlhttprequest/re-login-async.html
- http/tests/xmlhttprequest/re-login.html
- http/tests/xmlhttprequest/redirect-credentials-responseURL.html
- http/tests/xmlhttprequest/remember-bad-password.html

* platform/network/ResourceHandle.h:
* platform/network/curl/CurlContext.cpp:
(WebCore::CurlHandle::setHttpAuthUserPass):
(WebCore::CurlHandle::enableHttpAuthentication): Deleted.
* platform/network/curl/CurlContext.h:
* platform/network/curl/CurlRequest.cpp:
(WebCore::CurlRequest::setAuthenticationScheme):
(WebCore::CurlRequest::setupTransfer):
* platform/network/curl/CurlRequest.h:
* platform/network/curl/ResourceHandleCurl.cpp:
(WebCore::ResourceHandle::start):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::receivedCredential):
(WebCore::ResourceHandle::getCredential):
(WebCore::ResourceHandle::restartRequestWithCredential):
(WebCore::ResourceHandle::platformLoadResourceSynchronously):
(WebCore::ResourceHandle::continueAfterWillSendRequest):

Source/WebKit:

Curl port depends on libcurl's authentication handling by enabling CURLAUTH_ANY. With this
mode, the round-trip communication between the client and the server is handled by libcurl
internally. That's okay for many cases. But when initial request has a credentials
(i.e. XMLHttpRequest), there's no valid chance to store credential to the storage because
the returned response is not 401.

* NetworkProcess/curl/NetworkDataTaskCurl.cpp:
(WebKit::NetworkDataTaskCurl::NetworkDataTaskCurl):
(WebKit::NetworkDataTaskCurl::willPerformHTTPRedirection):
(WebKit::NetworkDataTaskCurl::tryHttpAuthentication):
(WebKit::NetworkDataTaskCurl::tryProxyAuthentication):
(WebKit::NetworkDataTaskCurl::restartWithCredential):
* NetworkProcess/curl/NetworkDataTaskCurl.h:

LayoutTests:

* platform/wincairo/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236073 268f45cc-cd09-0410-ab3c-d52691b4dbfc
12 files changed:
LayoutTests/ChangeLog
LayoutTests/platform/wincairo/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/platform/network/ResourceHandle.h
Source/WebCore/platform/network/curl/CurlContext.cpp
Source/WebCore/platform/network/curl/CurlContext.h
Source/WebCore/platform/network/curl/CurlRequest.cpp
Source/WebCore/platform/network/curl/CurlRequest.h
Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp
Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h