Bug 197650 - [Curl] Suppress extra didReceiveAuthenticationChallenge call when accessing a server which checks basic auth.
Summary: [Curl] Suppress extra didReceiveAuthenticationChallenge call when accessing a...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Platform (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-05-07 01:29 PDT by Takashi Komori
Modified: 2019-05-12 16:08 PDT (History)
9 users (show)

See Also:


Attachments
Patch (7.42 KB, patch)
2019-05-07 01:42 PDT, Takashi Komori
no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews106 for mac-highsierra-wk2 (2.77 MB, application/zip)
2019-05-07 02:36 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews103 for mac-highsierra (3.12 MB, application/zip)
2019-05-07 02:46 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews115 for mac-highsierra (2.91 MB, application/zip)
2019-05-07 03:32 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews123 for ios-simulator-wk2 (2.44 MB, application/zip)
2019-05-07 03:38 PDT, Build Bot
no flags Details
Archive of layout-test-results from ews214 for win-future (13.65 MB, application/zip)
2019-05-07 03:47 PDT, Build Bot
no flags Details
Patch (10.00 KB, patch)
2019-05-08 18:48 PDT, Takashi Komori
no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews213 for win-future (13.65 MB, application/zip)
2019-05-08 20:54 PDT, Build Bot
no flags Details
Patch (10.00 KB, patch)
2019-05-08 23:18 PDT, Takashi Komori
no flags Details | Formatted Diff | Diff
Patch (9.61 KB, patch)
2019-05-09 20:17 PDT, Takashi Komori
no flags Details | Formatted Diff | Diff
Patch (9.92 KB, patch)
2019-05-11 02:22 PDT, Takashi Komori
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Takashi Komori 2019-05-07 01:29:52 PDT
When Curl port accesses a page which checks Basic Authentication credential and server trust challenge occurs, Curl port calls extra didReceiveAuthenticationChallenge unnecessarily.
This is because Curl port discards information about allowed server trust challenge before in NetworkDataTaskCurl::restartWithCredential.
Comment 1 Takashi Komori 2019-05-07 01:42:12 PDT
Created attachment 369257 [details]
Patch
Comment 2 Build Bot 2019-05-07 02:36:46 PDT
Comment on attachment 369257 [details]
Patch

Attachment 369257 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12121376

New failing tests:
http/tests/misc/certificate-and-authentication.html
Comment 3 Build Bot 2019-05-07 02:36:47 PDT
Created attachment 369262 [details]
Archive of layout-test-results from ews106 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews106  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 4 Build Bot 2019-05-07 02:46:21 PDT
Comment on attachment 369257 [details]
Patch

Attachment 369257 [details] did not pass mac-ews (mac):
Output: https://webkit-queues.webkit.org/results/12121562

New failing tests:
http/tests/misc/certificate-and-authentication.html
Comment 5 Build Bot 2019-05-07 02:46:23 PDT
Created attachment 369265 [details]
Archive of layout-test-results from ews103 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews103  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 6 Build Bot 2019-05-07 03:32:28 PDT
Comment on attachment 369257 [details]
Patch

Attachment 369257 [details] did not pass mac-debug-ews (mac):
Output: https://webkit-queues.webkit.org/results/12121606

New failing tests:
webgl/2.0.0/conformance/context/context-release-upon-reload.html
http/tests/misc/certificate-and-authentication.html
Comment 7 Build Bot 2019-05-07 03:32:30 PDT
Created attachment 369269 [details]
Archive of layout-test-results from ews115 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews115  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 8 Build Bot 2019-05-07 03:38:26 PDT
Comment on attachment 369257 [details]
Patch

Attachment 369257 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/12121633

New failing tests:
http/tests/misc/certificate-and-authentication.html
Comment 9 Build Bot 2019-05-07 03:38:27 PDT
Created attachment 369270 [details]
Archive of layout-test-results from ews123 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews123  Port: ios-simulator-wk2  Platform: Mac OS X 10.14.4
Comment 10 Build Bot 2019-05-07 03:47:32 PDT
Comment on attachment 369257 [details]
Patch

Attachment 369257 [details] did not pass win-ews (win):
Output: https://webkit-queues.webkit.org/results/12121882

New failing tests:
http/tests/misc/certificate-and-authentication.html
Comment 11 Build Bot 2019-05-07 03:47:36 PDT
Created attachment 369272 [details]
Archive of layout-test-results from ews214 for win-future

The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews214  Port: win-future  Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit
Comment 12 Takashi Komori 2019-05-08 18:48:04 PDT
Created attachment 369456 [details]
Patch
Comment 13 Takashi Komori 2019-05-08 18:49:16 PDT
(In reply to Takashi Komori from comment #12)
> Created attachment 369456 [details]
> Patch

Skip added test on other ports.
Soup doesn't use didReceiveChallenge for server trust evaluation.
We use certificate-and-authentication.html test for only wincairo.
Comment 14 Build Bot 2019-05-08 20:54:21 PDT
Comment on attachment 369456 [details]
Patch

Attachment 369456 [details] did not pass win-ews (win):
Output: https://webkit-queues.webkit.org/results/12139490

New failing tests:
http/tests/css/filters-on-iframes.html
Comment 15 Build Bot 2019-05-08 20:54:23 PDT
Created attachment 369459 [details]
Archive of layout-test-results from ews213 for win-future

The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews213  Port: win-future  Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit
Comment 16 Takashi Komori 2019-05-08 23:18:12 PDT
Created attachment 369469 [details]
Patch
Comment 17 Fujii Hironori 2019-05-09 00:15:11 PDT
Comment on attachment 369469 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=369469&action=review

> Source/WebCore/ChangeLog:7
> +

Please add the comment #0 here.

> LayoutTests/http/tests/misc/resources/certificate-and-authentication.php:13
> +parent.postMessage("loaded", "*");

Do you need to use postMessage? Can you use onload as well as http/tests/ssl/certificate-validation.html .
If so, you can reuse a existing auth cgi.

And, I think it looks cool using async and await such like http/tests/ssl/certificate-validation.html.
Comment 18 Takashi Komori 2019-05-09 00:52:53 PDT
(In reply to Fujii Hironori from comment #17)
> Do you need to use postMessage? Can you use onload as well as
> http/tests/ssl/certificate-validation.html .
> If so, you can reuse a existing auth cgi.

postMessage might be replaced by onload.
What does "existing auth cgi" refer to exactly?
Comment 19 Fujii Hironori 2019-05-09 00:57:29 PDT
For example, can you use tests/xmlhttprequest/resources/basic-auth/basic-auth.php ?
Comment 20 Basuke Suzuki 2019-05-09 10:53:41 PDT
(In reply to Fujii Hironori from comment #19)
> For example, can you use
> tests/xmlhttprequest/resources/basic-auth/basic-auth.php ?

I've got a review that we shuoldn't reuse resources other bug created except those inside root /resources/. In this case, it's easy to find similar feature from there.
Comment 21 Basuke Suzuki 2019-05-09 10:59:29 PDT
(In reply to Basuke Suzuki from comment #20)
> (In reply to Fujii Hironori from comment #19)
> > For example, can you use
> > tests/xmlhttprequest/resources/basic-auth/basic-auth.php ?
> 
> I've got a review that we shuoldn't reuse resources other bug created except
> those inside root /resources/. In this case, it's easy to find similar
> feature from there.

Oh my got, the only one in /resources/ was for digest-auth, which was posted by me lol. Forget about my comment. Sorry.
Comment 22 Takashi Komori 2019-05-09 20:17:02 PDT
Created attachment 369540 [details]
Patch
Comment 23 Takashi Komori 2019-05-09 20:23:57 PDT
(In reply to Fujii Hironori from comment #17)
> Comment on attachment 369469 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=369469&action=review
> 
> > Source/WebCore/ChangeLog:7
> > +

Added.

> Please add the comment #0 here.
> 
> > LayoutTests/http/tests/misc/resources/certificate-and-authentication.php:13
> > +parent.postMessage("loaded", "*");
> 
> Do you need to use postMessage? Can you use onload as well as
> http/tests/ssl/certificate-validation.html .
> If so, you can reuse a existing auth cgi.
> 
> And, I think it looks cool using async and await such like
> http/tests/ssl/certificate-validation.html.

Fixed with tests/xmlhttprequest/resources/basic-auth/basic-auth.php
Comment 24 Fujii Hironori 2019-05-10 01:13:03 PDT
Comment on attachment 369540 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=369540&action=review

> LayoutTests/TestExpectations:451
> +http/tests/misc/certificate-and-authentication.html [ Skip ]

This test is skipped not only becasue it is only work in WebKit2, but also because it is only for curl port.
Let's rename to http/tests/ssl/curl/certificate-and-authentication.html,
and skip the directory.
http/tests/ssl/curl [ Skip ]

> LayoutTests/http/tests/misc/certificate-and-authentication.html:32
> +    const iframe = await with_iframe("https://localhost:8443/xmlhttprequest/resources/basic-auth/basic-auth.php?uid=user");

See Basuke's Comment 20. You should move the script into the http/tests/resources or copy the script.
Comment 25 Takashi Komori 2019-05-11 02:22:56 PDT
Created attachment 369649 [details]
Patch
Comment 26 Takashi Komori 2019-05-11 02:25:22 PDT
(In reply to Fujii Hironori from comment #24)
> Comment on attachment 369540 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=369540&action=review
> 
> > LayoutTests/TestExpectations:451
> > +http/tests/misc/certificate-and-authentication.html [ Skip ]
> 
> This test is skipped not only becasue it is only work in WebKit2, but also
> because it is only for curl port.
> Let's rename to http/tests/ssl/curl/certificate-and-authentication.html,
> and skip the directory.
> http/tests/ssl/curl [ Skip ]

Renamed.

> > LayoutTests/http/tests/misc/certificate-and-authentication.html:32
> > +    const iframe = await with_iframe("https://localhost:8443/xmlhttprequest/resources/basic-auth/basic-auth.php?uid=user");
> 
> See Basuke's Comment 20. You should move the script into the
> http/tests/resources or copy the script.

Copied.
Comment 27 WebKit Commit Bot 2019-05-12 16:05:26 PDT
Comment on attachment 369649 [details]
Patch

Clearing flags on attachment: 369649

Committed r245215: <https://trac.webkit.org/changeset/245215>
Comment 28 WebKit Commit Bot 2019-05-12 16:05:28 PDT
All reviewed patches have been landed.  Closing bug.
Comment 29 Radar WebKit Bug Importer 2019-05-12 16:08:22 PDT
<rdar://problem/50709033>