Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp

   1 /*
   2  * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011 Apple Inc. All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
  14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
  17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
  21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  24  */
  25
  26 #include "config.h"
  27
  28 #include "ResourceHandleInternal.h"
  29
  30 #include "AuthenticationCF.h"
  31 #include "AuthenticationChallenge.h"
  32 #include "CredentialStorage.h"
  33 #include "CachedResourceLoader.h"
  34 #include "FormDataStreamCFNet.h"
  35 #include "Frame.h"
  36 #include "FrameLoader.h"
  37 #include "LoaderRunLoopCF.h"
  38 #include "Logging.h"
  39 #include "MIMETypeRegistry.h"
  40 #include "NetworkingContext.h"
  41 #include "ResourceError.h"
  42 #include "ResourceHandleClient.h"
  43 #include "ResourceResponse.h"
  44 #include "SharedBuffer.h"
  45 #include "SynchronousLoaderClient.h"
  46 #include <CFNetwork/CFNetwork.h>
  47 #include <sys/stat.h>
  48 #include <sys/types.h>
  49 #include <wtf/HashMap.h>
  50 #include <wtf/Threading.h>
  51 #include <wtf/text/Base64.h>
  52 #include <wtf/text/CString.h>
  53
  54 #if PLATFORM(MAC)
  55 #include "WebCoreSystemInterface.h"
  56 #if USE(CFNETWORK)
  57 #include "WebCoreURLResponse.h"
  58 #include <CFNetwork/CFURLConnectionPriv.h>
  59 #include <CFNetwork/CFURLRequestPriv.h>
  60 #endif
  61 #endif
  62
  63 #if PLATFORM(WIN)
  64 #include <WebKitSystemInterface/WebKitSystemInterface.h>
  65 #include <process.h>
  66
  67 // FIXME: Remove this declaration once it's in WebKitSupportLibrary.
  68 extern "C" {
  69 __declspec(dllimport) CFURLConnectionRef CFURLConnectionCreateWithProperties(
  70   CFAllocatorRef           alloc,
  71   CFURLRequestRef          request,
  72   CFURLConnectionClient *  client,
  73   CFDictionaryRef properties);
  74 }
  75 #endif
  76
  77 namespace WebCore {
  78
  79 #if USE(CFNETWORK)
  80
  81 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
  82 {
  83     DEFINE_STATIC_LOCAL(HashSet<String>, hosts, ());
  84     return hosts;
  85 }
  86
  87 static HashMap<String, RetainPtr<CFDataRef> >& clientCerts()
  88 {
  89     typedef HashMap<String, RetainPtr<CFDataRef> > CertsMap;
  90     DEFINE_STATIC_LOCAL(CertsMap, certs, ());
  91     return certs;
  92 }
  93
  94 #if !PLATFORM(MAC)
  95 static void setDefaultMIMEType(CFURLResponseRef response)
  96 {
  97     static CFStringRef defaultMIMETypeString = defaultMIMEType().createCFString().leakRef();
  98
  99     CFURLResponseSetMIMEType(response, defaultMIMETypeString);
 100 }
 101 #endif
 102
 103 static void applyBasicAuthorizationHeader(ResourceRequest& request, const Credential& credential)
 104 {
 105     String authenticationHeader = "Basic " + base64Encode(String(credential.user() + ":" + credential.password()).utf8());
 106     request.clearHTTPAuthorization(); // FIXME: Should addHTTPHeaderField be smart enough to not build comma-separated lists in headers like Authorization?
