Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp

   1 /*
   2  * Copyright (C) 2004, 2005, 2006, 2007, 2009 Apple Inc. All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
  14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
  17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
  21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  24  */
  25
  26 #include "config.h"
  27
  28 #if USE(CFNETWORK)
  29
  30 #include "ResourceHandle.h"
  31 #include "ResourceHandleClient.h"
  32 #include "ResourceHandleInternal.h"
  33
  34 #include "AuthenticationCF.h"
  35 #include "AuthenticationChallenge.h"
  36 #include "Base64.h"
  37 #include "CookieStorageCFNet.h"
  38 #include "CredentialStorage.h"
  39 #include "CachedResourceLoader.h"
  40 #include "FormDataStreamCFNet.h"
  41 #include "Frame.h"
  42 #include "FrameLoader.h"
  43 #include "LoaderRunLoopCF.h"
  44 #include "Logging.h"
  45 #include "MIMETypeRegistry.h"
  46 #include "ResourceError.h"
  47 #include "ResourceResponse.h"
  48 #include "SharedBuffer.h"
  49 #include <CFNetwork/CFNetwork.h>
  50 #include <WebKitSystemInterface/WebKitSystemInterface.h>
  51 #include <process.h> // for _beginthread()
  52 #include <sys/stat.h>
  53 #include <sys/types.h>
  54 #include <wtf/HashMap.h>
  55 #include <wtf/Threading.h>
  56 #include <wtf/text/CString.h>
  57
  58 // FIXME: Remove this declaration once it's in WebKitSupportLibrary.
  59 extern "C" {
  60 __declspec(dllimport) CFURLConnectionRef CFURLConnectionCreateWithProperties(
  61   CFAllocatorRef           alloc,
  62   CFURLRequestRef          request,
  63   CFURLConnectionClient *  client,
  64   CFDictionaryRef properties);
  65 }
  66
  67 namespace WebCore {
  68
  69 static CFStringRef WebCoreSynchronousLoaderRunLoopMode = CFSTR("WebCoreSynchronousLoaderRunLoopMode");
  70
  71 class WebCoreSynchronousLoaderClient : public ResourceHandleClient {
  72 public:
  73     static PassOwnPtr<WebCoreSynchronousLoaderClient> create(ResourceResponse& response, ResourceError& error)
  74     {
  75         return adoptPtr(new WebCoreSynchronousLoaderClient(response, error));
  76     }
  77
  78     void setAllowStoredCredentials(bool allow) { m_allowStoredCredentials = allow; }
  79     bool isDone() { return m_isDone; }
  80
  81     CFMutableDataRef data() { return m_data.get(); }
  82
  83 private:
  84     WebCoreSynchronousLoaderClient(ResourceResponse& response, ResourceError& error)
  85         : m_allowStoredCredentials(false)
  86         , m_response(response)
  87         , m_error(error)
  88         , m_isDone(false)
  89     {
  90     }
  91
  92     virtual void willSendRequest(ResourceHandle*, ResourceRequest&, const ResourceResponse& /*redirectResponse*/);
  93     virtual bool shouldUseCredentialStorage(ResourceHandle*);
  94     virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge&);
  95     virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse&);
  96     virtual void didReceiveData(ResourceHandle*, const char*, int, int /*encodedDataLength*/);
  97     virtual void didFinishLoading(ResourceHandle*, double /*finishTime*/);
  98     virtual void didFail(ResourceHandle*, const ResourceError&);
  99
 100     bool m_allowStoredCredentials;
 101     ResourceResponse& m_response;
 102     RetainPtr<CFMutableDataRef> m_data;
 103     ResourceError& m_error;
 104     bool m_isDone;
 105 };
 106
 107 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
 108 {
 109     static HashSet<String> hosts;
 110
 111     return hosts;
 112 }
 113
 114 static HashMap<String, RetainPtr<CFDataRef> >& clientCerts()
 115 {
 116     static HashMap<String, RetainPtr<CFDataRef> > certs;
 117     return certs;
 118 }
 119
 120 static void setDefaultMIMEType(CFURLResponseRef response)
 121 {
 122     static CFStringRef defaultMIMETypeString = defaultMIMEType().createCFString();
 123
 124     CFURLResponseSetMIMEType(response, defaultMIMETypeString);
 125 }
 126
 127 static String encodeBasicAuthorization(const String& user, const String& password)
 128 {
 129     return base64Encode((user + ":" + password).utf8());
 130 }
 131
 132 CFURLRequestRef willSendRequest(CFURLConnectionRef conn, CFURLRequestRef cfRequest, CFURLResponseRef cfRedirectResponse, const void* clientInfo)
 133 {
 134     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 135
 136     if (!cfRedirectResponse) {
