Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp

   1 /*
   2  * Copyright (C) 2004, 2005, 2006, 2007, 2009 Apple Inc. All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
  14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
  17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
  21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  24  */
  25
  26 #include "config.h"
  27
  28 #if USE(CFNETWORK)
  29
  30 #include "ResourceHandle.h"
  31 #include "ResourceHandleClient.h"
  32 #include "ResourceHandleInternal.h"
  33
  34 #include "AuthenticationCF.h"
  35 #include "AuthenticationChallenge.h"
  36 #include "Base64.h"
  37 #include "CookieStorageCFNet.h"
  38 #include "CredentialStorage.h"
  39 #include "CachedResourceLoader.h"
  40 #include "FormDataStreamCFNet.h"
  41 #include "Frame.h"
  42 #include "FrameLoader.h"
  43 #include "LoaderRunLoopCF.h"
  44 #include "Logging.h"
  45 #include "MIMETypeRegistry.h"
  46 #include "ResourceError.h"
  47 #include "ResourceResponse.h"
  48 #include "SharedBuffer.h"
  49 #include <CFNetwork/CFNetwork.h>
  50 #include <WebKitSystemInterface/WebKitSystemInterface.h>
  51 #include <process.h> // for _beginthread()
  52 #include <sys/stat.h>
  53 #include <sys/types.h>
  54 #include <wtf/HashMap.h>
  55 #include <wtf/Threading.h>
  56 #include <wtf/text/CString.h>
  57
  58 // FIXME: Remove this declaration once it's in WebKitSupportLibrary.
  59 extern "C" {
  60 __declspec(dllimport) CFURLConnectionRef CFURLConnectionCreateWithProperties(
  61   CFAllocatorRef           alloc,
  62   CFURLRequestRef          request,
  63   CFURLConnectionClient *  client,
  64   CFDictionaryRef properties);
  65 }
  66
  67 namespace WebCore {
  68
  69 static CFStringRef WebCoreSynchronousLoaderRunLoopMode = CFSTR("WebCoreSynchronousLoaderRunLoopMode");
  70
  71 class WebCoreSynchronousLoaderClient : public ResourceHandleClient {
  72 public:
  73     static PassOwnPtr<WebCoreSynchronousLoaderClient> create(ResourceResponse& response, ResourceError& error)
  74     {
  75         return adoptPtr(new WebCoreSynchronousLoaderClient(response, error));
  76     }
  77
  78     void setAllowStoredCredentials(bool allow) { m_allowStoredCredentials = allow; }
  79     bool isDone() { return m_isDone; }
  80
  81     CFMutableDataRef data() { return m_data.get(); }
  82
  83 private:
  84     WebCoreSynchronousLoaderClient(ResourceResponse& response, ResourceError& error)
  85         : m_allowStoredCredentials(false)
  86         , m_response(response)
  87         , m_error(error)
  88         , m_isDone(false)
  89     {
  90     }
  91
  92     virtual void willSendRequest(ResourceHandle*, ResourceRequest&, const ResourceResponse& /*redirectResponse*/);
  93     virtual bool shouldUseCredentialStorage(ResourceHandle*);
  94     virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge&);
  95     virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse&);
  96     virtual void didReceiveData(ResourceHandle*, const char*, int, int /*encodedDataLength*/);
  97     virtual void didFinishLoading(ResourceHandle*, double /*finishTime*/);
  98     virtual void didFail(ResourceHandle*, const ResourceError&);
  99
 100     bool m_allowStoredCredentials;
 101     ResourceResponse& m_response;
 102     RetainPtr<CFMutableDataRef> m_data;
 103     ResourceError& m_error;
 104     bool m_isDone;
 105 };
 106
 107 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
 108 {
 109     static HashSet<String> hosts;
 110
 111     return hosts;
 112 }
 113
 114 static HashMap<String, RetainPtr<CFDataRef> >& clientCerts()
 115 {
 116     static HashMap<String, RetainPtr<CFDataRef> > certs;
 117     return certs;
 118 }
 119
 120 static void setDefaultMIMEType(CFURLResponseRef response)
 121 {
 122     static CFStringRef defaultMIMETypeString = defaultMIMEType().createCFString();
 123
 124     CFURLResponseSetMIMEType(response, defaultMIMETypeString);
 125 }
 126
 127 static String encodeBasicAuthorization(const String& user, const String& password)
 128 {
 129     return base64Encode((user + ":" + password).utf8());
 130 }
 131
 132 CFURLRequestRef willSendRequest(CFURLConnectionRef conn, CFURLRequestRef cfRequest, CFURLResponseRef cfRedirectResponse, const void* clientInfo)
 133 {
 134     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 135
 136     if (!cfRedirectResponse) {