 107     request.addHTTPHeaderField("Authorization", authenticationHeader);
 108 }
 109
 110 static CFURLRequestRef willSendRequest(CFURLConnectionRef conn, CFURLRequestRef cfRequest, CFURLResponseRef cfRedirectResponse, const void* clientInfo)
 111 {
 112 #if LOG_DISABLED
 113     UNUSED_PARAM(conn);
 114 #endif
 115     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 116
 117     if (!cfRedirectResponse) {
 118         CFRetain(cfRequest);
 119         return cfRequest;
 120     }
 121
 122     LOG(Network, "CFNet - willSendRequest(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 123
 124     ResourceRequest request;
 125     if (cfRedirectResponse) {
 126         CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(cfRedirectResponse);
 127         if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
 128             RetainPtr<CFStringRef> lastHTTPMethod = handle->lastHTTPMethod().createCFString();
 129             RetainPtr<CFStringRef> newMethod = adoptCF(CFURLRequestCopyHTTPRequestMethod(cfRequest));
 130             if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
 131                 RetainPtr<CFMutableURLRequestRef> mutableRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfRequest));
 132                 wkSetRequestStorageSession(handle->storageSession(), mutableRequest.get());
 133                 CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
 134
 135                 FormData* body = handle->firstRequest().httpBody();
 136                 if (!equalIgnoringCase(handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
 137                     WebCore::setHTTPBody(mutableRequest.get(), body);
 138
 139                 String originalContentType = handle->firstRequest().httpContentType();
 140                 if (!originalContentType.isEmpty())
 141                     CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentType.createCFString().get());
 142
 143                 request = mutableRequest.get();
 144             }
 145         }
 146     }
 147     if (request.isNull())
 148         request = cfRequest;
 149
 150     // Should not set Referer after a redirect from a secure resource to non-secure one.
 151     if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") && handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect())
 152         request.clearHTTPReferrer();
 153
 154     handle->willSendRequest(request, cfRedirectResponse);
 155
 156     if (request.isNull())
 157         return 0;
 158
 159     cfRequest = request.cfURLRequest(UpdateHTTPBody);
 160
 161     CFRetain(cfRequest);
 162     return cfRequest;
 163 }
 164
 165 static void didReceiveResponse(CFURLConnectionRef conn, CFURLResponseRef cfResponse, const void* clientInfo)
 166 {
 167 #if LOG_DISABLED
 168     UNUSED_PARAM(conn);
 169 #endif
 170     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 171
 172     LOG(Network, "CFNet - didReceiveResponse(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 173
 174     if (!handle->client())
 175         return;
 176
 177 #if PLATFORM(MAC)
 178     // Avoid MIME type sniffing if the response comes back as 304 Not Modified.
 179     CFHTTPMessageRef msg = wkGetCFURLResponseHTTPResponse(cfResponse);
 180     int statusCode = msg ? CFHTTPMessageGetResponseStatusCode(msg) : 0;
 181
 182     if (statusCode != 304)
 183         adjustMIMETypeIfNecessary(cfResponse);
 184
 185     if (_CFURLRequestCopyProtocolPropertyForKey(handle->firstRequest().cfURLRequest(DoNotUpdateHTTPBody), CFSTR("ForceHTMLMIMEType")))
 186         wkSetCFURLResponseMIMEType(cfResponse, CFSTR("text/html"));
 187 #else
 188     if (!CFURLResponseGetMIMEType(cfResponse)) {
 189         // We should never be applying the default MIMEType if we told the networking layer to do content sniffing for handle.
 190         ASSERT(!handle->shouldContentSniff());
 191         setDefaultMIMEType(cfResponse);
 192     }
 193 #endif
 194
 195     handle->client()->didReceiveResponse(handle, cfResponse);
 196 }
 197
 198 #if USE(NETWORK_CFDATA_ARRAY_CALLBACK)
 199 static void didReceiveDataArray(CFURLConnectionRef conn, CFArrayRef dataArray, const void* clientInfo)
 200 {
 201 #if LOG_DISABLED
 202     UNUSED_PARAM(conn);
 203 #endif
 204     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 205     if (!handle->client())
 206         return;
 207