 137         CFRetain(cfRequest);
 138         return cfRequest;
 139     }
 140
 141     LOG(Network, "CFNet - willSendRequest(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 142
 143     ResourceRequest request;
 144     if (cfRedirectResponse) {
 145         CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(cfRedirectResponse);
 146         if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
 147             RetainPtr<CFStringRef> lastHTTPMethod(AdoptCF, handle->lastHTTPMethod().createCFString());
 148             RetainPtr<CFStringRef> newMethod(AdoptCF, CFURLRequestCopyHTTPRequestMethod(cfRequest));
 149             if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
 150                 RetainPtr<CFMutableURLRequestRef> mutableRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfRequest));
 151                 CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
 152
 153                 FormData* body = handle->firstRequest().httpBody();
 154                 if (!equalIgnoringCase(handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
 155                     WebCore::setHTTPBody(mutableRequest.get(), body);
 156
 157                 String originalContentType = handle->firstRequest().httpContentType();
 158                 RetainPtr<CFStringRef> originalContentTypeCF(AdoptCF, originalContentType.createCFString());
 159                 if (!originalContentType.isEmpty())
 160                     CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentTypeCF.get());
 161
 162                 request = mutableRequest.get();
 163             }
 164         }
 165     }
 166     if (request.isNull())
 167         request = cfRequest;
 168
 169     // Should not set Referer after a redirect from a secure resource to non-secure one.
 170     if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https"))
 171         request.clearHTTPReferrer();
 172
 173     handle->willSendRequest(request, cfRedirectResponse);
 174
 175     if (request.isNull())
 176         return 0;
 177
 178     cfRequest = request.cfURLRequest();
 179
 180     CFRetain(cfRequest);
 181     return cfRequest;
 182 }
 183
 184 void didReceiveResponse(CFURLConnectionRef conn, CFURLResponseRef cfResponse, const void* clientInfo)
 185 {
 186     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 187
 188     LOG(Network, "CFNet - didReceiveResponse(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 189
 190     if (!handle->client())
 191         return;
 192
 193     if (!CFURLResponseGetMIMEType(cfResponse)) {
 194         // We should never be applying the default MIMEType if we told the networking layer to do content sniffing for handle.
 195         ASSERT(!handle->shouldContentSniff());
 196         setDefaultMIMEType(cfResponse);
 197     }
 198
 199     handle->client()->didReceiveResponse(handle, cfResponse);
 200 }
 201
 202 void didReceiveData(CFURLConnectionRef conn, CFDataRef data, CFIndex originalLength, const void* clientInfo)
 203 {
 204     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 205     const UInt8* bytes = CFDataGetBytePtr(data);
 206     CFIndex length = CFDataGetLength(data);
 207
 208     LOG(Network, "CFNet - didReceiveData(conn=%p, handle=%p, bytes=%d) (%s)", conn, handle, length, handle->firstRequest().url().string().utf8().data());
 209
 210     if (handle->client())
 211         handle->client()->didReceiveData(handle, (const char*)bytes, length, originalLength);
 212 }
 213
 214 static void didSendBodyData(CFURLConnectionRef conn, CFIndex bytesWritten, CFIndex totalBytesWritten, CFIndex totalBytesExpectedToWrite, const void *clientInfo)
 215 {
 216     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 217     if (!handle || !handle->client())
 218         return;
 219     handle->client()->didSendData(handle, totalBytesWritten, totalBytesExpectedToWrite);
 220 }
 221
 222 static Boolean shouldUseCredentialStorageCallback(CFURLConnectionRef conn, const void* clientInfo)
 223 {
 224     ResourceHandle* handle = const_cast<ResourceHandle*>(static_cast<const ResourceHandle*>(clientInfo));
 225
 226     LOG(Network, "CFNet - shouldUseCredentialStorage(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 227
 228     if (!handle)
 229         return false;
 230
 231     return handle->shouldUseCredentialStorage();
 232 }
 233
 234 void didFinishLoading(CFURLConnectionRef conn, const void* clientInfo)
