Source/WebCore: WebKit2: Use CFNetwork Sessions API.
[WebKit-https.git] / Source / WebCore / platform / network / cf / ResourceHandleCFNet.cpp
1 /*
2  * Copyright (C) 2004, 2005, 2006, 2007, 2009 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
24  */
25
26 #include "config.h"
27
28 #if USE(CFNETWORK)
29
30 #include "ResourceHandle.h"
31 #include "ResourceHandleClient.h"
32 #include "ResourceHandleInternal.h"
33
34 #include "AuthenticationCF.h"
35 #include "AuthenticationChallenge.h"
36 #include "Base64.h"
37 #include "CookieStorageCFNet.h"
38 #include "CredentialStorage.h"
39 #include "CachedResourceLoader.h"
40 #include "FormDataStreamCFNet.h"
41 #include "Frame.h"
42 #include "FrameLoader.h"
43 #include "LoaderRunLoopCF.h"
44 #include "Logging.h"
45 #include "MIMETypeRegistry.h"
46 #include "ResourceError.h"
47 #include "ResourceResponse.h"
48 #include "SharedBuffer.h"
49 #include <CFNetwork/CFNetwork.h>
50 #include <WebKitSystemInterface/WebKitSystemInterface.h>
51 #include <process.h> // for _beginthread()
52 #include <sys/stat.h>
53 #include <sys/types.h>
54 #include <wtf/HashMap.h>
55 #include <wtf/Threading.h>
56 #include <wtf/text/CString.h>
57
58 // FIXME: Remove this declaration once it's in WebKitSupportLibrary.
59 extern "C" {
60 __declspec(dllimport) CFURLConnectionRef CFURLConnectionCreateWithProperties(
61   CFAllocatorRef           alloc,
62   CFURLRequestRef          request,
63   CFURLConnectionClient *  client,
64   CFDictionaryRef properties);
65 }
66
67 namespace WebCore {
68
69 static CFStringRef WebCoreSynchronousLoaderRunLoopMode = CFSTR("WebCoreSynchronousLoaderRunLoopMode");
70
71 class WebCoreSynchronousLoaderClient : public ResourceHandleClient {
72 public:
73     static PassOwnPtr<WebCoreSynchronousLoaderClient> create(ResourceResponse& response, ResourceError& error)
74     {
75         return adoptPtr(new WebCoreSynchronousLoaderClient(response, error));
76     }
77
78     void setAllowStoredCredentials(bool allow) { m_allowStoredCredentials = allow; }
79     bool isDone() { return m_isDone; }
80
81     CFMutableDataRef data() { return m_data.get(); }
82
83 private:
84     WebCoreSynchronousLoaderClient(ResourceResponse& response, ResourceError& error)
85         : m_allowStoredCredentials(false)
86         , m_response(response)
87         , m_error(error)
88         , m_isDone(false)
89     {
90     }
91
92     virtual void willSendRequest(ResourceHandle*, ResourceRequest&, const ResourceResponse& /*redirectResponse*/);
93     virtual bool shouldUseCredentialStorage(ResourceHandle*);
94     virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge&);
95     virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse&);
96     virtual void didReceiveData(ResourceHandle*, const char*, int, int /*lengthReceived*/);
97     virtual void didFinishLoading(ResourceHandle*, double /*finishTime*/);
98     virtual void didFail(ResourceHandle*, const ResourceError&);
99
100     bool m_allowStoredCredentials;
101     ResourceResponse& m_response;
102     RetainPtr<CFMutableDataRef> m_data;
103     ResourceError& m_error;
104     bool m_isDone;
105 };
106
107 static HashSet<String>& allowsAnyHTTPSCertificateHosts()
108 {
109     static HashSet<String> hosts;
110
111     return hosts;
112 }
113
114 static HashMap<String, RetainPtr<CFDataRef> >& clientCerts()
115 {
116     static HashMap<String, RetainPtr<CFDataRef> > certs;
117     return certs;
118 }
119
120 static void setDefaultMIMEType(CFURLResponseRef response)
121 {
122     static CFStringRef defaultMIMETypeString = defaultMIMEType().createCFString();
123     
124     CFURLResponseSetMIMEType(response, defaultMIMETypeString);
125 }
126
127 static String encodeBasicAuthorization(const String& user, const String& password)
128 {
129     return base64Encode((user + ":" + password).utf8());
130 }
131
132 CFURLRequestRef willSendRequest(CFURLConnectionRef conn, CFURLRequestRef cfRequest, CFURLResponseRef cfRedirectResponse, const void* clientInfo)
133 {
134     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
135
136     if (!cfRedirectResponse) {
137         CFRetain(cfRequest);
138         return cfRequest;
139     }
140