 137         CFRetain(cfRequest);
 138         return cfRequest;
 139     }
 140
 141     LOG(Network, "CFNet - willSendRequest(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 142
 143     ResourceRequest request;
 144     if (cfRedirectResponse) {
 145         CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(cfRedirectResponse);
 146         if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
 147             RetainPtr<CFStringRef> lastHTTPMethod(AdoptCF, handle->lastHTTPMethod().createCFString());
 148             RetainPtr<CFStringRef> newMethod(AdoptCF, CFURLRequestCopyHTTPRequestMethod(cfRequest));
 149             if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
 150                 RetainPtr<CFMutableURLRequestRef> mutableRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfRequest));
 151 #if USE(CFURLSTORAGESESSIONS)
 152                 wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), mutableRequest.get());
 153 #endif
 154                 CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
 155
 156                 FormData* body = handle->firstRequest().httpBody();
 157                 if (!equalIgnoringCase(handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
 158                     WebCore::setHTTPBody(mutableRequest.get(), body);
 159
 160                 String originalContentType = handle->firstRequest().httpContentType();
 161                 RetainPtr<CFStringRef> originalContentTypeCF(AdoptCF, originalContentType.createCFString());
 162                 if (!originalContentType.isEmpty())
 163                     CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentTypeCF.get());
 164
 165                 request = mutableRequest.get();
 166             }
 167         }
 168     }
 169     if (request.isNull())
 170         request = cfRequest;
 171
 172     // Should not set Referer after a redirect from a secure resource to non-secure one.
 173     if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https"))
 174         request.clearHTTPReferrer();
 175
 176     handle->willSendRequest(request, cfRedirectResponse);
 177
 178     if (request.isNull())
 179         return 0;
 180
 181     cfRequest = request.cfURLRequest();
 182
 183     CFRetain(cfRequest);
 184     return cfRequest;
 185 }
 186
 187 void didReceiveResponse(CFURLConnectionRef conn, CFURLResponseRef cfResponse, const void* clientInfo)
 188 {
 189     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 190
 191     LOG(Network, "CFNet - didReceiveResponse(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 192
 193     if (!handle->client())
 194         return;
 195
 196     if (!CFURLResponseGetMIMEType(cfResponse)) {
 197         // We should never be applying the default MIMEType if we told the networking layer to do content sniffing for handle.
 198         ASSERT(!handle->shouldContentSniff());
 199         setDefaultMIMEType(cfResponse);
 200     }
 201
 202     handle->client()->didReceiveResponse(handle, cfResponse);
 203 }
 204
 205 void didReceiveData(CFURLConnectionRef conn, CFDataRef data, CFIndex originalLength, const void* clientInfo)
 206 {
 207     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 208     const UInt8* bytes = CFDataGetBytePtr(data);
 209     CFIndex length = CFDataGetLength(data);
 210
 211     LOG(Network, "CFNet - didReceiveData(conn=%p, handle=%p, bytes=%d) (%s)", conn, handle, length, handle->firstRequest().url().string().utf8().data());
 212
 213     if (handle->client())
 214         handle->client()->didReceiveData(handle, (const char*)bytes, length, originalLength);
 215 }
 216
 217 static void didSendBodyData(CFURLConnectionRef conn, CFIndex bytesWritten, CFIndex totalBytesWritten, CFIndex totalBytesExpectedToWrite, const void *clientInfo)
 218 {
 219     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 220     if (!handle || !handle->client())
 221         return;
 222     handle->client()->didSendData(handle, totalBytesWritten, totalBytesExpectedToWrite);
 223 }
 224
 225 static Boolean shouldUseCredentialStorageCallback(CFURLConnectionRef conn, const void* clientInfo)
 226 {
 227     ResourceHandle* handle = const_cast<ResourceHandle*>(static_cast<const ResourceHandle*>(clientInfo));
 228
 229     LOG(Network, "CFNet - shouldUseCredentialStorage(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 230
 231     if (!handle)
 232         return false;
