If a Web site includes a WWW-Authenticate header on a 200 response, BlackBerry pops up an authentication dialog. Other browsers (Firefox/Chrome/Opera) ignore the WWW-Authenticate header on anything other than a 401 response. This was reported by a user visiting http://www.onstar.com, which oddly provides WWW-Authenticate headers on its 301 and 200 responses.
Created attachment 140326 [details] Patch
Comment on attachment 140326 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=140326&action=review > Source/WebCore/ChangeLog:11 > + Reviewed by NOBODY (OOPS!). This ChangeLog is not of the correct format. The Reviewed by line should be at the line where "Patch by" is, and I am not sure "Patch by" is needed since you are stated as author in the first line. > ChangeLog:11 > + Reviewed by NOBODY (OOPS!). Ditto.
Created attachment 140331 [details] Patch
Why is this a manual test? On at least some platforms, DumpRenderTree/WebKitTestRunner dumps authentication delegate calls, and should be able to test automatically. Also, the test doesn't look platform specific.
Comment on attachment 140331 [details] Patch Ok for me. May want to add an automated testcase later if there is a way. I'm not familiar enough to know if we have a way to automatically test this one.
(In reply to comment #4) > Why is this a manual test? On at least some platforms, DumpRenderTree/WebKitTestRunner dumps authentication delegate calls, and should be able to test automatically. > > Also, the test doesn't look platform specific. Oops I missed this comment. So we could add a new test that is platform-independent and automated. I think we'll need some help from someone who has done this before. The fix, however, is platform-specific and seems correct.
Comment on attachment 140331 [details] Patch Clearing flags on attachment: 140331 Committed r116308: <http://trac.webkit.org/changeset/116308>
All reviewed patches have been landed. Closing bug.