141     LOG(Network, "CFNet - willSendRequest(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
142
143     ResourceRequest request;
144     if (cfRedirectResponse) {
145         CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(cfRedirectResponse);
146         if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
147             RetainPtr<CFStringRef> lastHTTPMethod(AdoptCF, handle->lastHTTPMethod().createCFString());
148             RetainPtr<CFStringRef> newMethod(AdoptCF, CFURLRequestCopyHTTPRequestMethod(cfRequest));
149             if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
150                 RetainPtr<CFMutableURLRequestRef> mutableRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfRequest));
151                 CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
152
153                 FormData* body = handle->firstRequest().httpBody();
154                 if (!equalIgnoringCase(handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
155                     WebCore::setHTTPBody(mutableRequest.get(), body);
156
157                 String originalContentType = handle->firstRequest().httpContentType();
158                 RetainPtr<CFStringRef> originalContentTypeCF(AdoptCF, originalContentType.createCFString());
159                 if (!originalContentType.isEmpty())
160                     CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentTypeCF.get());
161
162                 request = mutableRequest.get();
163             }
164         }
165     }
166     if (request.isNull())
167         request = cfRequest;
168
169     // Should not set Referer after a redirect from a secure resource to non-secure one.
170     if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https"))
171         request.clearHTTPReferrer();
172
173     handle->willSendRequest(request, cfRedirectResponse);
174
175     if (request.isNull())
176         return 0;
177
178     cfRequest = request.cfURLRequest();
179
180     CFRetain(cfRequest);
181     return cfRequest;
182 }
183
184 void didReceiveResponse(CFURLConnectionRef conn, CFURLResponseRef cfResponse, const void* clientInfo) 
185 {
186     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
187
188     LOG(Network, "CFNet - didReceiveResponse(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
189
190     if (!handle->client())
191         return;
192
193     if (!CFURLResponseGetMIMEType(cfResponse)) {
194         // We should never be applying the default MIMEType if we told the networking layer to do content sniffing for handle.
195         ASSERT(!handle->shouldContentSniff());
196         setDefaultMIMEType(cfResponse);
197     }
198     
199     handle->client()->didReceiveResponse(handle, cfResponse);
200 }
201
202 void didReceiveData(CFURLConnectionRef conn, CFDataRef data, CFIndex originalLength, const void* clientInfo) 
203 {
204     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
205     const UInt8* bytes = CFDataGetBytePtr(data);
206     CFIndex length = CFDataGetLength(data);
207
208     LOG(Network, "CFNet - didReceiveData(conn=%p, handle=%p, bytes=%d) (%s)", conn, handle, length, handle->firstRequest().url().string().utf8().data());
209
210     if (handle->client())
211         handle->client()->didReceiveData(handle, (const char*)bytes, length, originalLength);
212 }
213
214 static void didSendBodyData(CFURLConnectionRef conn, CFIndex bytesWritten, CFIndex totalBytesWritten, CFIndex totalBytesExpectedToWrite, const void *clientInfo)
215 {
216     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
217     if (!handle || !handle->client())
218         return;
219     handle->client()->didSendData(handle, totalBytesWritten, totalBytesExpectedToWrite);
220 }
221
222 static Boolean shouldUseCredentialStorageCallback(CFURLConnectionRef conn, const void* clientInfo)
223 {
224     ResourceHandle* handle = const_cast<ResourceHandle*>(static_cast<const ResourceHandle*>(clientInfo));
225
226     LOG(Network, "CFNet - shouldUseCredentialStorage(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
227
228     if (!handle)
229         return false;
230
231     return handle->shouldUseCredentialStorage();
232 }
233
