WebKit Bugzilla
Attachment 347114 Details for
Bug 186870
: NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-186870-20180814150137.patch (text/plain), 45.34 KB, created by
Ansh Shukla
on 2018-08-14 15:01:38 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Ansh Shukla
Created:
2018-08-14 15:01:38 PDT
Size:
45.34 KB
patch
obsolete
>Subversion Revision: 234713 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 1a7de65ef11598dd4becab5c46542292ae1bd4f1..dc6b6b6668162da87c753ad376a0ea0761ee259e 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,21 @@ >+2018-08-09 Ansh Shukla <ansh_shukla@apple.com> >+ >+ NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault >+ https://bugs.webkit.org/show_bug.cgi?id=186870 >+ <rdar://problem/41314410> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add the ProtectionSpaceAuthenticationSchemeOAuth type. >+ >+ * platform/network/ProtectionSpaceBase.cpp: >+ (WebCore::ProtectionSpaceBase::isPasswordBased const): Return yes because the oauth challenge >+ expects a token in return. >+ * platform/network/ProtectionSpaceBase.h: >+ * platform/network/cocoa/ProtectionSpaceCocoa.mm: >+ (WebCore::scheme): >+ (WebCore::ProtectionSpace::nsSpace const): >+ > 2018-08-08 Don Olmstead <don.olmstead@sony.com> > > [Nicosia] Add the Nicosia-specific PlatformLayer type alias >diff --git a/Source/WebCore/PAL/ChangeLog b/Source/WebCore/PAL/ChangeLog >index fa8557c7e9ea58558e24207f743683b6d8460848..7ea79bb1e86ceb51c266ca0a4c645520c73aefec 100644 >--- a/Source/WebCore/PAL/ChangeLog >+++ b/Source/WebCore/PAL/ChangeLog >@@ -1,3 +1,14 @@ >+2018-08-09 Ansh Shukla <ansh_shukla@apple.com> >+ >+ NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault >+ https://bugs.webkit.org/show_bug.cgi?id=186870 >+ <rdar://problem/41314410> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * pal/spi/cf/CFNetworkSPI.h: Declare OAuth string when not building against the >+ internal SDK. >+ > 2018-08-07 Ryan Haddad <ryanhaddad@apple.com> > > Unreviewed, suppress warnings to fix the build. >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index b854c601526f4042875433994e5781d73e4bb17a..1a7873d1a894f6f2ccc4eb7af67ff7f06a91232c 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,17 @@ >+2018-08-09 Ansh Shukla <ansh_shukla@apple.com> >+ >+ NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault >+ https://bugs.webkit.org/show_bug.cgi?id=186870 >+ <rdar://problem/41314410> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Correctly expose the OAuth protection space type in API. >+ >+ * UIProcess/API/C/WKAPICast.h: >+ (WebKit::toAPI): >+ * UIProcess/API/C/WKProtectionSpaceTypes.h: >+ > 2018-08-08 Commit Queue <commit-queue@webkit.org> > > Unreviewed, rolling out r234314, r234320, and r234321. >diff --git a/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h b/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h >index d9ba909b7fb6f8fbd0d8d2915f3183b223376554..3dc2950aad8b4aa2ad6b1780b94f7a2508318ef3 100644 >--- a/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h >+++ b/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h >@@ -178,6 +178,8 @@ typedef void (^CFCachedURLResponseCallBackBlock)(CFCachedURLResponseRef); > #endif > @end > >+extern NSString * const NSURLAuthenticationMethodOAuth; >+ > #endif // defined(__OBJC__) > > #endif // !PLATFORM(WIN) && !USE(APPLE_INTERNAL_SDK) >diff --git a/Source/WebCore/platform/network/ProtectionSpaceBase.cpp b/Source/WebCore/platform/network/ProtectionSpaceBase.cpp >index fca64c8012e6d6c72ca2a1e066be49e131ed4696..14eac6a042ee7134d1251ef3f197ba2b0b651952 100644 >--- a/Source/WebCore/platform/network/ProtectionSpaceBase.cpp >+++ b/Source/WebCore/platform/network/ProtectionSpaceBase.cpp >@@ -108,6 +108,7 @@ bool ProtectionSpaceBase::isPasswordBased() const > case ProtectionSpaceAuthenticationSchemeHTMLForm: > case ProtectionSpaceAuthenticationSchemeNTLM: > case ProtectionSpaceAuthenticationSchemeNegotiate: >+ case ProtectionSpaceAuthenticationSchemeOAuth: > return true; > case ProtectionSpaceAuthenticationSchemeClientCertificateRequested: > case ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested: >diff --git a/Source/WebCore/platform/network/ProtectionSpaceBase.h b/Source/WebCore/platform/network/ProtectionSpaceBase.h >index b393e6401846ddbd2c9f6027ad1646ae9816c408..720592dbb9f821b131c3872579b4afb9277d157d 100644 >--- a/Source/WebCore/platform/network/ProtectionSpaceBase.h >+++ b/Source/WebCore/platform/network/ProtectionSpaceBase.h >@@ -52,6 +52,7 @@ enum ProtectionSpaceAuthenticationScheme { > ProtectionSpaceAuthenticationSchemeNegotiate = 6, > ProtectionSpaceAuthenticationSchemeClientCertificateRequested = 7, > ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested = 8, >+ ProtectionSpaceAuthenticationSchemeOAuth = 9, > ProtectionSpaceAuthenticationSchemeUnknown = 100 > }; > >diff --git a/Source/WebCore/platform/network/cocoa/ProtectionSpaceCocoa.mm b/Source/WebCore/platform/network/cocoa/ProtectionSpaceCocoa.mm >index db1fb51bf99027bc2f3530a5d518b0ff7b7861bb..6218ceab2fb32251770fb12e0142fcd9ef16d24d 100644 >--- a/Source/WebCore/platform/network/cocoa/ProtectionSpaceCocoa.mm >+++ b/Source/WebCore/platform/network/cocoa/ProtectionSpaceCocoa.mm >@@ -26,6 +26,8 @@ > #import "config.h" > #import "ProtectionSpaceCocoa.h" > >+#import <pal/spi/cf/CFNetworkSPI.h> >+ > namespace WebCore { > > static ProtectionSpaceServerType type(NSURLProtectionSpace *space) >@@ -80,6 +82,8 @@ static ProtectionSpaceAuthenticationScheme scheme(NSURLProtectionSpace *space) > if ([method isEqualToString:NSURLAuthenticationMethodServerTrust]) > return ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested; > #endif >+ if ([method isEqualToString:NSURLAuthenticationMethodOAuth]) >+ return ProtectionSpaceAuthenticationSchemeOAuth; > > ASSERT_NOT_REACHED(); > return ProtectionSpaceAuthenticationSchemeUnknown; >@@ -155,6 +159,9 @@ NSURLProtectionSpace *ProtectionSpace::nsSpace() const > method = NSURLAuthenticationMethodClientCertificate; > break; > #endif >+ case ProtectionSpaceAuthenticationSchemeOAuth: >+ method = NSURLAuthenticationMethodOAuth; >+ break; > default: > ASSERT_NOT_REACHED(); > } >diff --git a/Source/WebKit/UIProcess/API/C/WKAPICast.h b/Source/WebKit/UIProcess/API/C/WKAPICast.h >index c50e1f92e00f30a15140df29ad8761688c668998..e65fd97026ce9d982843b39bb6f8798e2874912e 100644 >--- a/Source/WebKit/UIProcess/API/C/WKAPICast.h >+++ b/Source/WebKit/UIProcess/API/C/WKAPICast.h >@@ -364,6 +364,8 @@ inline WKProtectionSpaceAuthenticationScheme toAPI(WebCore::ProtectionSpaceAuthe > return kWKProtectionSpaceAuthenticationSchemeClientCertificateRequested; > case WebCore::ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested: > return kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested; >+ case WebCore::ProtectionSpaceAuthenticationSchemeOAuth: >+ return kWKProtectionSpaceAuthenticationSchemeOAuth; > default: > return kWKProtectionSpaceAuthenticationSchemeUnknown; > } >diff --git a/Source/WebKit/UIProcess/API/C/WKProtectionSpaceTypes.h b/Source/WebKit/UIProcess/API/C/WKProtectionSpaceTypes.h >index 4741460490c16f8e15daca02823c79619709f51b..1b25d038746ce085e2da2e8f1e62030445354b00 100644 >--- a/Source/WebKit/UIProcess/API/C/WKProtectionSpaceTypes.h >+++ b/Source/WebKit/UIProcess/API/C/WKProtectionSpaceTypes.h >@@ -53,6 +53,7 @@ enum { > kWKProtectionSpaceAuthenticationSchemeNegotiate, > kWKProtectionSpaceAuthenticationSchemeClientCertificateRequested, > kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested, >+ kWKProtectionSpaceAuthenticationSchemeOAuth, > kWKProtectionSpaceAuthenticationSchemeUnknown = 100, > }; > typedef uint32_t WKProtectionSpaceAuthenticationScheme; >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index f6e97929d3f9debb5d4fbd3b5982a65917bbdb65..f2a56975fb5a234efecbd5f55ee48cb82d597c43 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,16 @@ >+2018-08-14 Ansh Shukla <ansh_shukla@apple.com> >+ >+ NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault >+ https://bugs.webkit.org/show_bug.cgi?id=186870 >+ <rdar://problem/41314410> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * WebKitTestRunner/TestController.cpp: >+ (WTR::toString): >+ (WTR::TestController::canAuthenticateAgainstProtectionSpace): Expose type of authentication challenge so we can test OAuth. >+ (WTR::TestController::didReceiveAuthenticationChallenge): >+ > 2018-08-08 Ross Kirsling <ross.kirsling@sony.com> > > run-builtins-generator-tests does not correctly handle CRLFs from stderr >diff --git a/Tools/WebKitTestRunner/TestController.cpp b/Tools/WebKitTestRunner/TestController.cpp >index 0e7d8e6a48f3dac164914854bb6031ff0cd9df01..f8d7fd7964b709cb85521f3d1fc2787c0272d6ab 100644 >--- a/Tools/WebKitTestRunner/TestController.cpp >+++ b/Tools/WebKitTestRunner/TestController.cpp >@@ -1810,6 +1810,32 @@ void TestController::didReceiveServerRedirectForProvisionalNavigation(WKPageRef > return; > } > >+static const char* toString(WKProtectionSpaceAuthenticationScheme scheme) >+{ >+ switch (scheme) { >+ case kWKProtectionSpaceAuthenticationSchemeDefault: >+ return "ProtectionSpaceAuthenticationSchemeDefault"; >+ case kWKProtectionSpaceAuthenticationSchemeHTTPBasic: >+ return "ProtectionSpaceAuthenticationSchemeHTTPBasic"; >+ case kWKProtectionSpaceAuthenticationSchemeHTMLForm: >+ return "ProtectionSpaceAuthenticationSchemeHTMLForm"; >+ case kWKProtectionSpaceAuthenticationSchemeNTLM: >+ return "ProtectionSpaceAuthenticationSchemeNTLM"; >+ case kWKProtectionSpaceAuthenticationSchemeNegotiate: >+ return "ProtectionSpaceAuthenticationSchemeNegotiate"; >+ case kWKProtectionSpaceAuthenticationSchemeClientCertificateRequested: >+ return "ProtectionSpaceAuthenticationSchemeClientCertificateRequested"; >+ case kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested: >+ return "ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested"; >+ case kWKProtectionSpaceAuthenticationSchemeOAuth: >+ return "ProtectionSpaceAuthenticationSchemeOAuth"; >+ case kWKProtectionSpaceAuthenticationSchemeUnknown: >+ return "ProtectionSpaceAuthenticationSchemeUnknown"; >+ } >+ ASSERT_NOT_REACHED(); >+ return "ProtectionSpaceAuthenticationSchemeUnknown"; >+} >+ > bool TestController::canAuthenticateAgainstProtectionSpace(WKPageRef page, WKProtectionSpaceRef protectionSpace) > { > if (m_shouldLogCanAuthenticateAgainstProtectionSpace) >@@ -1821,7 +1847,7 @@ bool TestController::canAuthenticateAgainstProtectionSpace(WKPageRef page, WKPro > return host == "localhost" || host == "127.0.0.1" || (m_allowAnyHTTPSCertificateForAllowedHosts && m_allowedHosts.find(host) != m_allowedHosts.end()); > } > >- return authenticationScheme <= kWKProtectionSpaceAuthenticationSchemeHTTPDigest; >+ return authenticationScheme <= kWKProtectionSpaceAuthenticationSchemeHTTPDigest || authenticationScheme == kWKProtectionSpaceAuthenticationSchemeOAuth; > } > > void TestController::didFinishNavigation(WKPageRef page, WKNavigationRef navigation) >@@ -1841,8 +1867,9 @@ void TestController::didReceiveAuthenticationChallenge(WKPageRef page, WKAuthent > { > WKProtectionSpaceRef protectionSpace = WKAuthenticationChallengeGetProtectionSpace(authenticationChallenge); > WKAuthenticationDecisionListenerRef decisionListener = WKAuthenticationChallengeGetDecisionListener(authenticationChallenge); >+ WKProtectionSpaceAuthenticationScheme authenticationScheme = WKProtectionSpaceGetAuthenticationScheme(protectionSpace); > >- if (WKProtectionSpaceGetAuthenticationScheme(protectionSpace) == kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) { >+ if (authenticationScheme == kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) { > // Any non-empty credential signals to accept the server trust. Since the cross-platform API > // doesn't expose a way to create a credential from server trust, we use a password credential. > >@@ -1859,7 +1886,7 @@ void TestController::didReceiveAuthenticationChallenge(WKPageRef page, WKAuthent > > std::string host = toSTD(adoptWK(WKProtectionSpaceCopyHost(protectionSpace)).get()); > int port = WKProtectionSpaceGetPort(protectionSpace); >- String message = String::format("%s:%d - didReceiveAuthenticationChallenge - ", host.c_str(), port); >+ String message = String::format("%s:%d - didReceiveAuthenticationChallenge - %s - ", host.c_str(), port, toString(authenticationScheme)); > if (!m_handlesAuthenticationChallenges) > message.append("Simulating cancelled authentication sheet\n"); > else >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 19704804ea20f71c02455a50c699b2e8f4b8c672..2537dc523a16933486c59b651375ebf7b811d3fe 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,16 @@ >+2018-08-14 Ansh Shukla <ansh_shukla@apple.com> >+ >+ NSURLAuthenticationMethodOAuth challenges are surfaced to clients in -didReceiveAuthenticationChallenge as NSURLAuthenticationMethodDefault >+ https://bugs.webkit.org/show_bug.cgi?id=186870 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Ensure the exposed authentication type to clients is OAuth. >+ >+ * http/tests/loading/oauth-expected.txt: Added. >+ * http/tests/loading/oauth.html: Added. >+ * http/tests/loading/resources/oauth-subresource.php: Added. >+ > 2018-08-08 Basuke Suzuki <Basuke.Suzuki@sony.com> > > [Curl] Test gardening >diff --git a/LayoutTests/http/tests/cache/disk-cache/speculative-validation/http-auth-expected.txt b/LayoutTests/http/tests/cache/disk-cache/speculative-validation/http-auth-expected.txt >index 528d046f9e16b1a7b2e5296a6c489622d85fc48e..3c4720b1e0003293553ba466d1a2c48ef9ce2e7c 100644 >--- a/LayoutTests/http/tests/cache/disk-cache/speculative-validation/http-auth-expected.txt >+++ b/LayoutTests/http/tests/cache/disk-cache/speculative-validation/http-auth-expected.txt >@@ -1,5 +1,5 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUsername:testPassword >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUsername:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > Tests speculative revalidation of authenticated resources. > > On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >diff --git a/LayoutTests/http/tests/loading/oauth-expected.txt b/LayoutTests/http/tests/loading/oauth-expected.