 208     LOG(Network, "CFNet - didReceiveDataArray(conn=%p, handle=%p, arrayLength=%ld) (%s)", conn, handle, CFArrayGetCount(dataArray), handle->firstRequest().url().string().utf8().data());
 209
 210     handle->handleDataArray(dataArray);
 211 }
 212 #endif
 213
 214 static void didReceiveData(CFURLConnectionRef conn, CFDataRef data, CFIndex originalLength, const void* clientInfo)
 215 {
 216 #if LOG_DISABLED
 217     UNUSED_PARAM(conn);
 218 #endif
 219     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 220     const UInt8* bytes = CFDataGetBytePtr(data);
 221     CFIndex length = CFDataGetLength(data);
 222
 223     LOG(Network, "CFNet - didReceiveData(conn=%p, handle=%p, bytes=%ld) (%s)", conn, handle, length, handle->firstRequest().url().string().utf8().data());
 224
 225     if (handle->client())
 226         handle->client()->didReceiveData(handle, (const char*)bytes, length, originalLength);
 227 }
 228
 229 static void didSendBodyData(CFURLConnectionRef, CFIndex, CFIndex totalBytesWritten, CFIndex totalBytesExpectedToWrite, const void *clientInfo)
 230 {
 231     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 232     if (!handle || !handle->client())
 233         return;
 234     handle->client()->didSendData(handle, totalBytesWritten, totalBytesExpectedToWrite);
 235 }
 236
 237 static Boolean shouldUseCredentialStorageCallback(CFURLConnectionRef conn, const void* clientInfo)
 238 {
 239 #if LOG_DISABLED
 240     UNUSED_PARAM(conn);
 241 #endif
 242     ResourceHandle* handle = const_cast<ResourceHandle*>(static_cast<const ResourceHandle*>(clientInfo));
 243
 244     LOG(Network, "CFNet - shouldUseCredentialStorage(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 245
 246     if (!handle)
 247         return false;
 248
 249     return handle->shouldUseCredentialStorage();
 250 }
 251
 252 static void didFinishLoading(CFURLConnectionRef conn, const void* clientInfo)
 253 {
 254 #if LOG_DISABLED
 255     UNUSED_PARAM(conn);
 256 #endif
 257     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 258
 259     LOG(Network, "CFNet - didFinishLoading(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 260
 261     if (handle->client())
 262         handle->client()->didFinishLoading(handle, 0);
 263 }
 264
 265 static void didFail(CFURLConnectionRef conn, CFErrorRef error, const void* clientInfo)
 266 {
 267 #if LOG_DISABLED
 268     UNUSED_PARAM(conn);
 269 #endif
 270     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 271
 272     LOG(Network, "CFNet - didFail(conn=%p, handle=%p, error = %p) (%s)", conn, handle, error, handle->firstRequest().url().string().utf8().data());
 273
 274     if (handle->client())
 275         handle->client()->didFail(handle, ResourceError(error));
 276 }
 277
 278 static CFCachedURLResponseRef willCacheResponse(CFURLConnectionRef, CFCachedURLResponseRef cachedResponse, const void* clientInfo)
 279 {
 280     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 281     CFURLResponseRef wrappedResponse = CFCachedURLResponseGetWrappedResponse(cachedResponse);
 282
 283     // Workaround for <rdar://problem/6300990> Caching does not respect Vary HTTP header.
 284     // FIXME: WebCore cache has issues with Vary, too (bug 58797, bug 71509).
 285     if (CFHTTPMessageRef httpResponse = CFURLResponseGetHTTPResponse(wrappedResponse)) {
 286         ASSERT(CFHTTPMessageIsHeaderComplete(httpResponse));
 287         RetainPtr<CFStringRef> varyValue = adoptCF(CFHTTPMessageCopyHeaderFieldValue(httpResponse, CFSTR("Vary")));
 288         if (varyValue)
 289             return 0;
 290     }
 291
 292 #if PLATFORM(WIN)
 293     if (handle->client() && !handle->client()->shouldCacheResponse(handle, cachedResponse))
 294         return 0;
 295 #else
 296     CFCachedURLResponseRef newResponse = handle->client()->willCacheResponse(handle, cachedResponse);
 297     if (newResponse != cachedResponse)
 298         return newResponse;
 299 #endif
 300
 301     CFRetain(cachedResponse);
 302
 303     return cachedResponse;
 304 }
 305
 306 static void didReceiveChallenge(CFURLConnectionRef conn, CFURLAuthChallengeRef challenge, const void* clientInfo)
 307 {
 308 #if LOG_DISABLED
 309     UNUSED_PARAM(conn);
 310 #endif
 311     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 312     ASSERT(handle);
 313     LOG(Network, "CFNet - didReceiveChallenge(conn=%p, handle=%p (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 314