234 void didFinishLoading(CFURLConnectionRef conn, const void* clientInfo) 
235 {
236     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
237
238     LOG(Network, "CFNet - didFinishLoading(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
239
240     if (handle->client())
241         handle->client()->didFinishLoading(handle, 0);
242 }
243
244 void didFail(CFURLConnectionRef conn, CFErrorRef error, const void* clientInfo) 
245 {
246     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
247
248     LOG(Network, "CFNet - didFail(conn=%p, handle=%p, error = %p) (%s)", conn, handle, error, handle->firstRequest().url().string().utf8().data());
249
250     if (handle->client())
251         handle->client()->didFail(handle, ResourceError(error));
252 }
253
254 CFCachedURLResponseRef willCacheResponse(CFURLConnectionRef conn, CFCachedURLResponseRef cachedResponse, const void* clientInfo) 
255 {
256     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
257
258     if (handle->client() && !handle->client()->shouldCacheResponse(handle, cachedResponse))
259         return 0;
260
261     CacheStoragePolicy policy = static_cast<CacheStoragePolicy>(CFCachedURLResponseGetStoragePolicy(cachedResponse));
262
263     if (handle->client())
264         handle->client()->willCacheResponse(handle, policy);
265
266     if (static_cast<CFURLCacheStoragePolicy>(policy) != CFCachedURLResponseGetStoragePolicy(cachedResponse))
267         cachedResponse = CFCachedURLResponseCreateWithUserInfo(kCFAllocatorDefault, 
268                                                                CFCachedURLResponseGetWrappedResponse(cachedResponse),
269                                                                CFCachedURLResponseGetReceiverData(cachedResponse),
270                                                                CFCachedURLResponseGetUserInfo(cachedResponse), 
271                                                                static_cast<CFURLCacheStoragePolicy>(policy));
272     CFRetain(cachedResponse);
273
274     return cachedResponse;
275 }
276
277 void didReceiveChallenge(CFURLConnectionRef conn, CFURLAuthChallengeRef challenge, const void* clientInfo)
278 {
279     ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
280     ASSERT(handle);
281     LOG(Network, "CFNet - didReceiveChallenge(conn=%p, handle=%p (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
282
283     handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(challenge, handle));
284 }
285
286 void addHeadersFromHashMap(CFMutableURLRequestRef request, const HTTPHeaderMap& requestHeaders) 
287 {
288     if (!requestHeaders.size())
289         return;
290
291     HTTPHeaderMap::const_iterator end = requestHeaders.end();
292     for (HTTPHeaderMap::const_iterator it = requestHeaders.begin(); it != end; ++it) {
293         CFStringRef key = it->first.createCFString();
294         CFStringRef value = it->second.createCFString();
295         CFURLRequestSetHTTPHeaderFieldValue(request, key, value);
296         CFRelease(key);
297         CFRelease(value);
298     }
299 }
300
301 ResourceHandleInternal::~ResourceHandleInternal()
302 {
303     if (m_connection) {
304         LOG(Network, "CFNet - Cancelling connection %p (%s)", m_connection, m_firstRequest.url().string().utf8().data());
305         CFURLConnectionCancel(m_connection.get());
306     }
307 }
308
309 ResourceHandle::~ResourceHandle()
310 {
311     LOG(Network, "CFNet - Destroying job %p (%s)", this, d->m_firstRequest.url().string().utf8().data());
312 }
313
314 CFArrayRef arrayFromFormData(const FormData& d)
315 {
316     size_t size = d.elements().size();
317     CFMutableArrayRef a = CFArrayCreateMutable(0, d.elements().size(), &kCFTypeArrayCallBacks);
318     for (size_t i = 0; i < size; ++i) {
319         const FormDataElement& e = d.elements()[i];
320         if (e.m_type == FormDataElement::data) {
321             CFDataRef data = CFDataCreate(0, (const UInt8*)e.m_data.data(), e.m_data.size());
322             CFArrayAppendValue(a, data);
323             CFRelease(data);
324         } else {
325             ASSERT(e.m_type == FormDataElement::encodedFile);
326             CFStringRef filename = e.m_filename.createCFString();
