Bug 164471

Summary: [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: WebKit2Assignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, bugs-noreply
Priority: P2 Keywords: Gtk, Soup
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugzilla.gnome.org/show_bug.cgi?id=774033
Bug Depends on: 158919    
Bug Blocks:    
Attachments:
Description Flags
Patch mcatanzaro: review+

Description Carlos Garcia Campos 2016-11-07 03:07:00 PST 
When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that disables all HTTP authentication, causing the load to always fail with Authorization required even when clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the SoupAuthManager feature. We need to add new API to libsoup to tell the SoupAuthManager not to use the auth cache for that particular SoupMessage.
Comment 1 Carlos Garcia Campos 2017-01-02 02:27:43 PST 
This needs new API added in libsoup 2.57.1. Bug #158919 upgrades libsoup to 2.57.1.
Comment 2 Carlos Garcia Campos 2017-01-02 03:03:59 PST 
Created attachment 297890 [details]
Patch
Comment 3 Carlos Garcia Campos 2017-01-03 01:09:25 PST 
Committed r210235: <http://trac.webkit.org/changeset/210235>