Bug 131348

Summary: canAuthenticateAgainstProtectionSpace delegate calls should not be made when ResourceHandle has credentials
Product: WebKit Reporter: Alexey Proskuryakov <ap>
Component: Page LoadingAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: andersca, beidson, mhock
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   

Description Alexey Proskuryakov 2014-04-07 23:28:25 PDT 
When ResourceHandle already has credentials provided via XMLHttpRequest argument or a URL, it shouldn't ask make a canAuthenticateAgainstProtectionSpace delegate call. If the client doesn't implement UI for password authentication, and thus returns false, CFNetwork won't call didReceiveAuthenticationChallenge, so we won't use the existing credentials.

We should only go ask the client if the existing credentials turned out to be incorrect.