Bug 213596

Summary: [GTK][WPE] Add webkit_authentication_request_get_security_origin
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: berto, bugs-noreply, ews-watchlist, gustavo, mcatanzaro
Priority: P2 Keywords: Gtk
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch mcatanzaro: review+

Description Carlos Garcia Campos 2020-06-25 05:46:51 PDT
I'm not sure if we should deprecate get_port and get_host, they are convenient to avoid creating a security origin when you just want to get the host, for example.
Comment 1 Carlos Garcia Campos 2020-06-25 05:48:35 PDT
Created attachment 402727 [details]
Patch
Comment 2 EWS Watchlist 2020-06-25 05:49:43 PDT
Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See http://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API
Comment 3 Michael Catanzaro 2020-06-25 07:17:47 PDT
Comment on attachment 402727 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=402727&action=review

> Source/WebKit/UIProcess/API/glib/WebKitAuthenticationRequest.cpp:368
> +    return webkitSecurityOriginCreate(SecurityOrigin::create(protocol, protectionSpace.host(), protectionSpace.port()));

You could ASSERT(!protocol.isEmpty()) here, just in case. webkitSecurityOriginCreate really will allow creating an invalid WebKitSecurityOrigin with empty protocol.

> Source/WebKit/UIProcess/API/gtk/WebKitAuthenticationRequest.h:30
>  #include <webkit2/WebKitCredential.h>
> +#include <webkit2/WebKitSecurityOrigin.h>
>  #include <webkit2/WebKitDefines.h>

It's misalphabetized.
Comment 4 Carlos Garcia Campos 2020-06-29 00:38:12 PDT
(In reply to Michael Catanzaro from comment #3)
> Comment on attachment 402727 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=402727&action=review
> 
> > Source/WebKit/UIProcess/API/glib/WebKitAuthenticationRequest.cpp:368
> > +    return webkitSecurityOriginCreate(SecurityOrigin::create(protocol, protectionSpace.host(), protectionSpace.port()));
> 
> You could ASSERT(!protocol.isEmpty()) here, just in case.
> webkitSecurityOriginCreate really will allow creating an invalid
> WebKitSecurityOrigin with empty protocol.

How can it be empty if it's set to a literal in a switch handling al possible cases?

> > Source/WebKit/UIProcess/API/gtk/WebKitAuthenticationRequest.h:30
> >  #include <webkit2/WebKitCredential.h>
> > +#include <webkit2/WebKitSecurityOrigin.h>
> >  #include <webkit2/WebKitDefines.h>
> 
> It's misalphabetized.
Comment 5 Carlos Garcia Campos 2020-06-29 00:39:44 PDT
Committed r263645: <https://trac.webkit.org/changeset/263645>