 235 {
 236     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 237
 238     LOG(Network, "CFNet - didFinishLoading(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 239
 240     if (handle->client())
 241         handle->client()->didFinishLoading(handle, 0);
 242 }
 243
 244 void didFail(CFURLConnectionRef conn, CFErrorRef error, const void* clientInfo)
 245 {
 246     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 247
 248     LOG(Network, "CFNet - didFail(conn=%p, handle=%p, error = %p) (%s)", conn, handle, error, handle->firstRequest().url().string().utf8().data());
 249
 250     if (handle->client())
 251         handle->client()->didFail(handle, ResourceError(error));
 252 }
 253
 254 static CFCachedURLResponseRef willCacheResponse(CFURLConnectionRef, CFCachedURLResponseRef cachedResponse, const void* clientInfo)
 255 {
 256     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 257
 258 #if PLATFORM(WIN)
 259     if (handle->client() && !handle->client()->shouldCacheResponse(handle, cachedResponse))
 260         return 0;
 261 #else
 262     CFCachedURLResponseRef newResponse = handle->client()->willCacheResponse(handle, cachedResponse);
 263     if (newResponse != cachedResponse)
 264         return newResponse;
 265 #endif
 266
 267     CacheStoragePolicy policy = static_cast<CacheStoragePolicy>(CFCachedURLResponseGetStoragePolicy(cachedResponse));
 268
 269     if (handle->client())
 270         handle->client()->willCacheResponse(handle, policy);
 271
 272     if (static_cast<CFURLCacheStoragePolicy>(policy) != CFCachedURLResponseGetStoragePolicy(cachedResponse))
 273         cachedResponse = CFCachedURLResponseCreateWithUserInfo(kCFAllocatorDefault,
 274                                                                CFCachedURLResponseGetWrappedResponse(cachedResponse),
 275                                                                CFCachedURLResponseGetReceiverData(cachedResponse),
 276                                                                CFCachedURLResponseGetUserInfo(cachedResponse),
 277                                                                static_cast<CFURLCacheStoragePolicy>(policy));
 278     CFRetain(cachedResponse);
 279
 280     return cachedResponse;
 281 }
 282
 283 void didReceiveChallenge(CFURLConnectionRef conn, CFURLAuthChallengeRef challenge, const void* clientInfo)
 284 {
 285     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 286     ASSERT(handle);
 287     LOG(Network, "CFNet - didReceiveChallenge(conn=%p, handle=%p (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 288
 289     handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(challenge, handle));
 290 }
 291
 292 void addHeadersFromHashMap(CFMutableURLRequestRef request, const HTTPHeaderMap& requestHeaders)
 293 {
 294     if (!requestHeaders.size())
 295         return;
 296
 297     HTTPHeaderMap::const_iterator end = requestHeaders.end();
 298     for (HTTPHeaderMap::const_iterator it = requestHeaders.begin(); it != end; ++it) {
 299         CFStringRef key = it->first.createCFString();
 300         CFStringRef value = it->second.createCFString();
 301         CFURLRequestSetHTTPHeaderFieldValue(request, key, value);
 302         CFRelease(key);
 303         CFRelease(value);
 304     }
 305 }
 306
 307 ResourceHandleInternal::~ResourceHandleInternal()
 308 {
 309     if (m_connection) {
 310         LOG(Network, "CFNet - Cancelling connection %p (%s)", m_connection, m_firstRequest.url().string().utf8().data());
 311         CFURLConnectionCancel(m_connection.get());
 312     }
 313 }
 314
 315 ResourceHandle::~ResourceHandle()
 316 {
 317     LOG(Network, "CFNet - Destroying job %p (%s)", this, d->m_firstRequest.url().string().utf8().data());
 318 }
 319
 320 CFArrayRef arrayFromFormData(const FormData& d)
 321 {
 322     size_t size = d.elements().size();
 323     CFMutableArrayRef a = CFArrayCreateMutable(0, d.elements().size(), &kCFTypeArrayCallBacks);
 324     for (size_t i = 0; i < size; ++i) {
 325         const FormDataElement& e = d.elements()[i];
 326         if (e.m_type == FormDataElement::data) {
 327             CFDataRef data = CFDataCreate(0, (const UInt8*)e.m_data.data(), e.m_data.size());
 328             CFArrayAppendValue(a, data);
 329             CFRelease(data);
 330         } else {