 315     handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(challenge, handle));
 316 }
 317
 318 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
 319 static Boolean canRespondToProtectionSpace(CFURLConnectionRef conn, CFURLProtectionSpaceRef protectionSpace, const void* clientInfo)
 320 {
 321 #if LOG_DISABLED
 322     UNUSED_PARAM(conn);
 323 #endif
 324     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
 325     ASSERT(handle);
 326
 327     LOG(Network, "CFNet - canRespondToProtectionSpace(conn=%p, handle=%p (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
 328
 329     return handle->canAuthenticateAgainstProtectionSpace(core(protectionSpace));
 330 }
 331 #endif
 332
 333 ResourceHandleInternal::~ResourceHandleInternal()
 334 {
 335     if (m_connection) {
 336         LOG(Network, "CFNet - Cancelling connection %p (%s)", m_connection.get(), m_firstRequest.url().string().utf8().data());
 337         CFURLConnectionCancel(m_connection.get());
 338     }
 339 }
 340
 341 ResourceHandle::~ResourceHandle()
 342 {
 343     LOG(Network, "CFNet - Destroying job %p (%s)", this, d->m_firstRequest.url().string().utf8().data());
 344 }
 345
 346 void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff)
 347 {
 348     if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
 349         // Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
 350         KURL urlWithCredentials(firstRequest().url());
 351         urlWithCredentials.setUser(d->m_user);
 352         urlWithCredentials.setPass(d->m_pass);
 353         firstRequest().setURL(urlWithCredentials);
 354     }
 355
 356     // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
 357     // try and reuse the credential preemptively, as allowed by RFC 2617.
 358     if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
 359         if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
 360             // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
 361             // try and reuse the credential preemptively, as allowed by RFC 2617.
 362             d->m_initialCredential = CredentialStorage::get(firstRequest().url());
 363         } else {
 364             // If there is already a protection space known for the URL, update stored credentials before sending a request.
 365             // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
 366             // (so that an authentication dialog doesn't pop up).
 367             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
 368         }
 369     }
 370
 371     if (!d->m_initialCredential.isEmpty()) {
 372         // FIXME: Support Digest authentication, and Proxy-Authorization.
 373         applyBasicAuthorizationHeader(firstRequest(), d->m_initialCredential);
 374     }
 375
 376     RetainPtr<CFMutableURLRequestRef> request = adoptCF(CFURLRequestCreateMutableCopy(kCFAllocatorDefault, firstRequest().cfURLRequest(UpdateHTTPBody)));
 377     wkSetRequestStorageSession(d->m_storageSession.get(), request.get());
 378
 379     if (!shouldContentSniff)
 380         wkSetCFURLRequestShouldContentSniff(request.get(), false);
 381
 382     RetainPtr<CFMutableDictionaryRef> sslProps;
 383
 384     if (allowsAnyHTTPSCertificateHosts().contains(firstRequest().url().host().lower())) {
 385         sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 386         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
 387         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
 388         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
 389         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
 390     }
 391
 392     HashMap<String, RetainPtr<CFDataRef> >::iterator clientCert = clientCerts().find(firstRequest().url().host().lower());
 393     if (clientCert != clientCerts().end()) {
 394         if (!sslProps)
 395             sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 396 #if PLATFORM(WIN)
 397         wkSetClientCertificateInSSLProperties(sslProps.get(), (clientCert->value).get());
 398 #endif
 399     }
 400
 401     if (sslProps)
 402         CFURLRequestSetSSLProperties(request.get(), sslProps.get());
 403
 404 #if PLATFORM(WIN)
 405     if (CFHTTPCookieStorageRef cookieStorage = overridenCookieStorage()) {
 406         // Overridden cookie storage doesn't come from a session, so the request does not have it yet.