327             CFArrayAppendValue(a, filename);
328             CFRelease(filename);
329         }
330     }
331     return a;
332 }
333
334 static CFURLRequestRef makeFinalRequest(const ResourceRequest& request, bool shouldContentSniff)
335 {
336     CFMutableURLRequestRef newRequest = CFURLRequestCreateMutableCopy(kCFAllocatorDefault, request.cfURLRequest());
337
338     if (CFURLStorageSessionRef storageSession = ResourceHandle::privateBrowsingStorageSession())
339         wkSetRequestStorageSession(storageSession, newRequest);
340     
341     if (!shouldContentSniff)
342         wkSetCFURLRequestShouldContentSniff(newRequest, false);
343
344     RetainPtr<CFMutableDictionaryRef> sslProps;
345
346     if (allowsAnyHTTPSCertificateHosts().contains(request.url().host().lower())) {
347         sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
348         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
349         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
350         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
351         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
352     }
353
354     HashMap<String, RetainPtr<CFDataRef> >::iterator clientCert = clientCerts().find(request.url().host().lower());
355     if (clientCert != clientCerts().end()) {
356         if (!sslProps)
357             sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
358         wkSetClientCertificateInSSLProperties(sslProps.get(), (clientCert->second).get());
359     }
360
361     if (sslProps)
362         CFURLRequestSetSSLProperties(newRequest, sslProps.get());
363
364     if (CFHTTPCookieStorageRef cookieStorage = currentCookieStorage()) {
365         CFURLRequestSetHTTPCookieStorage(newRequest, cookieStorage);
366         CFHTTPCookieStorageAcceptPolicy policy = CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage);
367         CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, policy);
368
369         // If a URL already has cookies, then we'll relax the 3rd party cookie policy and accept new cookies.
370         if (policy == CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain) {
371             CFURLRef url = CFURLRequestGetURL(newRequest);
372             RetainPtr<CFArrayRef> cookies(AdoptCF, CFHTTPCookieStorageCopyCookiesForURL(cookieStorage, url, false));
373             if (CFArrayGetCount(cookies.get()))
374                 CFURLRequestSetMainDocumentURL(newRequest, url);
375         }
376     }
377
378     return newRequest;
379 }
380
381 static CFDictionaryRef createConnectionProperties(bool shouldUseCredentialStorage)
382 {
383     static const CFStringRef webKitPrivateSessionCF = CFSTR("WebKitPrivateSession");
384     static const CFStringRef _kCFURLConnectionSessionID = CFSTR("_kCFURLConnectionSessionID");
385     static const CFStringRef kCFURLConnectionSocketStreamProperties = CFSTR("kCFURLConnectionSocketStreamProperties");
386
387     CFDictionaryRef sessionID = shouldUseCredentialStorage ?
388         CFDictionaryCreate(0, 0, 0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) :
389         CFDictionaryCreate(0, (const void**)&_kCFURLConnectionSessionID, (const void**)&webKitPrivateSessionCF, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
390
391     CFDictionaryRef propertiesDictionary = CFDictionaryCreate(0, (const void**)&kCFURLConnectionSocketStreamProperties, (const void**)&sessionID, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
392
393     CFRelease(sessionID);
394     return propertiesDictionary;
395 }
396
397 void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff)
398 {
399     if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolInHTTPFamily()) {
400         // Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
401         KURL urlWithCredentials(firstRequest().url());
402         urlWithCredentials.setUser(d->m_user);
403         urlWithCredentials.setPass(d->m_pass);
404         firstRequest().setURL(urlWithCredentials);
405     }
406
407     // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication, 
408     // try and reuse the credential preemptively, as allowed by RFC 2617.
