Bug 197650

Summary:

[Curl] Suppress extra didReceiveAuthenticationChallenge call when accessing a server which checks basic auth.

Product:

WebKit

Reporter:

Takashi Komori <takashi.komori>

Component:

Platform

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, basuke, commit-queue, don.olmstead, ews-watchlist, fujii.hironori, galpeter, rniwa, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Archive of layout-test-results from ews106 for mac-highsierra-wk2	none
Archive of layout-test-results from ews103 for mac-highsierra	none
Archive of layout-test-results from ews115 for mac-highsierra	none
Archive of layout-test-results from ews123 for ios-simulator-wk2	none
Archive of layout-test-results from ews214 for win-future	none
Patch	none
Archive of layout-test-results from ews213 for win-future	none
Patch	none
Patch	none
Patch	none

Takashi Komori

Reported 2019-05-07 01:29:52 PDT

When Curl port accesses a page which checks Basic Authentication credential and server trust challenge occurs, Curl port calls extra didReceiveAuthenticationChallenge unnecessarily. This is because Curl port discards information about allowed server trust challenge before in NetworkDataTaskCurl::restartWithCredential.

Attachments
Patch (7.42 KB, patch) 2019-05-07 01:42 PDT, Takashi Komori	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews106 for mac-highsierra-wk2 (2.77 MB, application/zip) 2019-05-07 02:36 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews103 for mac-highsierra (3.12 MB, application/zip) 2019-05-07 02:46 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews115 for mac-highsierra (2.91 MB, application/zip) 2019-05-07 03:32 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews123 for ios-simulator-wk2 (2.44 MB, application/zip) 2019-05-07 03:38 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews214 for win-future (13.65 MB, application/zip) 2019-05-07 03:47 PDT, EWS Watchlist	no flags	Details
Patch (10.00 KB, patch) 2019-05-08 18:48 PDT, Takashi Komori	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews213 for win-future (13.65 MB, application/zip) 2019-05-08 20:54 PDT, EWS Watchlist	no flags	Details
Patch (10.00 KB, patch) 2019-05-08 23:18 PDT, Takashi Komori	no flags	Details Formatted Diff Diff
Patch (9.61 KB, patch) 2019-05-09 20:17 PDT, Takashi Komori	no flags	Details Formatted Diff Diff
Patch (9.92 KB, patch) 2019-05-11 02:22 PDT, Takashi Komori	no flags	Details Formatted Diff Diff
Show Obsolete (10) View All Add attachment proposed patch, testcase, etc.

Takashi Komori

Comment 1 2019-05-07 01:42:12 PDT

Created attachment 369257 [details] Patch

EWS Watchlist

Comment 2 2019-05-07 02:36:46 PDT

Comment on attachment 369257 [details] Patch Attachment 369257 [details] did not pass mac-wk2-ews (mac-wk2): Output: https://webkit-queues.webkit.org/results/12121376 New failing tests: http/tests/misc/certificate-and-authentication.html

EWS Watchlist

Comment 3 2019-05-07 02:36:47 PDT

Created attachment 369262 [details] Archive of layout-test-results from ews106 for mac-highsierra-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews106 Port: mac-highsierra-wk2 Platform: Mac OS X 10.13.6

EWS Watchlist

Comment 4 2019-05-07 02:46:21 PDT

Comment on attachment 369257 [details] Patch Attachment 369257 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/12121562 New failing tests: http/tests/misc/certificate-and-authentication.html

EWS Watchlist

Comment 5 2019-05-07 02:46:23 PDT

Created attachment 369265 [details] Archive of layout-test-results from ews103 for mac-highsierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-highsierra Platform: Mac OS X 10.13.6

EWS Watchlist

Comment 6 2019-05-07 03:32:28 PDT

Comment on attachment 369257 [details] Patch Attachment 369257 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/12121606 New failing tests: webgl/2.0.0/conformance/context/context-release-upon-reload.html http/tests/misc/certificate-and-authentication.html

EWS Watchlist

Comment 7 2019-05-07 03:32:30 PDT

Created attachment 369269 [details] Archive of layout-test-results from ews115 for mac-highsierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews115 Port: mac-highsierra Platform: Mac OS X 10.13.6

EWS Watchlist

Comment 8 2019-05-07 03:38:26 PDT

Comment on attachment 369257 [details] Patch Attachment 369257 [details] did not pass ios-sim-ews (ios-simulator-wk2): Output: https://webkit-queues.webkit.org/results/12121633 New failing tests: http/tests/misc/certificate-and-authentication.html

EWS Watchlist

Comment 9 2019-05-07 03:38:27 PDT

Created attachment 369270 [details] Archive of layout-test-results from ews123 for ios-simulator-wk2 The attached test failures were seen while running run-webkit-tests on the ios-sim-ews. Bot: ews123 Port: ios-simulator-wk2 Platform: Mac OS X 10.14.4

EWS Watchlist

Comment 10 2019-05-07 03:47:32 PDT

Comment on attachment 369257 [details] Patch Attachment 369257 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/12121882 New failing tests: http/tests/misc/certificate-and-authentication.html

EWS Watchlist

Comment 11 2019-05-07 03:47:36 PDT

Created attachment 369272 [details] Archive of layout-test-results from ews214 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews214 Port: win-future Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit

Takashi Komori

Comment 12 2019-05-08 18:48:04 PDT

Created attachment 369456 [details] Patch

Takashi Komori

Comment 13 2019-05-08 18:49:16 PDT

(In reply to Takashi Komori from comment #12) > Created attachment 369456 [details] > Patch Skip added test on other ports. Soup doesn't use didReceiveChallenge for server trust evaluation. We use certificate-and-authentication.html test for only wincairo.

