REGRESSION(r161176): http/tests/misc/authentication-redirect-3/authentication-sent...
authorcarlosgc@webkit.org <carlosgc@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 9 Jan 2014 08:05:00 +0000 (08:05 +0000)
committercarlosgc@webkit.org <carlosgc@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 9 Jan 2014 08:05:00 +0000 (08:05 +0000)
https://bugs.webkit.org/show_bug.cgi?id=126518

Reviewed by Martin Robinson.

Source/WebCore:

Clear the credentials before calling willSendRequest on the client
to avoid sending the credentials to the API layer, but apply them
again to the request right before creating the new SoupRequest.

* platform/network/soup/ResourceHandleSoup.cpp:
(WebCore::continueAfterWillSendRequest):
(WebCore::doRedirect):

LayoutTests:

Unskip
http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html
and http/tests/security/redirect-BLOCKED-to-localURL.html.

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@161549 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/platform/gtk/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp

index 0462786..6297897 100644 (file)
@@ -1,3 +1,16 @@
+2014-01-08  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        REGRESSION(r161176): http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html is failing on GTK
+        https://bugs.webkit.org/show_bug.cgi?id=126518
+
+        Reviewed by Martin Robinson.
+
+        Unskip
+        http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html
+        and http/tests/security/redirect-BLOCKED-to-localURL.html.
+
+        * platform/gtk/TestExpectations:
+
 2014-01-08  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, rolling out r161532.
index 280cf37..dc25ff3 100644 (file)
@@ -1530,9 +1530,6 @@ webkit.org/b/125406 fast/regions/relative-in-absolute-borders-overflow.html [ Im
 webkit.org/b/126425 fast/block/float/overhanging-tall-block.html [ Failure ]
 webkit.org/b/126425 scrollbars/scrollbar-large-overflow-rectangle.html [ Failure ]
 
-webkit.org/b/126518 http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html [ Failure ]
-webkit.org/b/126518 http/tests/security/redirect-BLOCKED-to-localURL.html [ Failure ]
-
 webkit.org/b/126519 inspector-protocol/model/highlight-shape-outside-margin.html [ Failure ]
 
 webkit.org/b/126520 media/click-volume-bar-not-pausing.html [ Failure ]
index 8f740ff..b0661fe 100644 (file)
@@ -1,3 +1,18 @@
+2014-01-08  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        REGRESSION(r161176): http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials.html is failing on GTK
+        https://bugs.webkit.org/show_bug.cgi?id=126518
+
+        Reviewed by Martin Robinson.
+
+        Clear the credentials before calling willSendRequest on the client
+        to avoid sending the credentials to the API layer, but apply them
+        again to the request right before creating the new SoupRequest.
+
+        * platform/network/soup/ResourceHandleSoup.cpp:
+        (WebCore::continueAfterWillSendRequest):
+        (WebCore::doRedirect):
+
 2014-01-08  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, rolling out r161532.
index f7a54ba..07a53a2 100644 (file)
@@ -455,14 +455,19 @@ static bool shouldRedirectAsGET(SoupMessage* message, URL& newURL, bool crossOri
     return false;
 }
 
-static void continueAfterWillSendRequest(ResourceHandle* handle, const ResourceRequest& newRequest)
+static void continueAfterWillSendRequest(ResourceHandle* handle, const ResourceRequest& request)
 {
     // willSendRequest might cancel the load.
     if (handle->cancelledOrClientless())
         return;
 
+    ResourceRequest newRequest(request);
+    ResourceHandleInternal* d = handle->getInternal();
+    if (protocolHostAndPortAreEqual(newRequest.url(), d->m_response.url()))
+        applyAuthenticationToRequest(handle, newRequest, true);
+
     if (!createSoupRequestAndMessageForHandle(handle, newRequest, true)) {
-        handle->getInternal()->client()->cannotShowURL(handle);
+        d->client()->cannotShowURL(handle);
         return;
     }
 
@@ -513,12 +518,7 @@ static void doRedirect(ResourceHandle* handle)
 
         // TODO: We are losing any username and password specified in the redirect URL, as this is the 
         // same behavior as the CFNet port. We should investigate if this is really what we want.
-    } else
-        applyAuthenticationToRequest(handle, newRequest, true);
-
-    // If we sent credentials with this request's URL, we don't want the response to carry them to
-    // the WebKit layer. They were only placed in the URL for the benefit of libsoup.
-    newRequest.removeCredentials();
+    }
 
     cleanupSoupRequestOperation(handle);