 233
 234     return handle->shouldUseCredentialStorage();
 235 }
 236
 237 void didFinishLoading(CFURLConnectionRef conn, const void* clientInfo)
 238 {
 239     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 240
 241     LOG(Network, "CFNet - didFinishLoading(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 242
 243     if (handle->client())
 244         handle->client()->didFinishLoading(handle, 0);
 245 }
 246
 247 void didFail(CFURLConnectionRef conn, CFErrorRef error, const void* clientInfo)
 248 {
 249     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 250
 251     LOG(Network, "CFNet - didFail(conn=%p, handle=%p, error = %p) (%s)", conn, handle, error, handle->firstRequest().url().string().utf8().data());
 252
 253     if (handle->client())
 254         handle->client()->didFail(handle, ResourceError(error));
 255 }
 256
 257 static CFCachedURLResponseRef willCacheResponse(CFURLConnectionRef, CFCachedURLResponseRef cachedResponse, const void* clientInfo)
 258 {
 259     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 260
 261 #if PLATFORM(WIN)
 262     if (handle->client() && !handle->client()->shouldCacheResponse(handle, cachedResponse))
 263         return 0;
 264 #else
 265     CFCachedURLResponseRef newResponse = handle->client()->willCacheResponse(handle, cachedResponse);
 266     if (newResponse != cachedResponse)
 267         return newResponse;
 268 #endif
 269
 270     CacheStoragePolicy policy = static_cast<CacheStoragePolicy>(CFCachedURLResponseGetStoragePolicy(cachedResponse));
 271
 272     if (handle->client())
 273         handle->client()->willCacheResponse(handle, policy);
 274
 275     if (static_cast<CFURLCacheStoragePolicy>(policy) != CFCachedURLResponseGetStoragePolicy(cachedResponse))
 276         cachedResponse = CFCachedURLResponseCreateWithUserInfo(kCFAllocatorDefault,
 277                                                                CFCachedURLResponseGetWrappedResponse(cachedResponse),
 278                                                                CFCachedURLResponseGetReceiverData(cachedResponse),
 279                                                                CFCachedURLResponseGetUserInfo(cachedResponse),
 280                                                                static_cast<CFURLCacheStoragePolicy>(policy));
 281     CFRetain(cachedResponse);
 282
 283     return cachedResponse;
 284 }
 285
 286 void didReceiveChallenge(CFURLConnectionRef conn, CFURLAuthChallengeRef challenge, const void* clientInfo)
 287 {
 288     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 289     ASSERT(handle);
 290     LOG(Network, "CFNet - didReceiveChallenge(conn=%p, handle=%p (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 291
 292     handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(challenge, handle));
 293 }
 294
 295 void addHeadersFromHashMap(CFMutableURLRequestRef request, const HTTPHeaderMap& requestHeaders)
 296 {
 297     if (!requestHeaders.size())
 298         return;
 299
 300     HTTPHeaderMap::const_iterator end = requestHeaders.end();
 301     for (HTTPHeaderMap::const_iterator it = requestHeaders.begin(); it != end; ++it) {
 302         CFStringRef key = it->first.createCFString();
 303         CFStringRef value = it->second.createCFString();
 304         CFURLRequestSetHTTPHeaderFieldValue(request, key, value);
 305         CFRelease(key);
 306         CFRelease(value);
 307     }
 308 }
 309
 310 ResourceHandleInternal::~ResourceHandleInternal()
 311 {
 312     if (m_connection) {
 313         LOG(Network, "CFNet - Cancelling connection %p (%s)", m_connection, m_firstRequest.url().string().utf8().data());
 314         CFURLConnectionCancel(m_connection.get());
 315     }
 316 }
 317
 318 ResourceHandle::~ResourceHandle()
 319 {
 320     LOG(Network, "CFNet - Destroying job %p (%s)", this, d->m_firstRequest.url().string().utf8().data());
 321 }
 322
 323 CFArrayRef arrayFromFormData(const FormData& d)
 324 {
 325     size_t size = d.elements().size();
 326     CFMutableArrayRef a = CFArrayCreateMutable(0, d.elements().size(), &kCFTypeArrayCallBacks);
 327     for (size_t i = 0; i < size; ++i) {
 328         const FormDataElement& e = d.elements()[i];
 329         if (e.m_type == FormDataElement::data) {
 330             CFDataRef data = CFDataCreate(0, (const UInt8*)e.m_data.data(), e.m_data.size());
