wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Backout of changeset 6f1121e69ee9

Browse Source
This commit is contained in:
Honza Bambas 2012-10-23 17:37:02 +02:00
parent b98093ca8e
commit 80045583a2
3 changed files with 72 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
content/base/test/file_XHR_anon.sjs
View File

@ -6,8 +6,7 @@ function handleRequest(request, response) {
if (request.hasHeader("Authorization")) { if (request.hasHeader("Authorization")) {
headers["authorization"] = request.getHeader("Authorization"); headers["authorization"] = request.getHeader("Authorization");
} else { } else {
response.setStatusLine(null, 401, "Authentication required"); response.setStatusLine(null, 500, "Server Error");
response.setHeader("WWW-Authenticate", "basic realm=\"testrealm\"", true);
} }
} else { } else {
invalidHeaders.push("Authorization"); invalidHeaders.push("Authorization");

207
content/base/test/test_XHR_anon.html
View File

@ -16,162 +16,71 @@
<pre id="test"> <pre id="test">
<script class="testbody" type="application/javascript;version=1.8"> <script class="testbody" type="application/javascript;version=1.8">
// An XHR with the anon flag set will not send cookie and auth information.
const TEST_URL = "http://example.com/tests/content/base/test/file_XHR_anon.sjs";
document.cookie = "foo=bar";
let am = {
authMgr: null,
init: function() {
const {classes: Cc, interfaces: Ci} = SpecialPowers.wrap(Components);
this.authMgr = Cc["@mozilla.org/network/http-auth-manager;1"]
.getService(Components.interfaces.nsIHttpAuthManager)
},
addIdentity: function() {
this.authMgr.setAuthIdentity("http", "example.com", -1, "basic", "testrealm",
"", "example.com", "user1", "password1");
},
tearDown: function() {
this.authMgr.clearAll();
},
}
var tests = [ test1, test2, test2a, test3, test3, test3, test4, test4, test4, test5, test5, test5 ];
function runTests() { function runTests() {
if (!tests.length) { let tearDown = (function setUp() {
am.tearDown(); SimpleTest.waitForExplicitFinish();
SpecialPowers.removePermission("systemXHR", document);
SimpleTest.finish(); const {classes: Cc, interfaces: Ci} = SpecialPowers.wrap(SpecialPowers.Components);
return;
let authMgr = Cc["@mozilla.org/network/http-auth-manager;1"]
.getService(SpecialPowers.Ci.nsIHttpAuthManager)
authMgr.setAuthIdentity("http", "example.com", 80, "basic", "testrealm",
"", "example.com", "user1", "password1");
SpecialPowers.addPermission("systemXHR", true, document);
return function tearDown() {
authMgr.clearAll();
SpecialPowers.removePermission("systemXHR", document);
SimpleTest.finish();
}
}());
// An XHR with the anon flag set will not send cookie and auth information.
const TEST_URL = "http://example.com/tests/content/base/test/file_XHR_anon.sjs";
document.cookie = "foo=bar";
function withoutCredentials() {
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "withoutCredentials: .mozAnon == true");
xhr.open("GET", TEST_URL);
xhr.onload = function onload() {
is(xhr.status, 200, "withoutCredentials: " + xhr.responseText);
withCredentials();
};
xhr.onerror = function onerror() {
ok(false, "Got an error event!");
tearDown();
}
xhr.send();
} }
var test = tests.shift(); function withCredentials() {
test(); // TODO: this currently does not work as expected, see bug 761479
} let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "withCredentials: .mozAnon == true");
function test1() { xhr.open("GET", TEST_URL + "?expectAuth=true", true,
am.addIdentity(); "user2name", "pass2word");
xhr.onload = function onload() {
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); todo_is(xhr.status, 200, "withCredentials: " + xhr.responseText);
is(xhr.mozAnon, true, "test1: .mozAnon == true"); let response = JSON.parse(xhr.responseText);
xhr.open("GET", TEST_URL); todo_is(response.authorization, "Basic dXNlcjJuYW1lOnBhc3Myd29yZA==");
xhr.onload = function onload() { tearDown();
is(xhr.status, 200, "test1: " + xhr.responseText); };
am.tearDown(); xhr.onerror = function onerror() {
runTests(); ok(false, "Got an error event!");
}; tearDown();
xhr.onerror = function onerror() { }
ok(false, "Got an error event!"); xhr.send();
am.tearDown();
runTests();
} }
xhr.send();
withoutCredentials();
} }
function test2() {
am.addIdentity();
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "test2: .mozAnon == true");
xhr.open("GET", TEST_URL + "?expectAuth=true", true,
"user2name", "pass2word");
xhr.onload = function onload() {
is(xhr.status, 200, "test2: " + xhr.responseText);
let response = JSON.parse(xhr.responseText);
is(response.authorization, "Basic dXNlcjJuYW1lOnBhc3Myd29yZA==");
am.tearDown();
runTests();
};
xhr.onerror = function onerror() {
ok(false, "Got an error event!");
am.tearDown();
runTests();
}
xhr.send();
}
function test2a() {
am.addIdentity();
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "test2: .mozAnon == true");
xhr.open("GET", TEST_URL + "?expectAuth=true", true,
"user1", "pass2word");
xhr.onload = function onload() {
is(xhr.status, 200, "test2: " + xhr.responseText);
let response = JSON.parse(xhr.responseText);
is(response.authorization, "Basic dXNlcjE6cGFzczJ3b3Jk");
am.tearDown();
runTests();
};
xhr.onerror = function onerror() {
ok(false, "Got an error event!");
am.tearDown();
runTests();
}
xhr.send();
}
function test3() {
am.addIdentity();
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "test3: .mozAnon == true");
xhr.open("GET", TEST_URL + "?expectAuth=true", true);
xhr.onload = function onload() {
is(xhr.status, 401, "test3: " + xhr.responseText);
am.tearDown();
runTests();
};
xhr.onerror = function onerror() {
ok(false, "Got an error event!");
am.tearDown();
runTests();
}
xhr.send();
}
function test4() {
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "test4: .mozAnon == true");
xhr.open("GET", TEST_URL + "?expectAuth=true", true);
xhr.onload = function onload() {
is(xhr.status, 401, "test4: " + xhr.responseText);
runTests();
};
xhr.onerror = function onerror() {
ok(false, "Got an error event!");
runTests();
}
xhr.send();
}
function test5() {
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozAnon, true, "test5: .mozAnon == true");
xhr.open("GET", TEST_URL + "?expectAuth=true", true,
"user2name", "pass2word");
xhr.onload = function onload() {
is(xhr.status, 200, "test5: " + xhr.responseText);
let response = JSON.parse(xhr.responseText);
is(response.authorization, "Basic dXNlcjJuYW1lOnBhc3Myd29yZA==");
runTests();
};
xhr.onerror = function onerror() {
ok(false, "Got an error event!");
runTests();
}
xhr.send();
}
am.init();
SpecialPowers.addPermission("systemXHR", true, document);
SimpleTest.waitForExplicitFinish();
</script> </script>
</pre> </pre>
</body> </body>