409     if (shouldUseCredentialStorage && firstRequest().url().protocolInHTTPFamily()) {
410         if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
411             // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication, 
412             // try and reuse the credential preemptively, as allowed by RFC 2617.
413             d->m_initialCredential = CredentialStorage::get(firstRequest().url());
414         } else {
415             // If there is already a protection space known for the URL, update stored credentials before sending a request.
416             // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
417             // (so that an authentication dialog doesn't pop up).
418             CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
419         }
420     }
421         
422     if (!d->m_initialCredential.isEmpty()) {
423         String authHeader = "Basic " + encodeBasicAuthorization(d->m_initialCredential.user(), d->m_initialCredential.password());
424         firstRequest().addHTTPHeaderField("Authorization", authHeader);
425     }
426
427     RetainPtr<CFURLRequestRef> request(AdoptCF, makeFinalRequest(firstRequest(), shouldContentSniff));
428
429     CFURLConnectionClient_V3 client = { 3, this, 0, 0, 0, WebCore::willSendRequest, didReceiveResponse, didReceiveData, 0, didFinishLoading, didFail, willCacheResponse, didReceiveChallenge, didSendBodyData, shouldUseCredentialStorageCallback, 0};
430     RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(shouldUseCredentialStorage));
431
432     d->m_connection.adoptCF(CFURLConnectionCreateWithProperties(0, request.get(), reinterpret_cast<CFURLConnectionClient*>(&client), connectionProperties.get()));
433 }
434
435 bool ResourceHandle::start(NetworkingContext* context)
436 {
437     if (!context)
438         return false;
439
440     // If NetworkingContext is invalid then we are no longer attached to a Page,
441     // this must be an attempted load from an unload handler, so let's just block it.
442     if (!context->isValid())
443         return false;
444
445     bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this);
446
447     createCFURLConnection(shouldUseCredentialStorage, d->m_shouldContentSniff);
448
449     CFURLConnectionScheduleWithCurrentMessageQueue(d->m_connection.get());
450     CFURLConnectionScheduleDownloadWithRunLoop(d->m_connection.get(), loaderRunLoop(), kCFRunLoopDefaultMode);
451     CFURLConnectionStart(d->m_connection.get());
452
453     LOG(Network, "CFNet - Starting URL %s (handle=%p, conn=%p)", firstRequest().url().string().utf8().data(), this, d->m_connection);
454
455     return true;
456 }
457
458 void ResourceHandle::cancel()
459 {
460     if (d->m_connection) {
461         CFURLConnectionCancel(d->m_connection.get());
462         d->m_connection = 0;
463     }
464 }
465
466 PassRefPtr<SharedBuffer> ResourceHandle::bufferedData()
467 {
468     ASSERT_NOT_REACHED();
469     return 0;
470 }
471
472 bool ResourceHandle::supportsBufferedData()
473 {
474     return false;
475 }
476
477 void ResourceHandle::willSendRequest(ResourceRequest& request, const ResourceResponse& redirectResponse)
478 {
479     const KURL& url = request.url();
480     d->m_user = url.user();
481     d->m_pass = url.pass();
482     d->m_lastHTTPMethod = request.httpMethod();
483     request.removeCredentials();
484     if (!protocolHostAndPortAreEqual(request.url(), redirectResponse.url()))
485         request.clearHTTPAuthorization();
486
487     if (CFURLStorageSessionRef storageSession = privateBrowsingStorageSession())
488         request.setStorageSession(storageSession);
489
490     client()->willSendRequest(this, request, redirectResponse);
491 }
492
493 bool ResourceHandle::shouldUseCredentialStorage()
494 {
495     LOG(Network, "CFNet - shouldUseCredentialStorage()");
496     if (client())
497         return client()->shouldUseCredentialStorage(this);
498
499     return false;
500 }
501
502 void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
503 {
504     LOG(Network, "CFNet - didReceiveAuthenticationChallenge()");
505     ASSERT(d->m_currentWebChallenge.isNull());
506     // Since CFURLConnection networking relies on keeping a reference to the original CFURLAuthChallengeRef,