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..2fd8de6153dce7d3c01975319ab8d67ac02d8a64 >--- /dev/null >+++ b/LayoutTests/http/tests/loading/oauth-expected.txt >@@ -0,0 +1,8 @@ >+main frame - didStartProvisionalLoadForFrame >+main frame - didCommitLoadForFrame >+main frame - didFinishDocumentLoadForFrame >+main frame - didHandleOnloadEventsForFrame >+main frame - didFinishLoadForFrame >+canAuthenticateAgainstProtectionSpace >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeOAuth - Simulating cancelled authentication sheet >+ >diff --git a/LayoutTests/http/tests/loading/oauth.html b/LayoutTests/http/tests/loading/oauth.html >new file mode 100644 >index 0000000000000000000000000000000000000000..053d69ae3b96338ec45df8c08bc6a56459cd89d2 >--- /dev/null >+++ b/LayoutTests/http/tests/loading/oauth.html >@@ -0,0 +1,15 @@ >+<script src="/js-test-resources/js-test-pre.js"></script> >+<script> >+if (window.testRunner) { >+ testRunner.dumpAsText(); >+ testRunner.waitUntilDone(); >+ testRunner.setHandlesAuthenticationChallenges(false); >+ testRunner.setShouldLogCanAuthenticateAgainstProtectionSpace(true); >+ testRunner.waitUntilDone(); >+} >+ >+fetch("resources/oauth-subresource.php").then(()=>{ >+ if (window.testRunner) >+ testRunner.notifyDone(); >+}); >+</script> >diff --git a/LayoutTests/http/tests/loading/resources/oauth-subresource.php b/LayoutTests/http/tests/loading/resources/oauth-subresource.php >new file mode 100644 >index 0000000000000000000000000000000000000000..970396f9786908ce17a178d106a5b2aa1b07ddfe >--- /dev/null >+++ b/LayoutTests/http/tests/loading/resources/oauth-subresource.php >@@ -0,0 +1,9 @@ >+<?php >+$realm = $_SERVER['REQUEST_URI']; >+ >+header("Cache-Control: no-store"); >+header("WWW-Authenticate: OAuth realm=\"" . $realm . "\""); >+header('HTTP/1.1 401 Unauthorized'); >+echo "Sent OAuth Challenge."; >+exit; >+?> >diff --git a/LayoutTests/platform/mac-wk2/http/tests/inspector/network/resource-request-headers-expected.txt b/LayoutTests/platform/mac-wk2/http/tests/inspector/network/resource-request-headers-expected.txt >index 94cf5394a195d7ec3507e5b2d25b3ea73d683959..7c2040f743e1cb20e62e548fcfb432b0adc13220 100644 >--- a/LayoutTests/platform/mac-wk2/http/tests/inspector/network/resource-request-headers-expected.txt >+++ b/LayoutTests/platform/mac-wk2/http/tests/inspector/network/resource-request-headers-expected.txt >@@ -1,5 +1,5 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > Test for Resource request headers which may not have been immediately available but eventually are (Cookie, Authorization). > > >diff --git a/LayoutTests/platform/wk2/http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials-expected.txt b/LayoutTests/platform/wk2/http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials-expected.txt >index 59ea275f49a6c346442949137f7faaa172c64d08..5a5c1acc0fdee6c3915b60aa897b860ec9d2e329 100644 >--- a/LayoutTests/platform/wk2/http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials-expected.txt >@@ -3,7 +3,7 @@ main frame - didCommitLoadForFrame > main frame - didFinishDocumentLoadForFrame > frame "<!--frame1-->" - didStartProvisionalLoadForFrame > frame "<!--frame1-->" - didReceiveServerRedirectForProvisionalLoadForFrame >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with httpUsername:httpPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with httpUsername:httpPassword > frame "<!--frame1-->" - didCommitLoadForFrame > frame "<!--frame1-->" - didFinishDocumentLoadForFrame > frame "<!--frame1-->" - didHandleOnloadEventsForFrame >diff --git a/LayoutTests/platform/wk2/http/tests/loading/basic-auth-resend-wrong-credentials-expected.txt b/LayoutTests/platform/wk2/http/tests/loading/basic-auth-resend-wrong-credentials-expected.txt >index 607e0d80e81d636d29a8240d3f839418989157ea..b90b367768e6c6ee4039f91dbe211933328c2532 100644 >--- a/LayoutTests/platform/wk2/http/tests/loading/basic-auth-resend-wrong-credentials-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/loading/basic-auth-resend-wrong-credentials-expected.txt >@@ -4,13 +4,13 @@ main frame - didFinishDocumentLoadForFrame > main frame - didHandleOnloadEventsForFrame > main frame - didFinishLoadForFrame > frame "<!