 331             CFArrayAppendValue(a, data);
 332             CFRelease(data);
 333         } else {
 334             ASSERT(e.m_type == FormDataElement::encodedFile);
 335             CFStringRef filename = e.m_filename.createCFString();
 336             CFArrayAppendValue(a, filename);
 337             CFRelease(filename);
 338         }
 339     }
 340     return a;
 341 }
 342
 343 static CFURLRequestRef makeFinalRequest(const ResourceRequest& request, bool shouldContentSniff)
 344 {
 345     CFMutableURLRequestRef newRequest = CFURLRequestCreateMutableCopy(kCFAllocatorDefault, request.cfURLRequest());
 346 #if USE(CFURLSTORAGESESSIONS)
 347     wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), newRequest);
 348 #endif
 349
 350     if (!shouldContentSniff)
 351         wkSetCFURLRequestShouldContentSniff(newRequest, false);
 352
 353     RetainPtr<CFMutableDictionaryRef> sslProps;
 354
 355     if (allowsAnyHTTPSCertificateHosts().contains(request.url().host().lower())) {
 356         sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 357         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
 358         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
 359         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
 360         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
 361     }
 362
 363     HashMap<String, RetainPtr<CFDataRef> >::iterator clientCert = clientCerts().find(request.url().host().lower());
 364     if (clientCert != clientCerts().end()) {
 365         if (!sslProps)
 366             sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 367         wkSetClientCertificateInSSLProperties(sslProps.get(), (clientCert->second).get());
 368     }
 369
 370     if (sslProps)
 371         CFURLRequestSetSSLProperties(newRequest, sslProps.get());
 372
 373     if (CFHTTPCookieStorageRef cookieStorage = currentCookieStorage()) {
 374         CFURLRequestSetHTTPCookieStorage(newRequest, cookieStorage);
 375         CFHTTPCookieStorageAcceptPolicy policy = CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage);
 376         CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, policy);
 377
 378         // If a URL already has cookies, then we'll relax the 3rd party cookie policy and accept new cookies.
 379         if (policy == CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain) {
 380             CFURLRef url = CFURLRequestGetURL(newRequest);
 381             RetainPtr<CFArrayRef> cookies(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage, url, false));
 382             if (CFArrayGetCount(cookies.get()))
 383                 CFURLRequestSetMainDocumentURL(newRequest, url);
 384         }
 385     }
 386
 387     return newRequest;
 388 }
 389
 390 static CFDictionaryRef createConnectionProperties(bool shouldUseCredentialStorage)
 391 {
 392     static const CFStringRef webKitPrivateSessionCF = CFSTR("WebKitPrivateSession");
 393     static const CFStringRef _kCFURLConnectionSessionID = CFSTR("_kCFURLConnectionSessionID");
 394     static const CFStringRef kCFURLConnectionSocketStreamProperties = CFSTR("kCFURLConnectionSocketStreamProperties");
 395
 396     CFDictionaryRef sessionID = shouldUseCredentialStorage ?
 397         CFDictionaryCreate(0, 0, 0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) :
 398         CFDictionaryCreate(0, (const void**)&_kCFURLConnectionSessionID, (const void**)&webKitPrivateSessionCF, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
 399
 400     CFDictionaryRef propertiesDictionary = CFDictionaryCreate(0, (const void**)&kCFURLConnectionSocketStreamProperties, (const void**)&sessionID, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
 401
 402     CFRelease(sessionID);
 403     return propertiesDictionary;
 404 }
 405
 406 void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff)
 407 {
 408     if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolInHTTPFamily()) {
 409         // Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
 410         KURL urlWithCredentials(firstRequest().url());
 411         urlWithCredentials.setUser(d->m_user);
 412         urlWithCredentials.setPass(d->m_pass);
 413         firstRequest().setURL(urlWithCredentials);
 414     }
 415
 416     // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
 417     // try and reuse the credential preemptively, as allowed by RFC 2617.