 407         CFURLRequestSetHTTPCookieStorage(request.get(), cookieStorage);
 408     }
 409 #endif
 410
 411     CFURLConnectionClient_V6 client = { 6, this, 0, 0, 0, WebCore::willSendRequest, didReceiveResponse, didReceiveData, 0, didFinishLoading, didFail, willCacheResponse, didReceiveChallenge, didSendBodyData, shouldUseCredentialStorageCallback, 0,
 412 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
 413         canRespondToProtectionSpace,
 414 #else
 415         0,
 416 #endif
 417         0,
 418 #if USE(NETWORK_CFDATA_ARRAY_CALLBACK)
 419         didReceiveDataArray
 420 #else
 421         0
 422 #endif
 423     };
 424
 425     CFMutableDictionaryRef streamProperties  = CFDictionaryCreateMutable(0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
 426     if (!shouldUseCredentialStorage)
 427         CFDictionarySetValue(streamProperties, CFSTR("_kCFURLConnectionSessionID"), CFSTR("WebKitPrivateSession"));
 428
 429 #if PLATFORM(IOS) || (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090)
 430     RetainPtr<CFDataRef> sourceApplicationAuditData = d->m_context->sourceApplicationAuditData();
 431     if (sourceApplicationAuditData)
 432         CFDictionarySetValue(streamProperties, CFSTR("kCFStreamPropertySourceApplication"), sourceApplicationAuditData.get());
 433 #endif
 434
 435     static const CFStringRef kCFURLConnectionSocketStreamProperties = CFSTR("kCFURLConnectionSocketStreamProperties");
 436     RetainPtr<CFDictionaryRef> propertiesDictionary = adoptCF(CFDictionaryCreate(0, (const void**)&kCFURLConnectionSocketStreamProperties, (const void**)&streamProperties, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
 437     CFRelease(streamProperties);
 438
 439     d->m_connection.adoptCF(CFURLConnectionCreateWithProperties(0, request.get(), reinterpret_cast<CFURLConnectionClient*>(&client), propertiesDictionary.get()));
 440 }
 441
 442 bool ResourceHandle::start()
 443 {
 444     if (!d->m_context)
 445         return false;
 446
 447     // If NetworkingContext is invalid then we are no longer attached to a Page,
 448     // this must be an attempted load from an unload handler, so let's just block it.
 449     if (!d->m_context->isValid())
 450         return false;
 451
 452     d->m_storageSession = d->m_context->storageSession().platformSession();
 453
 454     bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this);
 455
 456     createCFURLConnection(shouldUseCredentialStorage, d->m_shouldContentSniff);
 457
 458 #if PLATFORM(WIN)
 459     CFURLConnectionScheduleWithCurrentMessageQueue(d->m_connection.get());
 460 #else
 461     CFURLConnectionScheduleWithRunLoop(d->m_connection.get(), CFRunLoopGetCurrent(), kCFRunLoopDefaultMode);
 462 #endif
 463     CFURLConnectionScheduleDownloadWithRunLoop(d->m_connection.get(), loaderRunLoop(), kCFRunLoopDefaultMode);
 464     CFURLConnectionStart(d->m_connection.get());
 465
 466     LOG(Network, "CFNet - Starting URL %s (handle=%p, conn=%p)", firstRequest().url().string().utf8().data(), this, d->m_connection.get());
 467
 468     return true;
 469 }
 470
 471 void ResourceHandle::cancel()
 472 {
 473     if (d->m_connection) {
 474         CFURLConnectionCancel(d->m_connection.get());
 475         d->m_connection = 0;
 476     }
 477 }
 478
 479 void ResourceHandle::willSendRequest(ResourceRequest& request, const ResourceResponse& redirectResponse)
 480 {
 481     const KURL& url = request.url();
 482     d->m_user = url.user();
 483     d->m_pass = url.pass();
 484     d->m_lastHTTPMethod = request.httpMethod();
 485     request.removeCredentials();
 486
 487     if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url())) {
 488         // If the network layer carries over authentication headers from the original request
 489         // in a cross-origin redirect, we want to clear those headers here.
 490         request.clearHTTPAuthorization();
 491     } else {
 492         // Only consider applying authentication credentials if this is actually a redirect and the redirect
 493         // URL didn't include credentials of its own.
 494         if (d->m_user.isEmpty() && d->m_pass.isEmpty() && !redirectResponse.isNull()) {
 495             Credential credential = CredentialStorage::get(request.url());
 496             if (!credential.isEmpty()) {
 497                 d->m_initialCredential = credential;
 498
 499                 // FIXME: Support Digest authentication, and Proxy-Authorization.
