Bug 31634 - Ignore realm for proxy protection spaces
Summary: Ignore realm for proxy protection spaces
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Platform (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Alexey Proskuryakov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-11-18 12:21 PST by Alexey Proskuryakov
Modified: 2009-11-19 09:44 PST (History)
2 users (show)

See Also:

Attachments
proposed patch (2.56 KB, patch)
2009-11-18 12:26 PST, Alexey Proskuryakov 		darin: review-
Details | Formatted Diff | Diff
updated patch (2.58 KB, patch)
2009-11-18 16:54 PST, Alexey Proskuryakov 		darin: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexey Proskuryakov 2009-11-18 12:21:44 PST 
Realm makes no sense for HTTP(S) proxy authentication. It is not even set in NSURLAuthenticationChallenge's protection space that is sent for HTTP.

This makes it difficult to use stored credentials for Web Socket, as servers so actually send realms for proxy auth. One solution is to not set realm when creating a ProtectionSpace object for proxy auth. I think it would be even better to treat proxy protection spaces with different realms.

One related data point: it looks like the realm isn't stored in Keychain, even for non-proxy credentials.
Comment 1 Alexey Proskuryakov 2009-11-18 12:26:51 PST 
Created attachment 43446 [details]
proposed patch
Comment 2 Alexey Proskuryakov 2009-11-18 13:51:48 PST 
...to treat proxy protection spaces with different realms AS EQUAL
Comment 3 Alexey Proskuryakov 2009-11-18 14:08:57 PST 
> One related data point: it looks like the realm isn't stored in Keychain, even
> for non-proxy credentials.

That may be a lie - perhaps it's just not displayed in UI. Not sure yet.
Comment 4 Darin Adler 2009-11-18 16:14:50 PST 
Comment on attachment 43446 [details]
proposed patch

> +        if (protectionSpace.isProxy())
> +            codeCount -= sizeof(UChar);

Should be sizeof(hashCodes[0]) / sizeof(UChar) or some similar expression, not sizeof(UChar).
Comment 5 Alexey Proskuryakov 2009-11-18 16:54:24 PST 
Created attachment 43472 [details]
updated patch
Comment 6 Alexey Proskuryakov 2009-11-19 09:44:04 PST 
Committed <http://trac.webkit.org/changeset/51189>.