32
netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
View File

@ -92,9 +92,20 @@ nsHttpChannelAuthProvider::ProcessAuthentication(uint32_t httpStatus,
if (!mProxyInfo) return NS_ERROR_NO_INTERFACE; if (!mProxyInfo) return NS_ERROR_NO_INTERFACE;
} }
uint32_t loadFlags;
rv = mAuthChannel->GetLoadFlags(&loadFlags);
if (NS_FAILED(rv)) return rv;
nsAutoCString challenges; nsAutoCString challenges;
mProxyAuth = (httpStatus == 407); mProxyAuth = (httpStatus == 407);
// Do proxy auth even if we're LOAD_ANONYMOUS
if ((loadFlags & nsIRequest::LOAD_ANONYMOUS) &&
(!mProxyAuth || !UsingHttpProxy())) {
LOG(("Skipping authentication for anonymous non-proxy request\n"));
return NS_ERROR_NOT_AVAILABLE;
}
rv = PrepareForAuthentication(mProxyAuth); rv = PrepareForAuthentication(mProxyAuth);
if (NS_FAILED(rv)) if (NS_FAILED(rv))
return rv; return rv;
@ -665,10 +676,6 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
path, ident, continuationState); path, ident, continuationState);
if (NS_FAILED(rv)) return rv; if (NS_FAILED(rv)) return rv;
uint32_t loadFlags;
rv = mAuthChannel->GetLoadFlags(&loadFlags);
if (NS_FAILED(rv)) return rv;
if (!proxyAuth) { if (!proxyAuth) {
// if this is the first challenge, then try using the identity // if this is the first challenge, then try using the identity
// specified in the URL. // specified in the URL.
@ -676,18 +683,6 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
GetIdentityFromURI(authFlags, mIdent); GetIdentityFromURI(authFlags, mIdent);
identFromURI = !mIdent.IsEmpty(); identFromURI = !mIdent.IsEmpty();
} }
if ((loadFlags & nsIRequest::LOAD_ANONYMOUS) && !identFromURI) {
LOG(("Skipping authentication for anonymous non-proxy request\n"));
return NS_ERROR_NOT_AVAILABLE;
}
// Let explicit URL credentials pass
// regardless of the LOAD_ANONYMOUS flag
}
else if ((loadFlags & nsIRequest::LOAD_ANONYMOUS) && !UsingHttpProxy()) {
LOG(("Skipping authentication for anonymous non-proxy request\n"));
return NS_ERROR_NOT_AVAILABLE;
} }
// //
@ -734,9 +729,8 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
} }
} }
else if (!identFromURI || else if (!identFromURI ||
(nsCRT::strcmp(ident->User(), nsCRT::strcmp(ident->User(),
entry->Identity().User()) == 0 && entry->Identity().User()) == 0) {
!(loadFlags && nsIChannel::LOAD_ANONYMOUS))) {
LOG((" taking identity from auth cache\n")); LOG((" taking identity from auth cache\n"));
// the password from the auth cache is more likely to be // the password from the auth cache is more likely to be
// correct than the one in the URL. at least, we know that it // correct than the one in the URL. at least, we know that it