 500                 applyBasicAuthorizationHeader(request, d->m_initialCredential);
 501             }
 502         }
 503     }
 504
 505     RefPtr<ResourceHandle> protect(this);
 506     client()->willSendRequest(this, request, redirectResponse);
 507
 508     // Client call may not preserve the session, especially if the request is sent over IPC.
 509     if (!request.isNull())
 510         request.setStorageSession(d->m_storageSession.get());
 511 }
 512
 513 bool ResourceHandle::shouldUseCredentialStorage()
 514 {
 515     LOG(Network, "CFNet - shouldUseCredentialStorage()");
 516     if (client())
 517         return client()->shouldUseCredentialStorage(this);
 518
 519     return false;
 520 }
 521
 522 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
 523 {
 524     LOG(Network, "CFNet - didReceiveAuthenticationChallenge()");
 525     ASSERT(d->m_currentWebChallenge.isNull());
 526     // Since CFURLConnection networking relies on keeping a reference to the original CFURLAuthChallengeRef,
 527     // we make sure that is actually present
 528     ASSERT(challenge.cfURLAuthChallengeRef());
 529     ASSERT(challenge.authenticationClient() == this); // Should be already set.
 530
 531 #if !PLATFORM(WIN)
 532     // Proxy authentication is handled by CFNetwork internally. We can get here if the user cancels
 533     // CFNetwork authentication dialog, and we shouldn't ask the client to display another one in that case.
 534     if (challenge.protectionSpace().isProxy()) {
 535         // Cannot use receivedRequestToContinueWithoutCredential(), because current challenge is not yet set.
 536         CFURLConnectionUseCredential(d->m_connection.get(), 0, challenge.cfURLAuthChallengeRef());
 537         return;
 538     }
 539 #endif
 540
 541     if (!d->m_user.isNull() && !d->m_pass.isNull()) {
 542         RetainPtr<CFURLCredentialRef> credential = adoptCF(CFURLCredentialCreate(kCFAllocatorDefault, d->m_user.createCFString().get(), d->m_pass.createCFString().get(), 0, kCFURLCredentialPersistenceNone));
 543
 544         KURL urlToStore;
 545         if (challenge.failureResponse().httpStatusCode() == 401)
 546             urlToStore = challenge.failureResponse().url();
 547         CredentialStorage::set(core(credential.get()), challenge.protectionSpace(), urlToStore);
 548
 549         CFURLConnectionUseCredential(d->m_connection.get(), credential.get(), challenge.cfURLAuthChallengeRef());
 550         d->m_user = String();
 551         d->m_pass = String();
 552         // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
 553         return;
 554     }
 555
 556     if (!client() || client()->shouldUseCredentialStorage(this)) {
 557         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
 558             // The stored credential wasn't accepted, stop using it.
 559             // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
 560             // but the observable effect should be very minor, if any.
 561             CredentialStorage::remove(challenge.protectionSpace());
 562         }
 563
 564         if (!challenge.previousFailureCount()) {
 565             Credential credential = CredentialStorage::get(challenge.protectionSpace());
 566             if (!credential.isEmpty() && credential != d->m_initialCredential) {
 567                 ASSERT(credential.persistence() == CredentialPersistenceNone);
 568                 if (challenge.failureResponse().httpStatusCode() == 401) {
 569                     // Store the credential back, possibly adding it as a default for this directory.