 418     if (shouldUseCredentialStorage && firstRequest().url().protocolInHTTPFamily()) {
 419         if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
 420             // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
 421             // try and reuse the credential preemptively, as allowed by RFC 2617.
 422             d->m_initialCredential = CredentialStorage::get(firstRequest().url());
 423         } else {
 424             // If there is already a protection space known for the URL, update stored credentials before sending a request.
 425             // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
 426             // (so that an authentication dialog doesn't pop up).
 427             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
 428         }
 429     }
 430
 431     if (!d->m_initialCredential.isEmpty()) {
 432         String authHeader = "Basic " + encodeBasicAuthorization(d->m_initialCredential.user(), d->m_initialCredential.password());
 433         firstRequest().addHTTPHeaderField("Authorization", authHeader);
 434     }
 435
 436     RetainPtr<CFURLRequestRef> request(AdoptCF, makeFinalRequest(firstRequest(), shouldContentSniff));
 437
 438     CFURLConnectionClient_V3 client = { 3, this, 0, 0, 0, WebCore::willSendRequest, didReceiveResponse, didReceiveData, 0, didFinishLoading, didFail, willCacheResponse, didReceiveChallenge, didSendBodyData, shouldUseCredentialStorageCallback, 0};
 439     RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(shouldUseCredentialStorage));
 440
 441     d->m_connection.adoptCF(CFURLConnectionCreateWithProperties(0, request.get(), reinterpret_cast<CFURLConnectionClient*>(&client), connectionProperties.get()));
 442 }
 443
 444 bool ResourceHandle::start(NetworkingContext* context)
 445 {
 446     if (!context)
 447         return false;
 448
 449     // If NetworkingContext is invalid then we are no longer attached to a Page,
 450     // this must be an attempted load from an unload handler, so let's just block it.
 451     if (!context->isValid())
 452         return false;
 453
 454     bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this);
 455
 456     createCFURLConnection(shouldUseCredentialStorage, d->m_shouldContentSniff);
 457
 458     CFURLConnectionScheduleWithCurrentMessageQueue(d->m_connection.get());
 459     CFURLConnectionScheduleDownloadWithRunLoop(d->m_connection.get(), loaderRunLoop(), kCFRunLoopDefaultMode);
 460     CFURLConnectionStart(d->m_connection.get());
 461
 462     LOG(Network, "CFNet - Starting URL %s (handle=%p, conn=%p)", firstRequest().url().string().utf8().data(), this, d->m_connection);
 463
 464     return true;
 465 }
 466
 467 void ResourceHandle::cancel()
 468 {
 469     if (d->m_connection) {
 470         CFURLConnectionCancel(d->m_connection.get());
 471         d->m_connection = 0;
 472     }
 473 }
 474
 475 PassRefPtr<SharedBuffer> ResourceHandle::bufferedData()
 476 {
 477     ASSERT_NOT_REACHED();
 478     return 0;
 479 }
 480
 481 bool ResourceHandle::supportsBufferedData()
 482 {
 483     return false;
 484 }
 485
 486 void ResourceHandle::willSendRequest(ResourceRequest& request, const ResourceResponse& redirectResponse)
 487 {
 488     const KURL& url = request.url();
 489     d->m_user = url.user();
 490     d->m_pass = url.pass();
 491     d->m_lastHTTPMethod = request.httpMethod();
 492     request.removeCredentials();
 493     if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url()))
 494         request.clearHTTPAuthorization();
 495
 496 #if USE(CFURLSTORAGESESSIONS)
 497      request.setStorageSession(ResourceHandle::currentStorageSession());
 498 #endif
 499
 500     client()->willSendRequest(this, request, redirectResponse);
 501 }
 502
 503 bool ResourceHandle::shouldUseCredentialStorage()
 504 {
 505     LOG(Network, "CFNet - shouldUseCredentialStorage()");
 506     if (client())
 507         return client()->shouldUseCredentialStorage(this);
 508
 509     return false;
 510 }
 511
 512 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
 513 {
 514     LOG(Network, "CFNet - didReceiveAuthenticationChallenge()");
 515     ASSERT(d->m_currentWebChallenge.isNull());
 516     // Since CFURLConnection networking relies on keeping a reference to the original CFURLAuthChallengeRef,
