#if ENABLE(WEB_TIMING)
static int milisecondsSinceRequest(double requestTime);
#endif
+#if ENABLE(TIZEN_ON_AUTHENTICATION_REQUESTED)
+static void applyAuthenticationToRequest(ResourceHandle* handle, ResourceRequest& request, bool redirect);
+#endif
ResourceHandleInternal::~ResourceHandleInternal()
{
d->m_response = response;
}
+#if ENABLE(TIZEN_ON_AUTHENTICATION_REQUESTED)
+static void applyAuthenticationToRequest(ResourceHandle* handle, ResourceRequest& request, bool redirect)
+{
+ // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open().
+ ResourceHandleInternal* d = handle->getInternal();
+
+ if (handle->shouldUseCredentialStorage()) {
+ if (d->m_user.isEmpty() && d->m_pass.isEmpty())
+ d->m_initialCredential = CredentialStorage::get(request.url());
+ else if (!redirect) {
+ // If there is already a protection space known for the URL, update stored credentials
+ // before sending a request. This makes it possible to implement logout by sending an
+ // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that
+ // an authentication dialog doesn't pop up).
+ CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url());
+ }
+ }
+
+ String user = d->m_user;
+ String password = d->m_pass;
+ if (!d->m_initialCredential.isEmpty()) {
+ user = d->m_initialCredential.user();
+ password = d->m_initialCredential.password();
+ }
+
+ if (user.isEmpty() && password.isEmpty())
+ return;
+
+ // We always put the credentials into the URL. In the CFNetwork-port HTTP family credentials are applied in
+ // the didReceiveAuthenticationChallenge callback, but libsoup requires us to use this method to override
+ // any previously remembered credentials. It has its own per-session credential storage.
+ KURL urlWithCredentials(request.url());
+ urlWithCredentials.setUser(user);
+ urlWithCredentials.setPass(password);
+ request.setURL(urlWithCredentials);
+}
+#endif
+
// Called each time the message is going to be sent again except the first time.
// It's used mostly to let webkit know about redirects.
static void restartedCallback(SoupMessage* msg, gpointer data)
return false;
#if ENABLE(TIZEN_ON_AUTHENTICATION_REQUESTED)
- if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
- // Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
- KURL urlWithCredentials(firstRequest().url());
- urlWithCredentials.setUser(d->m_user);
- urlWithCredentials.setPass(d->m_pass);
- firstRequest().setURL(urlWithCredentials);
- }
-
- // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
- // try and reuse the credential preemptively, as allowed by RFC 2617.
- //if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
- bool shouldUseCredentialStorage = client()->shouldUseCredentialStorage(this);
-
- if (!shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
- if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
- // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
- // try and reuse the credential preemptively, as allowed by RFC 2617.
- d->m_initialCredential = CredentialStorage::get(firstRequest().url());
- } else {
- // If there is already a protection space known for the URL, update stored credentials before sending a request.
- // This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
- // (so that an authentication dialog doesn't pop up).
- CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
- }
- }
+ applyAuthenticationToRequest(this, firstRequest(), false);
#else
if (!(d->m_user.isEmpty() || d->m_pass.isEmpty())) {
// If credentials were specified for this request, add them to the url,
g_cancellable_cancel(d->m_cancellable.get());
}
+#if ENABLE(TIZEN_ON_AUTHENTICATION_REQUESTED)
+bool ResourceHandle::shouldUseCredentialStorage()
+{
+ return (!client() || client()->shouldUseCredentialStorage(this)) && firstRequest().url().protocolIsInHTTPFamily();
+}
+#endif
+
static bool hasBeenSent(ResourceHandle* handle)
{
ResourceHandleInternal* d = handle->getInternal();