507     // we make sure that is actually present
508     ASSERT(challenge.cfURLAuthChallengeRef());
509     ASSERT(challenge.authenticationClient() == this); // Should be already set.
510
511     if (!d->m_user.isNull() && !d->m_pass.isNull()) {
512         RetainPtr<CFStringRef> user(AdoptCF, d->m_user.createCFString());
513         RetainPtr<CFStringRef> pass(AdoptCF, d->m_pass.createCFString());
514         RetainPtr<CFURLCredentialRef> credential(AdoptCF,
515             CFURLCredentialCreate(kCFAllocatorDefault, user.get(), pass.get(), 0, kCFURLCredentialPersistenceNone));
516         
517         KURL urlToStore;
518         if (challenge.failureResponse().httpStatusCode() == 401)
519             urlToStore = firstRequest().url();
520         CredentialStorage::set(core(credential.get()), challenge.protectionSpace(), urlToStore);
521         
522         CFURLConnectionUseCredential(d->m_connection.get(), credential.get(), challenge.cfURLAuthChallengeRef());
523         d->m_user = String();
524         d->m_pass = String();
525         // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly.
526         return;
527     }
528
529     if (!client() || client()->shouldUseCredentialStorage(this)) {
530         if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) {
531             // The stored credential wasn't accepted, stop using it.
532             // There is a race condition here, since a different credential might have already been stored by another ResourceHandle,
533             // but the observable effect should be very minor, if any.
534             CredentialStorage::remove(challenge.protectionSpace());
535         }
536
537         if (!challenge.previousFailureCount()) {
538             Credential credential = CredentialStorage::get(challenge.protectionSpace());
539             if (!credential.isEmpty() && credential != d->m_initialCredential) {
540                 ASSERT(credential.persistence() == CredentialPersistenceNone);
541                 if (challenge.failureResponse().httpStatusCode() == 401) {
542                     // Store the credential back, possibly adding it as a default for this directory.
543                     CredentialStorage::set(credential, challenge.protectionSpace(), firstRequest().url());
544                 }
545                 RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
546                 CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
547                 return;
548             }
549         }
550     }
551
552     d->m_currentWebChallenge = challenge;
553     
554     if (client())
555         client()->didReceiveAuthenticationChallenge(this, d->m_currentWebChallenge);
556 }
557
558 void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential)
559 {
560     LOG(Network, "CFNet - receivedCredential()");
561     ASSERT(!challenge.isNull());
562     ASSERT(challenge.cfURLAuthChallengeRef());
563     if (challenge != d->m_currentWebChallenge)
564         return;
565
566     // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map.
567     if (credential.isEmpty()) {
568         receivedRequestToContinueWithoutCredential(challenge);
569         return;
570     }
571
572     if (credential.persistence() == CredentialPersistenceForSession) {
573         // Manage per-session credentials internally, because once NSURLCredentialPersistencePerSession is used, there is no way
574         // to ignore it for a particular request (short of removing it altogether).
