[SOUP] Default kerberos authentication credentials are used in ephemeral (private...
authortpopela@redhat.com <tpopela@redhat.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 2 Oct 2017 12:55:12 +0000 (12:55 +0000)
committertpopela@redhat.com <tpopela@redhat.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 2 Oct 2017 12:55:12 +0000 (12:55 +0000)
https://bugs.webkit.org/show_bug.cgi?id=177738

Reviewed by Carlos Garcia Campos.

If the session is ephemeral then don't enable the Negotiate support in
our SoupSession.

* platform/network/soup/NetworkStorageSessionSoup.cpp: Pass the
session ID if it's known to the SoupNetworkSession.
(WebCore::NetworkStorageSession::ensurePrivateBrowsingSession):
(WebCore::NetworkStorageSession::getOrCreateSoupNetworkSession const):
* platform/network/soup/SoupNetworkSession.cpp:
(WebCore::SoupNetworkSession::SoupNetworkSession): If the session is
ephemeral (based on given session ID) then don't activate the
Negotiate support in SoupSession.
* platform/network/soup/SoupNetworkSession.h:
Change the constructor to accept the PAL::SessionID with the default
value set to PAL::SessionID::emptySessionID.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@222706 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp
Source/WebCore/platform/network/soup/SoupNetworkSession.cpp
Source/WebCore/platform/network/soup/SoupNetworkSession.h

index 72dafd3..1708268 100644 (file)
@@ -1,3 +1,25 @@
+2017-10-02  Tomas Popela  <tpopela@redhat.com>
+
+        [SOUP] Default kerberos authentication credentials are used in ephemeral (private) mode
+        https://bugs.webkit.org/show_bug.cgi?id=177738
+
+        Reviewed by Carlos Garcia Campos.
+
+        If the session is ephemeral then don't enable the Negotiate support in
+        our SoupSession.
+
+        * platform/network/soup/NetworkStorageSessionSoup.cpp: Pass the
+        session ID if it's known to the SoupNetworkSession.
+        (WebCore::NetworkStorageSession::ensurePrivateBrowsingSession):
+        (WebCore::NetworkStorageSession::getOrCreateSoupNetworkSession const):
+        * platform/network/soup/SoupNetworkSession.cpp:
+        (WebCore::SoupNetworkSession::SoupNetworkSession): If the session is
+        ephemeral (based on given session ID) then don't activate the
+        Negotiate support in SoupSession.
+        * platform/network/soup/SoupNetworkSession.h:
+        Change the constructor to accept the PAL::SessionID with the default
+        value set to PAL::SessionID::emptySessionID.
+
 2017-10-02  Joanmarie Diggs  <jdiggs@igalia.com>
 
         REGRESSION(r222640) [GTK] Build broken with ATK 2.14
index 0dfc665..cb868cc 100644 (file)
@@ -83,7 +83,7 @@ void NetworkStorageSession::ensurePrivateBrowsingSession(PAL::SessionID sessionI
 {
     ASSERT(sessionID != PAL::SessionID::defaultSessionID());
     ASSERT(!globalSessionMap().contains(sessionID));
-    globalSessionMap().add(sessionID, std::make_unique<NetworkStorageSession>(sessionID, std::make_unique<SoupNetworkSession>()));
+    globalSessionMap().add(sessionID, std::make_unique<NetworkStorageSession>(sessionID, std::make_unique<SoupNetworkSession>(sessionID)));
 }
 
 void NetworkStorageSession::ensureSession(PAL::SessionID, const String&)
@@ -99,7 +99,7 @@ void NetworkStorageSession::switchToNewTestingSession()
 SoupNetworkSession& NetworkStorageSession::getOrCreateSoupNetworkSession() const
 {
     if (!m_session)
-        m_session = std::make_unique<SoupNetworkSession>(m_cookieStorage.get());
+        m_session = std::make_unique<SoupNetworkSession>(m_sessionID, m_cookieStorage.get());
     return *m_session;
 }
 
index 5e3d25f..8fdbfc6 100644 (file)
@@ -113,7 +113,7 @@ static void requestStartedCallback(SoupSession*, SoupMessage* soupMessage, SoupS
 }
 #endif
 
-SoupNetworkSession::SoupNetworkSession(SoupCookieJar* cookieJar)
+SoupNetworkSession::SoupNetworkSession(PAL::SessionID sessionID, SoupCookieJar* cookieJar)
     : m_soupSession(adoptGRef(soup_session_async_new()))
 {
     // Values taken from http://www.browserscope.org/ following
@@ -147,7 +147,7 @@ SoupNetworkSession::SoupNetworkSession(SoupCookieJar* cookieJar)
         setAcceptLanguages(gInitialAcceptLanguages);
 
 #if SOUP_CHECK_VERSION(2, 53, 92)
-    if (soup_auth_negotiate_supported()) {
+    if (soup_auth_negotiate_supported() && !sessionID.isEphemeral()) {
         g_object_set(m_soupSession.get(),
             SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_AUTH_NEGOTIATE,
             nullptr);
index 9e0c26f..b0fa54d 100644 (file)
@@ -27,6 +27,7 @@
 #define SoupNetworkSession_h
 
 #include <glib-object.h>
+#include <pal/SessionID.h>
 #include <wtf/Function.h>
 #include <wtf/Noncopyable.h>
 #include <wtf/glib/GRefPtr.h>
@@ -47,7 +48,7 @@ struct SoupNetworkProxySettings;
 class SoupNetworkSession {
     WTF_MAKE_NONCOPYABLE(SoupNetworkSession); WTF_MAKE_FAST_ALLOCATED;
 public:
-    explicit SoupNetworkSession(SoupCookieJar* = nullptr);
+    explicit SoupNetworkSession(PAL::SessionID = PAL::SessionID::defaultSessionID(), SoupCookieJar* = nullptr);
     ~SoupNetworkSession();
 
     SoupSession* soupSession() const { return m_soupSession.get(); }