Bug 38271 - Add canAuthenticateAgainstProtectionSpace() to frame loader so that a protection space can be inspected before attempting to authenticate against it
Summary: Add canAuthenticateAgainstProtectionSpace() to frame loader so that a protect...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Macintosh OS X 10.6
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-04-28 10:46 PDT by Mike Thole
Modified: 2010-04-28 16:43 PDT (History)
4 users (show)

See Also:


Attachments
Proposed patch (24.85 KB, patch)
2010-04-28 12:17 PDT, Mike Thole
no flags Details | Formatted Diff | Diff
Fixed enum indentation for style-bot (26.02 KB, patch)
2010-04-28 12:30 PDT, Mike Thole
ddkilzer: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Thole 2010-04-28 10:46:39 PDT
Add canAuthenticateAgainstProtectionSpace() to frame loader so that a protection space can be inspected before attempting to authenticate against it.  Clients can use this, for example, to send an SSL client certificate when it is requested but not required.

Expose this functionality in WebKit via a new WebResourceLoadDelegate private method:
- (BOOL)webView:(WebView *)sender resource:(id)identifier canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace forDataSource:(WebDataSource *)dataSource;
Comment 1 Mike Thole 2010-04-28 10:48:06 PDT
Part of <rdar://problem/7475092>
Comment 2 Mike Thole 2010-04-28 12:17:17 PDT
Created attachment 54608 [details]
Proposed patch
Comment 3 WebKit Review Bot 2010-04-28 12:19:10 PDT
Attachment 54608 [details] did not pass style-queue:

Failed to run "['WebKitTools/Scripts/check-webkit-style', '--no-squash']" exit_code: 1
WebCore/platform/network/ProtectionSpace.h:50:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
WebCore/platform/network/ProtectionSpace.h:51:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Total errors found: 2 in 21 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 4 Mike Thole 2010-04-28 12:30:48 PDT
Created attachment 54610 [details]
Fixed enum indentation for style-bot
Comment 5 David Kilzer (:ddkilzer) 2010-04-28 13:39:46 PDT
Comment on attachment 54610 [details]
Fixed enum indentation for style-bot

> Index: JavaScriptCore/wtf/Platform.h
> ===================================================================
> --- JavaScriptCore/wtf/Platform.h	(revision 58413)
> +++ JavaScriptCore/wtf/Platform.h	(working copy)
> @@ -1079,6 +1079,10 @@ on MinGW. See https://bugs.webkit.org/sh
>  #endif
>  #endif
>  
> +#if ((PLATFORM(MAC) || PLATFORM(IPHONE)) && !defined(BUILDING_ON_TIGER) && !defined(BUILDING_ON_LEOPARD))
> +#define WTF_USE_PROTECTION_SPACE_AUTH_CALLBACK 1
> +#endif

This should be:

#if (PLATFORM(MAC) && !defined(BUILDING_ON_TIGER) && !defined(BUILDING_ON_LEOPARD)) || PLATFORM(IPHONE)

> Index: WebCore/loader/EmptyClients.h
> ===================================================================
> --- WebCore/loader/EmptyClients.h	(revision 58413)
> +++ WebCore/loader/EmptyClients.h	(working copy)
> @@ -194,6 +194,7 @@ public:
>      virtual void dispatchWillSendRequest(DocumentLoader*, unsigned long, ResourceRequest&, const ResourceResponse&) { }
>      virtual void dispatchDidReceiveAuthenticationChallenge(DocumentLoader*, unsigned long, const AuthenticationChallenge&) { }
>      virtual void dispatchDidCancelAuthenticationChallenge(DocumentLoader*, unsigned long, const AuthenticationChallenge&) { }
> +    virtual bool canAuthenticateAgainstProtectionSpace(DocumentLoader*, unsigned long, const ProtectionSpace&) { return false; }

This should have #if USE(PROTECTION_SPACE_AUTH_CALLBACK)/#endif macro guards.

> Index: WebCore/platform/network/ResourceHandle.h
> ===================================================================
> --- WebCore/platform/network/ResourceHandle.h	(revision 58413)
> +++ WebCore/platform/network/ResourceHandle.h	(working copy)
> @@ -131,6 +132,7 @@ public:
>  
>  #if PLATFORM(MAC)
>      void didCancelAuthenticationChallenge(const AuthenticationChallenge&);
> +    bool canAuthenticateAgainstProtectionSpace(const ProtectionSpace&);
>      NSURLConnection *connection() const;
>      WebCoreResourceHandleAsDelegate *delegate();
>      void releaseDelegate();

This should have #if USE(PROTECTION_SPACE_AUTH_CALLBACK)/#endif macro guards.

> Index: WebCore/platform/network/ResourceHandleClient.h
> ===================================================================
> --- WebCore/platform/network/ResourceHandleClient.h	(revision 58413)
> +++ WebCore/platform/network/ResourceHandleClient.h	(working copy)
> @@ -78,6 +79,7 @@ namespace WebCore {
>          virtual bool shouldUseCredentialStorage(ResourceHandle*) { return false; }
>          virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge&) { }
>          virtual void didCancelAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge&) { }
> +        virtual bool canAuthenticateAgainstProtectionSpace(ResourceHandle*, const ProtectionSpace&) { return false; }
>          virtual void receivedCancellation(ResourceHandle*, const AuthenticationChallenge&) { }

This should have #if USE(PROTECTION_SPACE_AUTH_CALLBACK)/#endif macro guards.

> Index: WebCore/platform/network/mac/AuthenticationMac.mm
> ===================================================================
> --- WebCore/platform/network/mac/AuthenticationMac.mm	(revision 58413)
> +++ WebCore/platform/network/mac/AuthenticationMac.mm	(working copy)
> @@ -194,6 +194,14 @@ NSURLProtectionSpace *mac(const Protecti
>          case ProtectionSpaceAuthenticationSchemeHTMLForm:
>              method = NSURLAuthenticationMethodHTMLForm;
>              break;
> +#if USE(PROTECTION_SPACE_AUTH_CALLBACK)
> +        case ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested:
> +            method = NSURLAuthenticationMethodServerTrust;
> +            break;
> +        case ProtectionSpaceAuthenticationSchemeClientCertificateRequested:
> +            method = NSURLAuthenticationMethodClientCertificate;
> +            break;
> +#endif
>          case ProtectionSpaceAuthenticationSchemeNTLM:
>              method = NSURLAuthenticationMethodNTLM;
>              break;

These case statements should be after ProtectionSpaceAuthenticationSchemeNTLM to keep the order in the enum definitions.

> @@ -293,6 +301,12 @@ ProtectionSpace core(NSURLProtectionSpac
>          scheme = ProtectionSpaceAuthenticationSchemeHTTPDigest;
>      else if ([method isEqualToString:NSURLAuthenticationMethodHTMLForm])
>          scheme = ProtectionSpaceAuthenticationSchemeHTMLForm;
> +#if USE(PROTECTION_SPACE_AUTH_CALLBACK)
> +    else if ([method isEqualToString:NSURLAuthenticationMethodClientCertificate])
> +        scheme = ProtectionSpaceAuthenticationSchemeClientCertificateRequested;
> +    else if ([method isEqualToString:NSURLAuthenticationMethodServerTrust])
> +        scheme = ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested;
> +#endif
>      else if ([method isEqualToString:NSURLAuthenticationMethodNTLM])
>          scheme = ProtectionSpaceAuthenticationSchemeNTLM;
>      else {

Ditto.

> Index: WebKit/mac/WebView/WebDelegateImplementationCaching.h
> ===================================================================
> --- WebKit/mac/WebView/WebDelegateImplementationCaching.h	(revision 58413)
> +++ WebKit/mac/WebView/WebDelegateImplementationCaching.h	(working copy)
> @@ -35,6 +35,7 @@
>  struct WebResourceDelegateImplementationCache {
>      IMP didCancelAuthenticationChallengeFunc;
>      IMP didReceiveAuthenticationChallengeFunc;
> +    IMP canAuthenticateAgainstProtectionSpaceFunc;
>      IMP identifierForRequestFunc;
>      IMP willSendRequestFunc;
>      IMP didReceiveResponseFunc;

This should have #if USE(PROTECTION_SPACE_AUTH_CALLBACK)/#endif macro guards.

> Index: WebKit/mac/WebView/WebResourceLoadDelegatePrivate.h
> ===================================================================
> --- WebKit/mac/WebView/WebResourceLoadDelegatePrivate.h	(revision 58413)
> +++ WebKit/mac/WebView/WebResourceLoadDelegatePrivate.h	(working copy)
> @@ -43,6 +43,14 @@ @interface NSObject (WebResourceLoadDele
> +/*!
> + @method webView:resource:canAuthenticateAgainstProtectionSpace:forDataSource:
> + @abstract Inspect an NSURLProtectionSpace before an authentication attempt is made
> + @param protectionSpace an NSURLProtectionSpace that will be used to generate an authentication challenge
> + @result Return YES if the resource load delegate is prepared to respond to an authentication challenge generated with protectionSpace, NO otherwise
> + */
> +- (BOOL)webView:(WebView *)sender resource:(id)identifier canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace forDataSource:(WebDataSource *)dataSource;

This needs some kind of #if/#endif protection so it can't be used on Tiger or Leopard.

> Index: WebKit/mac/WebView/WebView.mm
> ===================================================================
> --- WebKit/mac/WebView/WebView.mm	(revision 58413)
> +++ WebKit/mac/WebView/WebView.mm	(working copy)
> @@ -1377,6 +1377,7 @@ - (void)_cacheResourceLoadDelegateImplem
>      cache->didFinishLoadingFromDataSourceFunc = getMethod(delegate, @selector(webView:resource:didFinishLoadingFromDataSource:));
>      cache->didLoadResourceFromMemoryCacheFunc = getMethod(delegate, @selector(webView:didLoadResourceFromMemoryCache:response:length:fromDataSource:));
>      cache->didReceiveAuthenticationChallengeFunc = getMethod(delegate, @selector(webView:resource:didReceiveAuthenticationChallenge:fromDataSource:));
> +    cache->canAuthenticateAgainstProtectionSpaceFunc = getMethod(delegate, @selector(webView:resource:canAuthenticateAgainstProtectionSpace:forDataSource:));
>      cache->didReceiveContentLengthFunc = getMethod(delegate, @selector(webView:resource:didReceiveContentLength:fromDataSource:));
>      cache->didReceiveResponseFunc = getMethod(delegate, @selector(webView:resource:didReceiveResponse:fromDataSource:));
>      cache->identifierForRequestFunc = getMethod(delegate, @selector(webView:identifierForInitialRequest:fromDataSource:));

This should have #if USE(PROTECTION_SPACE_AUTH_CALLBACK)/#endif macro guards.

r=me with the fixes above.
Comment 6 Mike Thole 2010-04-28 16:17:01 PDT
Committed revision 58442.
Comment 7 WebKit Review Bot 2010-04-28 16:43:44 PDT
http://trac.webkit.org/changeset/58442 might have broken Qt Linux ARMv7 Release