 517     // we make sure that is actually present
 518     ASSERT(challenge.cfURLAuthChallengeRef());
 519     ASSERT(challenge.authenticationClient() == this); // Should be already set.
 520
 521     if (!d->m_user.isNull() && !d->m_pass.isNull()) {
 522         RetainPtr<CFStringRef> user(AdoptCF, d->m_user.createCFString());
 523         RetainPtr<CFStringRef> pass(AdoptCF, d->m_pass.createCFString());
 524         RetainPtr<CFURLCredentialRef> credential(AdoptCF,
 525             CFURLCredentialCreate(kCFAllocatorDefault, user.get(), pass.get(), 0, kCFURLCredentialPersistenceNone));
 526
 527         KURL urlToStore;
 528         if (challenge.failureResponse().httpStatusCode() == 401)
 529             urlToStore = firstRequest().url();
 530         CredentialStorage::set(core(credential.get()), challenge.protectionSpace(), urlToStore);
 531
 532         CFURLConnectionUseCredential(d->m_connection.get(), credential.get(), challenge.cfURLAuthChallengeRef());
 533         d->m_user = String();
 534         d->m_pass = String();
 535         // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
 536         return;
 537     }
 538
 539     if (!client() || client()->shouldUseCredentialStorage(this)) {
 540         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
 541             // The stored credential wasn't accepted, stop using it.
 542             // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
 543             // but the observable effect should be very minor, if any.
 544             CredentialStorage::remove(challenge.protectionSpace());
 545         }
 546
 547         if (!challenge.previousFailureCount()) {
 548             Credential credential = CredentialStorage::get(challenge.protectionSpace());
 549             if (!credential.isEmpty() && credential != d->m_initialCredential) {
 550                 ASSERT(credential.persistence() == CredentialPersistenceNone);
 551                 if (challenge.failureResponse().httpStatusCode() == 401) {
 552                     // Store the credential back, possibly adding it as a default for this directory.
 553                     CredentialStorage::set(credential, challenge.protectionSpace(), firstRequest().url());
 554                 }
 555                 RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
 556                 CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 557                 return;
 558             }
 559         }
 560     }
 561
 562     d->m_currentWebChallenge = challenge;
 563
 564     if (client())
 565         client()->didReceiveAuthenticationChallenge(this, d->m_currentWebChallenge);
 566 }
 567
 568 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
 569 {
 570     LOG(Network, "CFNet - receivedCredential()");
 571     ASSERT(!challenge.isNull());
 572     ASSERT(challenge.cfURLAuthChallengeRef());
 573     if (challenge != d->m_currentWebChallenge)
 574         return;
 575
 576     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
 577     if (credential.isEmpty()) {
 578         receivedRequestToContinueWithoutCredential(challenge);
 579         return;
 580     }
 581
 582     if (credential.persistence() == CredentialPersistenceForSession) {
 583         // Manage per-session credentials internally, because once NSURLCredentialPersistencePerSession is used, there is no way
 584         // to ignore it for a particular request (short of removing it altogether).
 585         Credential webCredential(credential.user(), credential.password(), CredentialPersistenceNone);
 586         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(webCredential));
 587
 588         KURL urlToStore;
 589         if (challenge.failureResponse().httpStatusCode() == 401)
 590             urlToStore = firstRequest().url();
 591         CredentialStorage::set(webCredential, challenge.protectionSpace(), urlToStore);
 592
 593         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 594     } else {
 595         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
 596         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 597     }
 598
 599     clearAuthentication();
 600 }
 601
 602 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
