Adjust XMLHttpRequest username/password precedence rules
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 4 Sep 2018 20:37:29 +0000 (20:37 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 4 Sep 2018 20:37:29 +0000 (20:37 +0000)
commitfb8cda8a4eae048e230bf9bad64deb5759498201
treebc076c5042cdf347b0583c04edce7d8677ba12c8
parent31c048df3700eb56844a4eed3931046e62add161
Adjust XMLHttpRequest username/password precedence rules
https://bugs.webkit.org/show_bug.cgi?id=184910

Patch by Rob Buis <rbuis@igalia.com> on 2018-09-04
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Update test result.

* web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt:

Source/WebCore:

Steps 9.1 and 9.2 in the XMLHTTPRequest::open [1] algorithm
specify that non null user or non null password ought
to be set on the URL, so implement this.

Behavior matches Firefox and Chrome.

[1] https://xhr.spec.whatwg.org/#dom-xmlhttprequest-open

Test: xhr/send-authentication-competing-names-passwords.htm

* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::open):

LayoutTests:

Adjust test because now we do set password on the url in
open(), even if the username is null.

* http/tests/xmlhttprequest/basic-auth.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@235631 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/xmlhttprequest/basic-auth.html
LayoutTests/imported/w3c/ChangeLog
LayoutTests/imported/w3c/web-platform-tests/xhr/send-authentication-competing-names-passwords-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/xml/XMLHttpRequest.cpp