 331             ASSERT(e.m_type == FormDataElement::encodedFile);
 332             CFStringRef filename = e.m_filename.createCFString();
 333             CFArrayAppendValue(a, filename);
 334             CFRelease(filename);
 335         }
 336     }
 337     return a;
 338 }
 339
 340 static CFURLRequestRef makeFinalRequest(const ResourceRequest& request, bool shouldContentSniff)
 341 {
 342     CFMutableURLRequestRef newRequest = CFURLRequestCreateMutableCopy(kCFAllocatorDefault, request.cfURLRequest());
 343
 344 #if USE(CFURLSTORAGESESSIONS)
 345     if (CFURLStorageSessionRef storageSession = ResourceHandle::privateBrowsingStorageSession())
 346         wkSetRequestStorageSession(storageSession, newRequest);
 347 #endif
 348
 349     if (!shouldContentSniff)
 350         wkSetCFURLRequestShouldContentSniff(newRequest, false);
 351
 352     RetainPtr<CFMutableDictionaryRef> sslProps;
 353
 354     if (allowsAnyHTTPSCertificateHosts().contains(request.url().host().lower())) {
 355         sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 356         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
 357         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
 358         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
 359         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
 360     }
 361
 362     HashMap<String, RetainPtr<CFDataRef> >::iterator clientCert = clientCerts().find(request.url().host().lower());
 363     if (clientCert != clientCerts().end()) {
 364         if (!sslProps)
 365             sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 366         wkSetClientCertificateInSSLProperties(sslProps.get(), (clientCert->second).get());
 367     }
 368
 369     if (sslProps)
 370         CFURLRequestSetSSLProperties(newRequest, sslProps.get());
 371
 372     if (CFHTTPCookieStorageRef cookieStorage = currentCookieStorage()) {
 373         CFURLRequestSetHTTPCookieStorage(newRequest, cookieStorage);
 374         CFHTTPCookieStorageAcceptPolicy policy = CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage);
 375         CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, policy);
 376
 377         // If a URL already has cookies, then we'll relax the 3rd party cookie policy and accept new cookies.
 378         if (policy == CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain) {
 379             CFURLRef url = CFURLRequestGetURL(newRequest);
 380             RetainPtr<CFArrayRef> cookies(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage, url, false));
 381             if (CFArrayGetCount(cookies.get()))
 382                 CFURLRequestSetMainDocumentURL(newRequest, url);
 383         }
 384     }
 385
 386     return newRequest;
 387 }
 388
 389 static CFDictionaryRef createConnectionProperties(bool shouldUseCredentialStorage)
 390 {
 391     static const CFStringRef webKitPrivateSessionCF = CFSTR("WebKitPrivateSession");
 392     static const CFStringRef _kCFURLConnectionSessionID = CFSTR("_kCFURLConnectionSessionID");
 393     static const CFStringRef kCFURLConnectionSocketStreamProperties = CFSTR("kCFURLConnectionSocketStreamProperties");
 394
 395     CFDictionaryRef sessionID = shouldUseCredentialStorage ?
 396         CFDictionaryCreate(0, 0, 0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) :
 397         CFDictionaryCreate(0, (const void**)&_kCFURLConnectionSessionID, (const void**)&webKitPrivateSessionCF, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
 398
 399     CFDictionaryRef propertiesDictionary = CFDictionaryCreate(0, (const void**)&kCFURLConnectionSocketStreamProperties, (const void**)&sessionID, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
 400
 401     CFRelease(sessionID);
 402     return propertiesDictionary;
 403 }
 404
 405 void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff)
 406 {
 407     if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolInHTTPFamily()) {
 408         // Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
 409         KURL urlWithCredentials(firstRequest().url());
 410         urlWithCredentials.setUser(d->m_user);
 411         urlWithCredentials.setPass(d->m_pass);
 412         firstRequest().setURL(urlWithCredentials);
 413     }
 414
 415     // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
 416     // try and reuse the credential preemptively, as allowed by RFC 2617.