 603 {
 604     LOG(Network, "CFNet - receivedRequestToContinueWithoutCredential()");
 605     ASSERT(!challenge.isNull());
 606     ASSERT(challenge.cfURLAuthChallengeRef());
 607     if (challenge != d->m_currentWebChallenge)
 608         return;
 609
 610     CFURLConnectionUseCredential(d->m_connection.get(), 0, challenge.cfURLAuthChallengeRef());
 611
 612     clearAuthentication();
 613 }
 614
 615 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
 616 {
 617     LOG(Network, "CFNet - receivedCancellation()");
 618     if (challenge != d->m_currentWebChallenge)
 619         return;
 620
 621     if (client())
 622         client()->receivedCancellation(this, challenge);
 623 }
 624
 625 CFURLConnectionRef ResourceHandle::connection() const
 626 {
 627     return d->m_connection.get();
 628 }
 629
 630 CFURLConnectionRef ResourceHandle::releaseConnectionForDownload()
 631 {
 632     LOG(Network, "CFNet - Job %p releasing connection %p for download", this, d->m_connection.get());
 633     return d->m_connection.releaseRef();
 634 }
 635
 636 void ResourceHandle::loadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials storedCredentials, ResourceError& error, ResourceResponse& response, Vector<char>& vector)
 637 {
 638     LOG(Network, "ResourceHandle::loadResourceSynchronously:%s allowStoredCredentials:%u", request.url().string().utf8().data(), storedCredentials);
 639
 640     ASSERT(!request.isEmpty());
 641
 642     ASSERT(response.isNull());
 643     ASSERT(error.isNull());
 644
 645     OwnPtr<WebCoreSynchronousLoaderClient> client = WebCoreSynchronousLoaderClient::create(response, error);
 646     client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials);
 647
 648     RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));
 649
 650     if (context && handle->d->m_scheduledFailureType != NoFailure) {
 651         error = context->blockedError(request);
 652         return;
 653     }
 654
 655     RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(storedCredentials == AllowStoredCredentials));
 656
 657     handle->createCFURLConnection(storedCredentials == AllowStoredCredentials, ResourceHandle::shouldContentSniffURL(request.url()));
 658
 659     CFURLConnectionScheduleWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), WebCoreSynchronousLoaderRunLoopMode);
 660     CFURLConnectionScheduleDownloadWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), WebCoreSynchronousLoaderRunLoopMode);
 661     CFURLConnectionStart(handle->connection());
 662
 663     while (!client->isDone())
 664         CFRunLoopRunInMode(WebCoreSynchronousLoaderRunLoopMode, UINT_MAX, true);
 665
 666     CFURLConnectionCancel(handle->connection());
 667
 668     if (error.isNull() && response.mimeType().isNull())
 669         setDefaultMIMEType(response.cfURLResponse());
 670
 671     RetainPtr<CFDataRef> data = client->data();
 672
 673     if (!error.isNull()) {
 674         response = ResourceResponse(request.url(), String(), 0, String(), String());
 675
 676         CFErrorRef cfError = error;
 677         CFStringRef domain = CFErrorGetDomain(cfError);
 678         // FIXME: Return the actual response for failed authentication.
 679         if (domain == kCFErrorDomainCFNetwork)
 680             response.setHTTPStatusCode(CFErrorGetCode(cfError));
 681         else
 682             response.setHTTPStatusCode(404);
 683     }
 684
 685     if (data) {
 686         ASSERT(vector.isEmpty());
 687         vector.append(CFDataGetBytePtr(data.get()), CFDataGetLength(data.get()));
 688     }
 689 }
 690
 691 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
 692 {
 693     allowsAnyHTTPSCertificateHosts().add(host.lower());
 694 }
 695
 696 void ResourceHandle::setClientCertificate(const String& host, CFDataRef cert)
 697 {
 698     clientCerts().set(host.lower(), cert);
 699 }
 700
 701 void ResourceHandle::platformSetDefersLoading(bool defers)
 702 {
 703     if (!d->m_connection)
 704         return;
 705
 706     if (defers)
 707         CFURLConnectionHalt(d->m_connection.get());
 708     else
 709         CFURLConnectionResume(d->m_connection.get());
 710 }
 711
 712 bool ResourceHandle::loadsBlocked()
 713 {
 714     return false;