EWS Watchlist

Comment 14 2019-05-08 20:54:21 PDT

Comment on attachment 369456 [details] Patch Attachment 369456 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/12139490 New failing tests: http/tests/css/filters-on-iframes.html

EWS Watchlist

Comment 15 2019-05-08 20:54:23 PDT

Created attachment 369459 [details] Archive of layout-test-results from ews213 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews213 Port: win-future Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit

Takashi Komori

Comment 16 2019-05-08 23:18:12 PDT

Created attachment 369469 [details] Patch

Fujii Hironori

Comment 17 2019-05-09 00:15:11 PDT

Comment on attachment 369469 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=369469&action=review > Source/WebCore/ChangeLog:7 > + Please add the comment #0 here. > LayoutTests/http/tests/misc/resources/certificate-and-authentication.php:13 > +parent.postMessage("loaded", "*"); Do you need to use postMessage? Can you use onload as well as http/tests/ssl/certificate-validation.html . If so, you can reuse a existing auth cgi. And, I think it looks cool using async and await such like http/tests/ssl/certificate-validation.html.

Takashi Komori

Comment 18 2019-05-09 00:52:53 PDT

(In reply to Fujii Hironori from comment #17) > Do you need to use postMessage? Can you use onload as well as > http/tests/ssl/certificate-validation.html . > If so, you can reuse a existing auth cgi. postMessage might be replaced by onload. What does "existing auth cgi" refer to exactly?

Fujii Hironori

Comment 19 2019-05-09 00:57:29 PDT

For example, can you use tests/xmlhttprequest/resources/basic-auth/basic-auth.php ?

Basuke Suzuki

Comment 20 2019-05-09 10:53:41 PDT

(In reply to Fujii Hironori from comment #19) > For example, can you use > tests/xmlhttprequest/resources/basic-auth/basic-auth.php ? I've got a review that we shuoldn't reuse resources other bug created except those inside root /resources/. In this case, it's easy to find similar feature from there.

Basuke Suzuki

Comment 21 2019-05-09 10:59:29 PDT

(In reply to Basuke Suzuki from comment #20) > (In reply to Fujii Hironori from comment #19) > > For example, can you use > > tests/xmlhttprequest/resources/basic-auth/basic-auth.php ? > > I've got a review that we shuoldn't reuse resources other bug created except > those inside root /resources/. In this case, it's easy to find similar > feature from there. Oh my got, the only one in /resources/ was for digest-auth, which was posted by me lol. Forget about my comment. Sorry.

Takashi Komori

Comment 22 2019-05-09 20:17:02 PDT

Created attachment 369540 [details] Patch

Takashi Komori

Comment 23 2019-05-09 20:23:57 PDT

(In reply to Fujii Hironori from comment #17) > Comment on attachment 369469 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=369469&action=review > > > Source/WebCore/ChangeLog:7 > > + Added. > Please add the comment #0 here. > > > LayoutTests/http/tests/misc/resources/certificate-and-authentication.php:13 > > +parent.postMessage("loaded", "*"); > > Do you need to use postMessage? Can you use onload as well as > http/tests/ssl/certificate-validation.html . > If so, you can reuse a existing auth cgi. > > And, I think it looks cool using async and await such like > http/tests/ssl/certificate-validation.html. Fixed with tests/xmlhttprequest/resources/basic-auth/basic-auth.php

Fujii Hironori

Comment 24 2019-05-10 01:13:03 PDT

Comment on attachment 369540 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=369540&action=review > LayoutTests/TestExpectations:451 > +http/tests/misc/certificate-and-authentication.html [ Skip ] This test is skipped not only becasue it is only work in WebKit2, but also because it is only for curl port. Let's rename to http/tests/ssl/curl/certificate-and-authentication.html, and skip the directory. http/tests/ssl/curl [ Skip ] > LayoutTests/http/tests/misc/certificate-and-authentication.html:32 > + const iframe = await with_iframe("https://localhost:8443/xmlhttprequest/resources/basic-auth/basic-auth.php?uid=user"); See Basuke's Comment 20. You should move the script into the http/tests/resources or copy the script.

Takashi Komori

Comment 25 2019-05-11 02:22:56 PDT

Created attachment 369649 [details] Patch

Takashi Komori

Comment 26 2019-05-11 02:25:22 PDT

(In reply to Fujii Hironori from comment #24) > Comment on attachment 369540 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=369540&action=review > > > LayoutTests/TestExpectations:451 > > +http/tests/misc/certificate-and-authentication.html [ Skip ] > > This test is skipped not only becasue it is only work in WebKit2, but also > because it is only for curl port. > Let's rename to http/tests/ssl/curl/certificate-and-authentication.html, > and skip the directory. > http/tests/ssl/curl [ Skip ] Renamed. > > LayoutTests/http/tests/misc/certificate-and-authentication.html:32 > > + const iframe = await with_iframe("https://localhost:8443/xmlhttprequest/resources/basic-auth/basic-auth.php?uid=user"); > > See Basuke's Comment 20. You should move the script into the > http/tests/resources or copy the script. Copied.

WebKit Commit Bot

Comment 27 2019-05-12 16:05:26 PDT

Comment on attachment 369649 [details] Patch Clearing flags on attachment: 369649 Committed r245215: <https://trac.webkit.org/changeset/245215>

WebKit Commit Bot

Comment 28 2019-05-12 16:05:28 PDT

All reviewed patches have been landed. Closing bug.

Radar WebKit Bug Importer

Comment 29 2019-05-12 16:08:22 PDT

<rdar://problem/50709033>

Note You need to log in before you can comment on or make changes to this bug.