 417     if (shouldUseCredentialStorage && firstRequest().url().protocolInHTTPFamily()) {
 418         if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
 419             // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
 420             // try and reuse the credential preemptively, as allowed by RFC 2617.
 421             d->m_initialCredential = CredentialStorage::get(firstRequest().url());
 422         } else {
 423             // If there is already a protection space known for the URL, update stored credentials before sending a request.
 424             // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
 425             // (so that an authentication dialog doesn't pop up).
 426             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
 427         }
 428     }
 429
 430     if (!d->m_initialCredential.isEmpty()) {
 431         String authHeader = "Basic " + encodeBasicAuthorization(d->m_initialCredential.user(), d->m_initialCredential.password());
 432         firstRequest().addHTTPHeaderField("Authorization", authHeader);
 433     }
 434
 435     RetainPtr<CFURLRequestRef> request(AdoptCF, makeFinalRequest(firstRequest(), shouldContentSniff));
 436
 437     CFURLConnectionClient_V3 client = { 3, this, 0, 0, 0, WebCore::willSendRequest, didReceiveResponse, didReceiveData, 0, didFinishLoading, didFail, willCacheResponse, didReceiveChallenge, didSendBodyData, shouldUseCredentialStorageCallback, 0};
 438     RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(shouldUseCredentialStorage));
 439
 440     d->m_connection.adoptCF(CFURLConnectionCreateWithProperties(0, request.get(), reinterpret_cast<CFURLConnectionClient*>(&client), connectionProperties.get()));
 441 }
 442
 443 bool ResourceHandle::start(NetworkingContext* context)
 444 {
 445     if (!context)
 446         return false;
 447
 448     // If NetworkingContext is invalid then we are no longer attached to a Page,
 449     // this must be an attempted load from an unload handler, so let's just block it.
 450     if (!context->isValid())
 451         return false;
 452
 453     bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this);
 454
 455     createCFURLConnection(shouldUseCredentialStorage, d->m_shouldContentSniff);
 456
 457     CFURLConnectionScheduleWithCurrentMessageQueue(d->m_connection.get());
 458     CFURLConnectionScheduleDownloadWithRunLoop(d->m_connection.get(), loaderRunLoop(), kCFRunLoopDefaultMode);
 459     CFURLConnectionStart(d->m_connection.get());
 460
 461     LOG(Network, "CFNet - Starting URL %s (handle=%p, conn=%p)", firstRequest().url().string().utf8().data(), this, d->m_connection);
 462
 463     return true;
 464 }
 465
 466 void ResourceHandle::cancel()
 467 {
 468     if (d->m_connection) {
 469         CFURLConnectionCancel(d->m_connection.get());
 470         d->m_connection = 0;
 471     }
 472 }
 473
 474 PassRefPtr<SharedBuffer> ResourceHandle::bufferedData()
 475 {
 476     ASSERT_NOT_REACHED();
 477     return 0;
 478 }
 479
 480 bool ResourceHandle::supportsBufferedData()
 481 {
 482     return false;
 483 }
 484
 485 void ResourceHandle::willSendRequest(ResourceRequest& request, const ResourceResponse& redirectResponse)
 486 {
 487     const KURL& url = request.url();
 488     d->m_user = url.user();
 489     d->m_pass = url.pass();
 490     d->m_lastHTTPMethod = request.httpMethod();
 491     request.removeCredentials();
 492     if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url()))
 493         request.clearHTTPAuthorization();
 494
 495 #if USE(CFURLSTORAGESESSIONS)
 496     if (CFURLStorageSessionRef storageSession = privateBrowsingStorageSession())
 497         request.setStorageSession(storageSession);
 498 #endif
 499
 500     client()->willSendRequest(this, request, redirectResponse);
 501 }
 502
 503 bool ResourceHandle::shouldUseCredentialStorage()
 504 {
 505     LOG(Network, "CFNet - shouldUseCredentialStorage()");
 506     if (client())
 507         return client()->shouldUseCredentialStorage(this);
 508
 509     return false;
 510 }
 511
 512 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
 513 {
 514     LOG(Network, "CFNet - didReceiveAuthenticationChallenge()");
 515     ASSERT(d->m_currentWebChallenge.isNull());
 516     // Since CFURLConnection networking relies on keeping a reference to the original CFURLAuthChallengeRef,