 570                     CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url());
 571                 }
 572                 RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
 573                 CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 574                 return;
 575             }
 576         }
 577     }
 578
 579     d->m_currentWebChallenge = challenge;
 580
 581     if (client())
 582         client()->didReceiveAuthenticationChallenge(this, d->m_currentWebChallenge);
 583 }
 584
 585 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
 586 bool ResourceHandle::canAuthenticateAgainstProtectionSpace(const ProtectionSpace& protectionSpace)
 587 {
 588     if (client())
 589         return client()->canAuthenticateAgainstProtectionSpace(this, protectionSpace);
 590
 591     return false;
 592 }
 593 #endif
 594
 595 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
 596 {
 597     LOG(Network, "CFNet - receivedCredential()");
 598     ASSERT(!challenge.isNull());
 599     ASSERT(challenge.cfURLAuthChallengeRef());
 600     if (challenge != d->m_currentWebChallenge)
 601         return;
 602
 603     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
 604     if (credential.isEmpty()) {
 605         receivedRequestToContinueWithoutCredential(challenge);
 606         return;
 607     }
 608
 609     if (credential.persistence() == CredentialPersistenceForSession) {
 610         // Manage per-session credentials internally, because once NSURLCredentialPersistencePerSession is used, there is no way
 611         // to ignore it for a particular request (short of removing it altogether).
 612         Credential webCredential(credential.user(), credential.password(), CredentialPersistenceNone);
 613         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(webCredential));
 614
 615         KURL urlToStore;
 616         if (challenge.failureResponse().httpStatusCode() == 401)
 617             urlToStore = challenge.failureResponse().url();
 618         CredentialStorage::set(webCredential, challenge.protectionSpace(), urlToStore);
 619
 620         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 621     } else {
 622         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
 623         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
 624     }
 625
 626     clearAuthentication();
 627 }
 628
 629 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
 630 {
 631     LOG(Network, "CFNet - receivedRequestToContinueWithoutCredential()");
 632     ASSERT(!challenge.isNull());
 633     ASSERT(challenge.cfURLAuthChallengeRef());
 634     if (challenge != d->m_currentWebChallenge)
 635         return;
 636
 637     CFURLConnectionUseCredential(d->m_connection.get(), 0, challenge.cfURLAuthChallengeRef());
 638
 639     clearAuthentication();
 640 }
 641
 642 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
 643 {
 644     LOG(Network, "CFNet - receivedCancellation()");
 645     if (challenge != d->m_currentWebChallenge)
 646         return;
 647
 648     if (client())
 649         client()->receivedCancellation(this, challenge);
 650 }
 651
 652 CFURLStorageSessionRef ResourceHandle::storageSession() const
 653 {
 654     return d->m_storageSession.get();
 655 }
 656
 657 CFURLConnectionRef ResourceHandle::connection() const
 658 {
 659     return d->m_connection.get();
 660 }
 661
 662 CFURLConnectionRef ResourceHandle::releaseConnectionForDownload()
 663 {
 664     LOG(Network, "CFNet - Job %p releasing connection %p for download", this, d->m_connection.get());
 665     return d->m_connection.leakRef();
 666 }
 667
 668 CFStringRef ResourceHandle::synchronousLoadRunLoopMode()
 669 {
 670     return CFSTR("WebCoreSynchronousLoaderRunLoopMode");
 671 }
 672
 673 void ResourceHandle::platformLoadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials storedCredentials, ResourceError& error, ResourceResponse& response, Vector<char>& data)
 674 {
 675     LOG(Network, "ResourceHandle::platformLoadResourceSynchronously:%s allowStoredCredentials:%u", request.url().string().utf8().data(), storedCredentials);
 676
 677     ASSERT(!request.isEmpty());
 678
 679     ASSERT(response.isNull());
 680     ASSERT(error.isNull());
 681
 682     OwnPtr<SynchronousLoaderClient> client = SynchronousLoaderClient::create();
 683     client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials);
 684
 685     RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));
 686
 687     handle->d->m_storageSession = context->storageSession().platformSession();
 688
 689     if (handle->d->m_scheduledFailureType != NoFailure) {
 690         error = context->blockedError(request);
 691         return;
 692     }
 693
 694     handle->createCFURLConnection(storedCredentials == AllowStoredCredentials, ResourceHandle::shouldContentSniffURL(request.url()));
 695
 696     CFURLConnectionScheduleWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), synchronousLoadRunLoopMode());
 697     CFURLConnectionScheduleDownloadWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), synchronousLoadRunLoopMode());
 698     CFURLConnectionStart(handle->connection());
 699
 700     while (!client->isDone())
 701         CFRunLoopRunInMode(synchronousLoadRunLoopMode(), UINT_MAX, true);
 702
 703     error = client->error();
 704
 705     CFURLConnectionCancel(handle->connection());
 706
 707     if (error.isNull())
 708         response = client->response();
 709     else {
 710         response = ResourceResponse(request.url(), String(), 0, String(), String());
 711         // FIXME: ResourceHandleMac also handles authentication errors by setting code to 401. CFNet version should probably do the same.
