Main resource requests need cachePartition
authorachristensen@apple.com <achristensen@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 28 Feb 2017 08:30:44 +0000 (08:30 +0000)
committerachristensen@apple.com <achristensen@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 28 Feb 2017 08:30:44 +0000 (08:30 +0000)
commit90bf569f0e89aefbe84b9893ff27b214c099f5c2
tree040fa12090a302030532c9906d5ce4baf0593319
parentaefcef0a92f8e936edaef10971670abb93379b29
Main resource requests need cachePartition
https://bugs.webkit.org/show_bug.cgi?id=168806
Source/WebCore:

<rdar://30639764>

Reviewed by Brady Eidson.

Test: http/tests/security/credentials-main-resource.html

r211751 caused an unintended regression on pages whose main resource is protected
by basic authentication.  We were not setting the cache partition for main resource
requests, and we use the cache partition now for credentials, so the credentials for
the main resource were not being put into a partition in the CredentialStorage that
would not be used for subresources of the page, whose requests had the correct partition
for the domain of the page.  This caused users to have to enter their credentials twice,
once for the main resource and once for any subresources.  This is fixed by using the
domain from the main resource request as the cache partition.  Elsewhere the Document is
used to get the cache partition, but there is no Document yet when requesting the main resource.

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startLoadingMainResource):
Set the cache partition for the main resource loads based on the SecurityOrigin of the
initial request if we are loading the main resource for a new top document.  If the main resource
request is redirected, then we will still use the partition of the initial request because that is
what the user requested and that is where the user entered the credentials.
* loader/cache/CachedResourceLoader.h:
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::setDomainForCachePartition):
* loader/cache/CachedResourceRequest.h:

Source/WebKit2:

Reviewed by Brady Eidson.

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::continueWillSendRequest):

LayoutTests:

Reviewed by Brady Eidson.

* http/tests/security/credentials-main-resource-expected.txt: Added.
* http/tests/security/credentials-main-resource.html: Added.
* http/tests/security/resources/credentials-main-resource.php: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@213126 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/security/credentials-main-resource-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/credentials-main-resource.html [new file with mode: 0644]
LayoutTests/http/tests/security/resources/credentials-main-resource.php [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/cache/CachedResourceLoader.h
Source/WebCore/loader/cache/CachedResourceRequest.cpp
Source/WebCore/loader/cache/CachedResourceRequest.h
Source/WebKit2/ChangeLog
Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp