Bug 164471 - [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
Summary: [SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with...
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Local Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
Keywords: Gtk, Soup
Depends on: 158919
  Show dependency treegraph
Reported: 2016-11-07 03:07 PST by Carlos Garcia Campos
Modified: 2017-01-03 01:09 PST (History)
2 users (show)

See Also:

Patch (3.51 KB, patch)
2017-01-02 03:03 PST, Carlos Garcia Campos
mcatanzaro: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos Garcia Campos 2016-11-07 03:07:00 PST
When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that disables all HTTP authentication, causing the load to always fail with Authorization required even when clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the SoupAuthManager feature. We need to add new API to libsoup to tell the SoupAuthManager not to use the auth cache for that particular SoupMessage.
Comment 1 Carlos Garcia Campos 2017-01-02 02:27:43 PST
This needs new API added in libsoup 2.57.1. Bug #158919 upgrades libsoup to 2.57.1.
Comment 2 Carlos Garcia Campos 2017-01-02 03:03:59 PST
Created attachment 297890 [details]
Comment 3 Carlos Garcia Campos 2017-01-03 01:09:25 PST
Committed r210235: <http://trac.webkit.org/changeset/210235>