575         Credential webCredential(credential.user(), credential.password(), CredentialPersistenceNone);
576         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(webCredential));
577         
578         KURL urlToStore;
579         if (challenge.failureResponse().httpStatusCode() == 401)
580             urlToStore = firstRequest().url();      
581         CredentialStorage::set(webCredential, challenge.protectionSpace(), urlToStore);
582
583         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
584     } else {
585         RetainPtr<CFURLCredentialRef> cfCredential(AdoptCF, createCF(credential));
586         CFURLConnectionUseCredential(d->m_connection.get(), cfCredential.get(), challenge.cfURLAuthChallengeRef());
587     }
588
589     clearAuthentication();
590 }
591
592 void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge)
593 {
594     LOG(Network, "CFNet - receivedRequestToContinueWithoutCredential()");
595     ASSERT(!challenge.isNull());
596     ASSERT(challenge.cfURLAuthChallengeRef());
597     if (challenge != d->m_currentWebChallenge)
598         return;
599
600     CFURLConnectionUseCredential(d->m_connection.get(), 0, challenge.cfURLAuthChallengeRef());
601
602     clearAuthentication();
603 }
604
605 void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge)
606 {
607     LOG(Network, "CFNet - receivedCancellation()");
608     if (challenge != d->m_currentWebChallenge)
609         return;
610
611     if (client())
612         client()->receivedCancellation(this, challenge);
613 }
614
615 CFURLConnectionRef ResourceHandle::connection() const
616 {
617     return d->m_connection.get();
618 }
619
620 CFURLConnectionRef ResourceHandle::releaseConnectionForDownload()
621 {
622     LOG(Network, "CFNet - Job %p releasing connection %p for download", this, d->m_connection.get());
623     return d->m_connection.releaseRef();
624 }
625
626 void ResourceHandle::loadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials storedCredentials, ResourceError& error, ResourceResponse& response, Vector<char>& vector)
627 {
628     LOG(Network, "ResourceHandle::loadResourceSynchronously:%s allowStoredCredentials:%u", request.url().string().utf8().data(), storedCredentials);
629
630     ASSERT(!request.isEmpty());
631
632     ASSERT(response.isNull());
633     ASSERT(error.isNull());
634
635     OwnPtr<WebCoreSynchronousLoaderClient> client = WebCoreSynchronousLoaderClient::create(response, error);
636     client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials);
637
638     RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));
639
640     if (context && handle->d->m_scheduledFailureType != NoFailure) {
641         error = context->blockedError(request);
642         return;
643     }
644
645     RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(storedCredentials == AllowStoredCredentials));
646
647     handle->createCFURLConnection(storedCredentials == AllowStoredCredentials, ResourceHandle::shouldContentSniffURL(request.url()));
648
649     CFURLConnectionScheduleWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), WebCoreSynchronousLoaderRunLoopMode);
650     CFURLConnectionScheduleDownloadWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), WebCoreSynchronousLoaderRunLoopMode);
651     CFURLConnectionStart(handle->connection());
652
653     while (!client->isDone())
654         CFRunLoopRunInMode(WebCoreSynchronousLoaderRunLoopMode, UINT_MAX, true);
655
656     CFURLConnectionCancel(handle->connection());
657     
658     if (error.isNull() && response.mimeType().isNull())
659         setDefaultMIMEType(response.cfURLResponse());
660
661     RetainPtr<CFDataRef> data = client->data();
662     
663     if (!error.isNull()) {
664         response = ResourceResponse(request.url(), String(), 0, String(), String());
665
666         CFErrorRef cfError = error;
667         CFStringRef domain = CFErrorGetDomain(cfError);
668         // FIXME: Return the actual response for failed authentication.
