Reviewed by Adele
authorbeidson@apple.com <beidson@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 18 Dec 2007 18:19:13 +0000 (18:19 +0000)
committerbeidson@apple.com <beidson@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 18 Dec 2007 18:19:13 +0000 (18:19 +0000)
        <rdar://problem/5525770> REGRESSION: HTTP Auth protected favicon request results in a password sheet

        Some http-auth protected sites have the main resource(s) unprotected, but many subresources are
        protected by authentication.  Occasionally one can view the main page of a site but the favicon
        is behind the iron curtain - in these cases, we should *not* prompt for a username and password
        solely for the favicon.

        * loader/ResourceLoader.h: Make didReceiveAuthenticationChallenge virtual

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveAuthenticationChallenge): Now that this method
          is virtual from ResourceLoader, SubresourceLoader can override.  First call to the
          SubresourceLoaderClient.  If they cancel the resource load, return early. Otherwise, let
          ResourceLoader work its magic (resulting in the auth sheet coming down)
        * loader/SubresourceLoader.h:

        * loader/SubresourceLoaderClient.h:
        (WebCore::SubresourceLoaderClient::didReceiveAuthenticationChallenge):

        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::didReceiveAuthenticationChallenge): Cancel the resource load, since we should
          never prompt the user for credentials just for a favicon.
        * loader/icon/IconLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@28830 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebCore/ChangeLog
WebCore/loader/ResourceLoader.h
WebCore/loader/SubresourceLoader.cpp
WebCore/loader/SubresourceLoader.h
WebCore/loader/SubresourceLoaderClient.h
WebCore/loader/icon/IconLoader.cpp
WebCore/loader/icon/IconLoader.h

index 36eb3907a409c3b9c49c6f99ba0b9ca714cdfdfe..2d0fd19b11cb533588d592bc16d607ae1929f373 100644 (file)
@@ -1,3 +1,31 @@
+2007-12-18  Brady Eidson <beidson@apple.com>
+
+        Reviewed by Adele
+
+        <rdar://problem/5525770> REGRESSION: HTTP Auth protected favicon request results in a password sheet
+
+        Some http-auth protected sites have the main resource(s) unprotected, but many subresources are
+        protected by authentication.  Occasionally one can view the main page of a site but the favicon
+        is behind the iron curtain - in these cases, we should *not* prompt for a username and password
+        solely for the favicon.
+
+        * loader/ResourceLoader.h: Make didReceiveAuthenticationChallenge virtual
+
+        * loader/SubresourceLoader.cpp:
+        (WebCore::SubresourceLoader::didReceiveAuthenticationChallenge): Now that this method
+          is virtual from ResourceLoader, SubresourceLoader can override.  First call to the 
+          SubresourceLoaderClient.  If they cancel the resource load, return early. Otherwise, let
+          ResourceLoader work its magic (resulting in the auth sheet coming down)
+        * loader/SubresourceLoader.h:
+
+        * loader/SubresourceLoaderClient.h:
+        (WebCore::SubresourceLoaderClient::didReceiveAuthenticationChallenge):
+
+        * loader/icon/IconLoader.cpp:
+        (WebCore::IconLoader::didReceiveAuthenticationChallenge): Cancel the resource load, since we should
+          never prompt the user for credentials just for a favicon.
+        * loader/icon/IconLoader.h:
+
 2007-12-18  John Sullivan  <sullivan@apple.com>
 
         Reviewed by Brady
index 02f4c6934867a0af4dac6718340a8315e78579c0..87cd239b529a59b844ca2979c36f05401715a5ca 100644 (file)
@@ -82,7 +82,7 @@ namespace WebCore {
         virtual void didFail(const ResourceError&);
         virtual void wasBlocked();
 
-        void didReceiveAuthenticationChallenge(const AuthenticationChallenge&);
+        virtual void didReceiveAuthenticationChallenge(const AuthenticationChallenge&);
         void didCancelAuthenticationChallenge(const AuthenticationChallenge&);
         virtual void receivedCancellation(const AuthenticationChallenge&);
 
index 5ba666013ccd9e789ea8b652ec73ff00922e136a..d3956497eb0805dcfdaf666c05346d2988c9cf4b 100644 (file)
@@ -236,6 +236,21 @@ void SubresourceLoader::didCancel(const ResourceError& error)
     ResourceLoader::didCancel(error);
 }
 
+void SubresourceLoader::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge)
+{
+    RefPtr<SubresourceLoader> protect(this);
+
+    if (m_client)
+        m_client->didReceiveAuthenticationChallenge(this, challenge);
+    
+    // The SubResourceLoaderClient may have cancelled this ResourceLoader in response to the challenge.  
+    // If that's the case, don't call didReceiveAuthenticationChallenge
+    if (reachedTerminalState())
+        return;
+        
+    ResourceLoader::didReceiveAuthenticationChallenge(challenge);
+}
+
 void SubresourceLoader::receivedCancellation(const AuthenticationChallenge& challenge)
 {
     ASSERT(!reachedTerminalState());
index bca910e27f1cea44d61d0d7985586047ec350c7a..1811c30b5e026c198d3d5206fde67e8e3b3d60c6 100644 (file)
@@ -60,6 +60,7 @@ namespace WebCore {
         virtual void didReceiveData(const char*, int, long long lengthReceived, bool allAtOnce);
         virtual void didFinishLoading();
         virtual void didFail(const ResourceError&);
+        virtual void didReceiveAuthenticationChallenge(const AuthenticationChallenge&);
         virtual void receivedCancellation(const AuthenticationChallenge&);
 
     private:
index 1b00f212b0f2083230de3f3d267ba6a98fb4c208..8abe1694551f7d91638ec4c073136a5c74ab7946 100644 (file)
@@ -49,6 +49,7 @@ public:
     virtual void didFinishLoading(SubresourceLoader*) { }
     virtual void didFail(SubresourceLoader*, const ResourceError&) { }
     
+    virtual void didReceiveAuthenticationChallenge(SubresourceLoader*, const AuthenticationChallenge&) { }
     virtual void receivedCancellation(SubresourceLoader*, const AuthenticationChallenge&) { }
 
 };
index 2d333f42ca5d9c464cc51f9c6166b738d18d7b26..4337f51aa21d38e6c45fcad7bb4c151d142a69e6 100644 (file)
@@ -121,6 +121,13 @@ void IconLoader::didFail(SubresourceLoader* resourceLoader, const ResourceError&
     }
 }
 
+void IconLoader::didReceiveAuthenticationChallenge(SubresourceLoader* resourceLoader, const AuthenticationChallenge& challenge)
+{
+    // We don't ever want to prompt for authentication just for a site icon, so
+    // implement this method to cancel the resource load
+    m_resourceLoader->cancel();
+}
+
 void IconLoader::didFinishLoading(SubresourceLoader* resourceLoader)
 {
     LOG(IconDatabase, "IconLoader::didFinishLoading() - Loader %p", resourceLoader);
index 7ea92d8d527b4655bab0059df77112a14986d46f..aba70b43bbdea2d5fa6bb27c78c9da83931ca3c5 100644 (file)
@@ -53,6 +53,8 @@ private:
     virtual void didFinishLoading(SubresourceLoader*);
     virtual void didFail(SubresourceLoader*, const ResourceError&);
 
+    virtual void didReceiveAuthenticationChallenge(SubresourceLoader*, const AuthenticationChallenge&);
+    
     void finishLoading(const KURL&, PassRefPtr<SharedBuffer> data);
     void clearLoadingState();