 712         if (error.domain() == String(kCFErrorDomainCFNetwork))
 713             response.setHTTPStatusCode(error.errorCode());
 714         else
 715             response.setHTTPStatusCode(404);
 716     }
 717
 718     data.swap(client->mutableData());
 719 }
 720
 721 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
 722 {
 723     allowsAnyHTTPSCertificateHosts().add(host.lower());
 724 }
 725
 726 void ResourceHandle::setClientCertificate(const String& host, CFDataRef cert)
 727 {
 728     clientCerts().set(host.lower(), cert);
 729 }
 730
 731 void ResourceHandle::platformSetDefersLoading(bool defers)
 732 {
 733     if (!d->m_connection)
 734         return;
 735
 736     if (defers)
 737         CFURLConnectionHalt(d->m_connection.get());
 738     else
 739         CFURLConnectionResume(d->m_connection.get());
 740 }
 741
 742 bool ResourceHandle::loadsBlocked()
 743 {
 744     return false;
 745 }
 746
 747 #if PLATFORM(MAC)
 748 void ResourceHandle::schedule(SchedulePair* pair)
 749 {
 750     CFRunLoopRef runLoop = pair->runLoop();
 751     if (!runLoop)
 752         return;
 753
 754     CFURLConnectionScheduleWithRunLoop(d->m_connection.get(), runLoop, pair->mode());
 755     if (d->m_startWhenScheduled) {
 756         CFURLConnectionStart(d->m_connection.get());
 757         d->m_startWhenScheduled = false;
 758     }
 759 }
 760
 761 void ResourceHandle::unschedule(SchedulePair* pair)
 762 {
 763     CFRunLoopRef runLoop = pair->runLoop();
 764     if (!runLoop)
 765         return;
 766
 767     CFURLConnectionUnscheduleFromRunLoop(d->m_connection.get(), runLoop, pair->mode());
 768 }
 769 #endif
 770
 771 #endif // USE(CFNETWORK)
 772
 773 #if USE(NETWORK_CFDATA_ARRAY_CALLBACK)
 774 void ResourceHandle::handleDataArray(CFArrayRef dataArray)
 775 {
 776     ASSERT(client());
 777     if (client()->supportsDataArray()) {
 778         client()->didReceiveDataArray(this, dataArray);
 779         return;
 780     }
 781
 782     CFIndex count = CFArrayGetCount(dataArray);
 783     ASSERT(count);
 784     if (count == 1) {
 785         CFDataRef data = static_cast<CFDataRef>(CFArrayGetValueAtIndex(dataArray, 0));
 786         CFIndex length = CFDataGetLength(data);
 787         client()->didReceiveData(this, reinterpret_cast<const char*>(CFDataGetBytePtr(data)), length, static_cast<int>(length));
 788         return;
 789     }
 790
 791     CFIndex totalSize = 0;
 792     CFIndex index;
 793     for (index = 0; index < count; index++)
 794         totalSize += CFDataGetLength(static_cast<CFDataRef>(CFArrayGetValueAtIndex(dataArray, index)));
 795
 796     RetainPtr<CFMutableDataRef> mergedData(AdoptCF, CFDataCreateMutable(kCFAllocatorDefault, totalSize));
 797     for (index = 0; index < count; index++) {
 798         CFDataRef data = static_cast<CFDataRef>(CFArrayGetValueAtIndex(dataArray, index));
 799         CFDataAppendBytes(mergedData.get(), CFDataGetBytePtr(data), CFDataGetLength(data));
 800     }
 801
 802     client()->didReceiveData(this, reinterpret_cast<const char*>(CFDataGetBytePtr(mergedData.get())), totalSize, static_cast<int>(totalSize));
 803 }
 804 #endif
 805
 806 } // namespace WebCore