 517     // we make sure that is actually present
 518     ASSERT(challenge.cfURLAuthChallengeRef());
 519     ASSERT(challenge.authenticationClient() == this); // Should be already set.
 520
 521     if (!d->m_user.isNull() && !d->m_pass.isNull()) {
 522         RetainPtr<CFStringRef> user(AdoptCF, d->m_user.createCFString());
 523         RetainPtr<CFStringRef> pass(AdoptCF, d->m_pass.createCFString());
 524         RetainPtr<CFURLCredentialRef> credential(AdoptCF,
 525             CFURLCredentialCreate(kCFAllocatorDefault, user.get(), pass.get(), 0, kCFURLCredentialPersistenceNone));
 526
 527         KURL urlToStore;
 528         if (challenge.failureResponse().httpStatusCode() == 401)
 529             urlToStore = firstRequest().url();
 530         CredentialStorage::set(core(credential.get()), challenge.protectionSpace(), urlToStore);
 531
 532         CFURLConnectionUseCredential(d->m_connection.get(), credential.get(), challenge.cfURLAuthChallengeRef());
 533         d->m_user = String();
 534         d->m_pass = String();
 535         // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
 536         return;
 537     }
 538
 539     if (!client() || client()->shouldUseCredentialStorage(this)) {
 540         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
 541             // The stored credential wasn't accepted, stop using it.
 542             // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
 543             // but the observable effect should be very minor, if any.
 544             CredentialStorage::remove(challenge.protectionSpace());
 545         }
 546
 547         if (!challenge.previousFailureCount()) {
 548             Credential credential = CredentialStorage::get(challenge.protectionSpace());
 549             if (!credential.isEmpty() && credential != d->m_initialCredential) {
 550                 ASSERT(credential.persistence() == CredentialPersistenceNone);
 551                 if (challenge.failureResponse().httpStatusCode() == 401) {
 552                     // Store the credential back, possibly adding it as a default for this directory.
 553                     CredentialStorage::set(credential, challenge.protectionSpace(), firstRequest().url());
 554                 }
 555                 RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
 556                 CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 557                 return;
 558             }
 559         }
 560     }
 561
 562     d->m_currentWebChallenge = challenge;
 563
 564     if (client())
 565         client()->didReceiveAuthenticationChallenge(this, d->m_currentWebChallenge);
 566 }
 567
 568 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
 569 {
 570     LOG(Network, "CFNet - receivedCredential()");
 571     ASSERT(!challenge.isNull());
 572     ASSERT(challenge.cfURLAuthChallengeRef());
 573     if (challenge != d->m_currentWebChallenge)
 574         return;
 575
 576     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
 577     if (credential.isEmpty()) {
 578         receivedRequestToContinueWithoutCredential(challenge);
 579         return;
 580     }
 581
 582     if (credential.persistence() == CredentialPersistenceForSession) {
 583         // Manage per-session credentials internally, because once NSURLCredentialPersistencePerSession is used, there is no way
 584         // to ignore it for a particular request (short of removing it altogether).
