Bug 31634

Summary: Ignore realm for proxy protection spaces
Product: WebKit Reporter: Alexey Proskuryakov <ap>
Component: PlatformAssignee: Alexey Proskuryakov <ap>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, eric
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
proposed patch
darin: review-
updated patch darin: review+

Alexey Proskuryakov
Reported 2009-11-18 12:21:44 PST
Realm makes no sense for HTTP(S) proxy authentication. It is not even set in NSURLAuthenticationChallenge's protection space that is sent for HTTP. This makes it difficult to use stored credentials for Web Socket, as servers so actually send realms for proxy auth. One solution is to not set realm when creating a ProtectionSpace object for proxy auth. I think it would be even better to treat proxy protection spaces with different realms. One related data point: it looks like the realm isn't stored in Keychain, even for non-proxy credentials.
Attachments
proposed patch (2.56 KB, patch)
2009-11-18 12:26 PST, Alexey Proskuryakov 		darin: review-
DetailsFormatted DiffDiff
updated patch (2.58 KB, patch)
2009-11-18 16:54 PST, Alexey Proskuryakov 		darin: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2009-11-18 12:26:51 PST
Created attachment 43446 [details] proposed patch
Alexey Proskuryakov
Comment 2 2009-11-18 13:51:48 PST
...to treat proxy protection spaces with different realms AS EQUAL
Alexey Proskuryakov
Comment 3 2009-11-18 14:08:57 PST
> One related data point: it looks like the realm isn't stored in Keychain, even > for non-proxy credentials. That may be a lie - perhaps it's just not displayed in UI. Not sure yet.
Darin Adler
Comment 4 2009-11-18 16:14:50 PST
Comment on attachment 43446 [details] proposed patch > + if (protectionSpace.isProxy()) > + codeCount -= sizeof(UChar); Should be sizeof(hashCodes[0]) / sizeof(UChar) or some similar expression, not sizeof(UChar).
Alexey Proskuryakov
Comment 5 2009-11-18 16:54:24 PST
Created attachment 43472 [details] updated patch
Alexey Proskuryakov
Comment 6 2009-11-19 09:44:04 PST
Committed <http://trac.webkit.org/changeset/51189>.
Note You need to log in before you can comment on or make changes to this bug.