Safari 4 cannot be used to update firmware on Linksys routers.
<rdar://problem/7174050> and https://bugs.webkit.org/show_bug.cgi?id=29160
Reviewed by Alexey Proskuryakov.
WebCore:
In http://trac.webkit.org/changeset/42483, we disabled CFNetwork's session credential storage and
implemented our own in WebCore.
One feature we lost is that CFNetwork would automatically send previously authenticated credentials
with new connections when the paths match, as allowed by RFC 2617 for HTTP Basic and Digest Authentication.
Even though it's optional for User Agents to do this, (some?) Linksys routers rely on this behavior for
HTTP Basic Authentication. So now WebCore's CredentialStorage will track URL paths for Basic credentials.
We're not making this enhancement for Digest at this time, since we don't know of anything that broke
due to the change in Digest behavior.
Test: http/tests/loading/basic-credentials-sent-automatically.html
http/tests/loading/basic-auth-resend-wrong-credentials.html
* WebCore.base.exp:
* WebCore.vcproj/WebCore.vcproj:
* WebCore.xcodeproj/project.pbxproj:
* platform/network/Credential.cpp:
(WebCore::Credential::isEmpty):
* platform/network/Credential.h:
Add a slightly more full featured CredentialStore that will track URL paths a credential belongs to:
* platform/network/CredentialStorage.cpp: Added.
(WebCore::protectionSpaceToCredentialMap):
(WebCore::originToDefaultCredentialMap):
(WebCore::originStringFromURL):
(WebCore::CredentialStorage::set):
(WebCore::CredentialStorage::get):
(WebCore::CredentialStorage::getDefaultAuthenticationCredential):
* platform/network/CredentialStorage.h: Added.
Allow ProtectionSpace to be a hash key:
* platform/network/ProtectionSpace.cpp:
(WebCore::ProtectionSpace::ProtectionSpace):
* platform/network/ProtectionSpace.h:
(WebCore::ProtectionSpace::ProtectionSpace):
(WebCore::ProtectionSpace::isHashTableDeletedValue):
* platform/network/ProtectionSpaceHash.h: Added.
(WebCore::ProtectionSpaceHash::hash):
(WebCore::ProtectionSpaceHash::equal):
Allow ResourceHandles to remember the initial credential they used:
* platform/network/ResourceHandleInternal.h:
Allow mutable ResourceRequests to update their platform object if HTTP header fields change:
* platform/network/ResourceRequestBase.cpp:
(WebCore::ResourceRequestBase::addHTTPHeaderField):
Remove WebCoreCredentialStorage:
* platform/network/cf/AuthenticationCF.cpp:
* platform/network/cf/AuthenticationCF.h:
* platform/network/mac/AuthenticationMac.h:
* platform/network/mac/AuthenticationMac.mm:
Change ResourceHandleCFNet to try to use stored credentials on new connections, if appropriate:
* platform/network/cf/ResourceHandleCFNet.cpp:
(WebCore::ResourceHandle::start):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Only try the ProtectionSpace key'ed
Credential if it does not match the initially used Credential.
(WebCore::ResourceHandle::receivedCredential):
(WebCore::WebCoreSynchronousLoader::didReceiveChallenge): Only try the ProtectionSpace key'ed
Credential if it does not match the initially used Credential.
(WebCore::WebCoreSynchronousLoader::load):
Change ResourceHandleMac to try to use stored credentials on new connections, if appropriate:
* platform/network/mac/ResourceHandleMac.mm:
(WebCore::ResourceHandle::start):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Only try the ProtectionSpace key'ed
Credential if it does not match the initially used Credential.
(WebCore::ResourceHandle::receivedCredential):
(-[WebCoreSynchronousLoader connection:didReceiveAuthenticationChallenge:]): Only try the
ProtectionSpace key'ed Credential if it does not match the initially used Credential.
(+[WebCoreSynchronousLoader loadRequest:allowStoredCredentials:returningResponse:error:]):
Add base64-ability to CString:
* platform/text/CString.cpp:
(WebCore::CStringBuffer::base64Encode):
(WebCore::CString::base64Encode):
* platform/text/CString.h:
(WebCore::CStringBuffer::create):
(WebCore::CStringBuffer::CStringBuffer):
WebKit/mac:
Adopt the new WebCore::CredentialStorage in WebKit/Mac.
* Misc/WebDownload.mm:
(-[WebDownloadInternal download:didReceiveAuthenticationChallenge:]):
* Plugins/WebBaseNetscapePluginView.mm:
(WebKit::getAuthenticationInfo):
WebKit/win:
Adopt the new WebCore::CredentialStorage in WebKit/Win.
* WebDownloadCFNet.cpp:
(WebDownload::didReceiveAuthenticationChallenge):
WebKitTools:
Add the ability for DRT to handle authentication challenges.
* DumpRenderTree/LayoutTestController.cpp:
(setAuthenticationPasswordCallback):
(setAuthenticationUsernameCallback):
(setHandlesAuthenticationChallengesCallback):
(LayoutTestController::staticFunctions):
* DumpRenderTree/LayoutTestController.h:
(LayoutTestController::handlesAuthenticationChallenges):
(LayoutTestController::setHandlesAuthenticationChallenges):
(LayoutTestController::authenticationUsername):
(LayoutTestController::setAuthenticationUsername):
(LayoutTestController::authenticationPassword):
(LayoutTestController::setAuthenticationPassword):
* DumpRenderTree/mac/ResourceLoadDelegate.mm:
(-[ResourceLoadDelegate webView:resource:didReceiveAuthenticationChallenge:fromDataSource:]):
* DumpRenderTree/win/ResourceLoadDelegate.cpp:
(ResourceLoadDelegate::didReceiveAuthenticationChallenge):
* DumpRenderTree/win/ResourceLoadDelegate.h:
LayoutTests:
* http/tests/loading/basic-auth-resend-wrong-credentials-expected.txt: Added.
* http/tests/loading/basic-auth-resend-wrong-credentials.html: Added.
* http/tests/loading/basic-credentials-sent-automatically-expected.txt: Added.
* http/tests/loading/basic-credentials-sent-automatically.html: Added.
* http/tests/loading/resources/basic-auth-testing.php: Added.
* http/tests/loading/resources/othersubresources: Added.
* http/tests/loading/resources/othersubresources/protected-resource.php: Added.
* http/tests/loading/resources/protected-resource.php: Added.
* http/tests/loading/resources/subresources: Added.
* http/tests/loading/resources/subresources/protected-resource.php: Added.
* http/tests/loading/resources/test2: Added.
* http/tests/loading/resources/test2/basic-auth-testing.php: Added.
* http/tests/loading/resources/test2/protected-resource.php: Added.
* platform/gtk/Skipped:
* platform/qt/Skipped:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@48363 268f45cc-cd09-0410-ab3c-d52691b4dbfc
45 files changed