 585         Credential webCredential(credential.user(), credential.password(), CredentialPersistenceNone);
 586         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(webCredential));
 587
 588         KURL urlToStore;
 589         if (challenge.failureResponse().httpStatusCode() == 401)
 590             urlToStore = firstRequest().url();
 591         CredentialStorage::set(webCredential, challenge.protectionSpace(), urlToStore);
 592
 593         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 594     } else {
 595         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
 596         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 597     }
 598
 599     clearAuthentication();
 600 }
 601
 602 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
 603 {
 604     LOG(Network, "CFNet - receivedRequestToContinueWithoutCredential()");
 605     ASSERT(!challenge.isNull());
 606     ASSERT(challenge.cfURLAuthChallengeRef());
 607     if (challenge != d->m_currentWebChallenge)
 608         return;
 609
 610     CFURLConnectionUseCredential(d->m_connection.get(), 0, challenge.cfURLAuthChallengeRef());
 611
 612     clearAuthentication();
 613 }
 614
 615 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
 616 {
 617     LOG(Network, "CFNet - receivedCancellation()");
 618     if (challenge != d->m_currentWebChallenge)
 619         return;
 620
 621     if (client())
 622         client()->receivedCancellation(this, challenge);
 623 }
 624
 625 CFURLConnectionRef ResourceHandle::connection() const
 626 {
 627     return d->m_connection.get();
 628 }
 629
 630 CFURLConnectionRef ResourceHandle::releaseConnectionForDownload()
 631 {
 632     LOG(Network, "CFNet - Job %p releasing connection %p for download", this, d->m_connection.get());
 633     return d->m_connection.releaseRef();
 634 }
 635
 636 void ResourceHandle::loadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials storedCredentials, ResourceError& error, ResourceResponse& response, Vector<char>& vector)
 637 {
 638     LOG(Network, "ResourceHandle::loadResourceSynchronously:%s allowStoredCredentials:%u", request.url().string().utf8().data(), storedCredentials);
 639
 640     ASSERT(!request.isEmpty());
 641
 642     ASSERT(response.isNull());
 643     ASSERT(error.isNull());
 644
 645     OwnPtr<WebCoreSynchronousLoaderClient> client = WebCoreSynchronousLoaderClient::create(response, error);
 646     client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials);
 647
 648     RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));
 649
 650     if (context && handle->d->m_scheduledFailureType != NoFailure) {
 651         error = context->blockedError(request);
 652         return;
 653     }
 654
 655     RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(storedCredentials == AllowStoredCredentials));
 656
 657     handle->createCFURLConnection(storedCredentials == AllowStoredCredentials, ResourceHandle::shouldContentSniffURL(request.url()));
 658
 659     CFURLConnectionScheduleWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), WebCoreSynchronousLoaderRunLoopMode);
 660     CFURLConnectionScheduleDownloadWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), WebCoreSynchronousLoaderRunLoopMode);
 661     CFURLConnectionStart(handle->connection());
 662
 663     while (!client->isDone())
 664         CFRunLoopRunInMode(WebCoreSynchronousLoaderRunLoopMode, UINT_MAX, true);
 665
 666     CFURLConnectionCancel(handle->connection());
 667
 668     if (error.isNull() && response.mimeType().isNull())
 669         setDefaultMIMEType(response.cfURLResponse());
 670
 671     RetainPtr<CFDataRef> data = client->data();
 672
 673     if (!error.isNull()) {
 674         response = ResourceResponse(request.url(), String(), 0, String(), String());
 675
 676         CFErrorRef cfError = error;
 677         CFStringRef domain = CFErrorGetDomain(cfError);
 678         // FIXME: Return the actual response for failed authentication.