669         if (domain == kCFErrorDomainCFNetwork)
670             response.setHTTPStatusCode(CFErrorGetCode(cfError));
671         else
672             response.setHTTPStatusCode(404);
673     }
674
675     if (data) {
676         ASSERT(vector.isEmpty());
677         vector.append(CFDataGetBytePtr(data.get()), CFDataGetLength(data.get()));
678     }
679 }
680
681 void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host)
682 {
683     allowsAnyHTTPSCertificateHosts().add(host.lower());
684 }
685
686 void ResourceHandle::setClientCertificate(const String& host, CFDataRef cert)
687 {
688     clientCerts().set(host.lower(), cert);
689 }
690
691 void ResourceHandle::platformSetDefersLoading(bool defers)
692 {
693     if (!d->m_connection)
694         return;
695
696     if (defers)
697         CFURLConnectionHalt(d->m_connection.get());
698     else
699         CFURLConnectionResume(d->m_connection.get());
700 }
701
702 bool ResourceHandle::loadsBlocked()
703 {
704     return false;
705 }
706
707 bool ResourceHandle::willLoadFromCache(ResourceRequest& request, Frame* frame)
708 {
709     request.setCachePolicy(ReturnCacheDataDontLoad);
710     
711     CFURLResponseRef cfResponse = 0;
712     CFErrorRef cfError = 0;
713     RetainPtr<CFURLRequestRef> cfRequest(AdoptCF, makeFinalRequest(request, true));
714     RetainPtr<CFDataRef> data(AdoptCF, CFURLConnectionSendSynchronousRequest(cfRequest.get(), &cfResponse, &cfError, request.timeoutInterval()));
715     bool cached = cfResponse && !cfError;
716
717     if (cfError)
718         CFRelease(cfError);
719     if (cfResponse)
720         CFRelease(cfResponse);
721
722     return cached;
723 }
724
725 RetainPtr<CFURLStorageSessionRef> ResourceHandle::createPrivateBrowsingStorageSession(CFStringRef identifier)
726 {
727     return RetainPtr<CFURLStorageSessionRef>(AdoptCF, wkCreatePrivateStorageSession(identifier));
728 }
729
730 String ResourceHandle::privateBrowsingStorageSessionIdentifierDefaultBase()
731 {
732     return String(reinterpret_cast<CFStringRef>(CFBundleGetValueForInfoDictionaryKey(CFBundleGetMainBundle(), kCFBundleIdentifierKey)));
733 }
734
735 void WebCoreSynchronousLoaderClient::willSendRequest(ResourceHandle* handle, ResourceRequest& request, const ResourceResponse& /*redirectResponse*/)
736 {
737     // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests.
738     if (!protocolHostAndPortAreEqual(handle->firstRequest().url(), request.url())) {
739         ASSERT(!m_error);
740         RetainPtr<CFErrorRef> cfError(AdoptCF, CFErrorCreate(kCFAllocatorDefault, kCFErrorDomainCFNetwork, kCFURLErrorBadServerResponse, 0));
741         m_error = cfError.get();
742         m_isDone = true;
743         request = 0;
744         return;
745     }
746 }
747 void WebCoreSynchronousLoaderClient::didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
748 {
749     m_response = response;
750 }
751
752 void WebCoreSynchronousLoaderClient::didReceiveData(ResourceHandle*, const char* data, int length, int /*lengthReceived*/)
753 {
754     if (!m_data)
755         m_data.adoptCF(CFDataCreateMutable(kCFAllocatorDefault, 0));
756     CFDataAppendBytes(m_data.get(), reinterpret_cast<const UInt8*>(data), length);
757 }
758
759 void WebCoreSynchronousLoaderClient::didFinishLoading(ResourceHandle*, double)
760 {
761     m_isDone = true;
762 }
763
764 void WebCoreSynchronousLoaderClient::didFail(ResourceHandle*, const ResourceError& error)
765 {
766     m_error = error;
767     m_isDone = true;
768 }
769
770 void WebCoreSynchronousLoaderClient::didReceiveAuthenticationChallenge(ResourceHandle* handle, const AuthenticationChallenge& challenge)
771 {
772     // FIXME: The user should be asked for credentials, as in async case.
773     CFURLConnectionUseCredential(handle->connection(), 0, challenge.cfURLAuthChallengeRef());
774 }
775
776 bool WebCoreSynchronousLoaderClient::shouldUseCredentialStorage(ResourceHandle*)
777 {
778     // FIXME: We should ask FrameLoaderClient whether using credential storage is globally forbidden.
779     return m_allowStoredCredentials;
780 }
781
782 } // namespace WebCore
783
784 #endif // USE(CFNETWORK)