 715 }
 716
 717 bool ResourceHandle::willLoadFromCache(ResourceRequest& request, Frame* frame)
 718 {
 719     request.setCachePolicy(ReturnCacheDataDontLoad);
 720
 721     CFURLResponseRef cfResponse = 0;
 722     CFErrorRef cfError = 0;
 723     RetainPtr<CFURLRequestRef> cfRequest(AdoptCF, makeFinalRequest(request, true));
 724     RetainPtr<CFDataRef> data(AdoptCF, CFURLConnectionSendSynchronousRequest(cfRequest.get(), &cfResponse, &cfError, request.timeoutInterval()));
 725     bool cached = cfResponse && !cfError;
 726
 727     if (cfError)
 728         CFRelease(cfError);
 729     if (cfResponse)
 730         CFRelease(cfResponse);
 731
 732     return cached;
 733 }
 734
 735 #if USE(CFURLSTORAGESESSIONS)
 736
 737 RetainPtr<CFURLStorageSessionRef> ResourceHandle::createPrivateBrowsingStorageSession(CFStringRef identifier)
 738 {
 739     return RetainPtr<CFURLStorageSessionRef>(AdoptCF, wkCreatePrivateStorageSession(identifier));
 740 }
 741
 742 String ResourceHandle::privateBrowsingStorageSessionIdentifierDefaultBase()
 743 {
 744     return String(reinterpret_cast<CFStringRef>(CFBundleGetValueForInfoDictionaryKey(CFBundleGetMainBundle(), kCFBundleIdentifierKey)));
 745 }
 746
 747 CFURLStorageSessionRef ResourceHandle::currentStorageSession()
 748 {
 749     if (CFURLStorageSessionRef privateStorageSession = privateBrowsingStorageSession())
 750         return privateStorageSession;
 751 #if PLATFORM(WIN)
 752     return defaultStorageSession();
 753 #else
 754     return 0;
 755 #endif
 756 }
 757
 758 #if PLATFORM(WIN)
 759
 760 static RetainPtr<CFURLStorageSessionRef>& defaultCFURLStorageSession()
 761 {
 762     DEFINE_STATIC_LOCAL(RetainPtr<CFURLStorageSessionRef>, storageSession, ());
 763     return storageSession;
 764 }
 765
 766 void ResourceHandle::setDefaultStorageSession(CFURLStorageSessionRef storageSession)
 767 {
 768     defaultCFURLStorageSession().adoptCF(storageSession);
 769 }
 770
 771 CFURLStorageSessionRef ResourceHandle::defaultStorageSession()
 772 {
 773     return defaultCFURLStorageSession().get();
 774 }
 775
 776 #endif // PLATFORM(WIN)
 777
 778 #endif // USE(CFURLSTORAGESESSIONS)
 779
 780 void WebCoreSynchronousLoaderClient::willSendRequest(ResourceHandle* handle, ResourceRequest& request, const ResourceResponse& /*redirectResponse*/)
 781 {
 782     // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests.
 783     if (!protocolHostAndPortAreEqual(handle->firstRequest().url(), request.url())) {
 784         ASSERT(!m_error);
 785         RetainPtr<CFErrorRef> cfError(AdoptCF, CFErrorCreate(kCFAllocatorDefault, kCFErrorDomainCFNetwork, kCFURLErrorBadServerResponse, 0));
 786         m_error = cfError.get();
 787         m_isDone = true;
 788         request = 0;
 789         return;
 790     }
 791 }
 792 void WebCoreSynchronousLoaderClient::didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
 793 {
 794     m_response = response;
 795 }
 796
 797 void WebCoreSynchronousLoaderClient::didReceiveData(ResourceHandle*, const char* data, int length, int /*encodedDataLength*/)
 798 {
 799     if (!m_data)
 800         m_data.adoptCF(CFDataCreateMutable(kCFAllocatorDefault, 0));
 801     CFDataAppendBytes(m_data.get(), reinterpret_cast<const UInt8*>(data), length);
 802 }
 803
 804 void WebCoreSynchronousLoaderClient::didFinishLoading(ResourceHandle*, double)
 805 {
 806     m_isDone = true;
 807 }
 808
 809 void WebCoreSynchronousLoaderClient::didFail(ResourceHandle*, const ResourceError& error)
 810 {
 811     m_error = error;
 812     m_isDone = true;
 813 }
 814
 815 void WebCoreSynchronousLoaderClient::didReceiveAuthenticationChallenge(ResourceHandle* handle, const AuthenticationChallenge& challenge)
 816 {
 817     // FIXME: The user should be asked for credentials, as in async case.
 818     CFURLConnectionUseCredential(handle->connection(), 0, challenge.cfURLAuthChallengeRef());
 819 }
 820
 821 bool WebCoreSynchronousLoaderClient::shouldUseCredentialStorage(ResourceHandle*)
 822 {
 823     // FIXME: We should ask FrameLoaderClient whether using credential storage is globally forbidden.
 824     return m_allowStoredCredentials;
 825 }
 826
 827 } // namespace WebCore
 828
 829 #endif // USE(CFNETWORK)