 679         if (domain == kCFErrorDomainCFNetwork)
 680             response.setHTTPStatusCode(CFErrorGetCode(cfError));
 681         else
 682             response.setHTTPStatusCode(404);
 683     }
 684
 685     if (data) {
 686         ASSERT(vector.isEmpty());
 687         vector.append(CFDataGetBytePtr(data.get()), CFDataGetLength(data.get()));
 688     }
 689 }
 690
 691 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
 692 {
 693     allowsAnyHTTPSCertificateHosts().add(host.lower());
 694 }
 695
 696 void ResourceHandle::setClientCertificate(const String& host, CFDataRef cert)
 697 {
 698     clientCerts().set(host.lower(), cert);
 699 }
 700
 701 void ResourceHandle::platformSetDefersLoading(bool defers)
 702 {
 703     if (!d->m_connection)
 704         return;
 705
 706     if (defers)
 707         CFURLConnectionHalt(d->m_connection.get());
 708     else
 709         CFURLConnectionResume(d->m_connection.get());
 710 }
 711
 712 bool ResourceHandle::loadsBlocked()
 713 {
 714     return false;
 715 }
 716
 717 bool ResourceHandle::willLoadFromCache(ResourceRequest& request, Frame* frame)
 718 {
 719     request.setCachePolicy(ReturnCacheDataDontLoad);
 720
 721     CFURLResponseRef cfResponse = 0;
 722     CFErrorRef cfError = 0;
 723     RetainPtr<CFURLRequestRef> cfRequest(AdoptCF, makeFinalRequest(request, true));
 724     RetainPtr<CFDataRef> data(AdoptCF, CFURLConnectionSendSynchronousRequest(cfRequest.get(), &cfResponse, &cfError, request.timeoutInterval()));
 725     bool cached = cfResponse && !cfError;
 726
 727     if (cfError)
 728         CFRelease(cfError);
 729     if (cfResponse)
 730         CFRelease(cfResponse);
 731
 732     return cached;
 733 }
 734
 735 #if USE(CFURLSTORAGESESSIONS)
 736
 737 RetainPtr<CFURLStorageSessionRef> ResourceHandle::createPrivateBrowsingStorageSession(CFStringRef identifier)
 738 {
 739     return RetainPtr<CFURLStorageSessionRef>(AdoptCF, wkCreatePrivateStorageSession(identifier));
 740 }
 741
 742 String ResourceHandle::privateBrowsingStorageSessionIdentifierDefaultBase()
 743 {
 744     return String(reinterpret_cast<CFStringRef>(CFBundleGetValueForInfoDictionaryKey(CFBundleGetMainBundle(), kCFBundleIdentifierKey)));
 745 }
 746
 747 #endif
 748
 749 void WebCoreSynchronousLoaderClient::willSendRequest(ResourceHandle* handle, ResourceRequest& request, const ResourceResponse& /*redirectResponse*/)
 750 {
 751     // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests.
 752     if (!protocolHostAndPortAreEqual(handle->firstRequest().url(), request.url())) {
 753         ASSERT(!m_error);
 754         RetainPtr<CFErrorRef> cfError(AdoptCF, CFErrorCreate(kCFAllocatorDefault, kCFErrorDomainCFNetwork, kCFURLErrorBadServerResponse, 0));
 755         m_error = cfError.get();
 756         m_isDone = true;
 757         request = 0;
 758         return;
 759     }
 760 }
 761 void WebCoreSynchronousLoaderClient::didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
 762 {
 763     m_response = response;
 764 }
 765
 766 void WebCoreSynchronousLoaderClient::didReceiveData(ResourceHandle*, const char* data, int length, int /*encodedDataLength*/)
 767 {
 768     if (!m_data)
 769         m_data.adoptCF(CFDataCreateMutable(kCFAllocatorDefault, 0));
 770     CFDataAppendBytes(m_data.get(), reinterpret_cast<const UInt8*>(data), length);
 771 }
 772
 773 void WebCoreSynchronousLoaderClient::didFinishLoading(ResourceHandle*, double)
 774 {
 775     m_isDone = true;
 776 }
 777
 778 void WebCoreSynchronousLoaderClient::didFail(ResourceHandle*, const ResourceError& error)
 779 {
 780     m_error = error;
 781     m_isDone = true;
 782 }
 783
 784 void WebCoreSynchronousLoaderClient::didReceiveAuthenticationChallenge(ResourceHandle* handle, const AuthenticationChallenge& challenge)
 785 {
 786     // FIXME: The user should be asked for credentials, as in async case.
 787     CFURLConnectionUseCredential(handle->connection(), 0, challenge.cfURLAuthChallengeRef());
 788 }
 789
 790 bool WebCoreSynchronousLoaderClient::shouldUseCredentialStorage(ResourceHandle*)
 791 {
 792     // FIXME: We should ask FrameLoaderClient whether using credential storage is globally forbidden.
 793     return m_allowStoredCredentials;
 794 }
 795
 796 } // namespace WebCore
 797
 798 #endif // USE(CFNETWORK)