--frame1-->" - didStartProvisionalLoadForFrame >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with wrongusername:wrongpassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with wrongusername:wrongpassword > frame "<!--frame1-->" - didCommitLoadForFrame > frame "<!--frame1-->" - didFinishDocumentLoadForFrame > frame "<!--frame1-->" - didHandleOnloadEventsForFrame > frame "<!--frame1-->" - didFinishLoadForFrame > frame "<!--frame2-->" - didStartProvisionalLoadForFrame >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with correctusername:correctpassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with correctusername:correctpassword > frame "<!--frame2-->" - didCommitLoadForFrame > frame "<!--frame2-->" - didFinishDocumentLoadForFrame > frame "<!--frame2-->" - didHandleOnloadEventsForFrame >diff --git a/LayoutTests/platform/wk2/http/tests/loading/basic-credentials-sent-automatically-expected.txt b/LayoutTests/platform/wk2/http/tests/loading/basic-credentials-sent-automatically-expected.txt >index 754f507dcfbd8f5274d66c2d307e30ddbd16a2ec..eb91ebbe3b8c3e89f9a616b2b3c36ba57c066fee 100644 >--- a/LayoutTests/platform/wk2/http/tests/loading/basic-credentials-sent-automatically-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/loading/basic-credentials-sent-automatically-expected.txt >@@ -4,13 +4,13 @@ main frame - didFinishDocumentLoadForFrame > main frame - didHandleOnloadEventsForFrame > main frame - didFinishLoadForFrame > frame "<!--frame1-->" - didStartProvisionalLoadForFrame >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with first:first-pw >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with first:first-pw > frame "<!--frame1-->" - didCommitLoadForFrame > frame "<!--frame1-->" - didFinishDocumentLoadForFrame > frame "<!--frame1-->" - didHandleOnloadEventsForFrame > frame "<!--frame1-->" - didFinishLoadForFrame > frame "<!--frame2-->" - didStartProvisionalLoadForFrame >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with second:second-pw >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with second:second-pw > frame "<!--frame2-->" - didCommitLoadForFrame > frame "<!--frame2-->" - didFinishDocumentLoadForFrame > frame "<!--frame2-->" - didHandleOnloadEventsForFrame >diff --git a/LayoutTests/platform/wk2/http/tests/media/video-auth-expected.txt b/LayoutTests/platform/wk2/http/tests/media/video-auth-expected.txt >index dc8012b8ce3a9af0af5a757c4b8bc080dac5d635..7727441875671f13bed0fac45163d57574cdbd61 100644 >--- a/LayoutTests/platform/wk2/http/tests/media/video-auth-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/media/video-auth-expected.txt >@@ -1,4 +1,4 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with username:password >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with username:password > > Tests that the media player sends authorization credentials when requesting a media file. > Testing same domain (127.0.0.1) >diff --git a/LayoutTests/platform/wk2/http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials-expected.txt b/LayoutTests/platform/wk2/http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >index 00e0753eb03a4748bb13fab5624b99b0d23c2e2c..8de44778bf93d780ef5202b3d1930d6f2bfca03c 100644 >--- a/LayoutTests/platform/wk2/http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >@@ -1,5 +1,5 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with username:password >-localhost:8000 - didReceiveAuthenticationChallenge - Responding with username:password >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with username:password >+localhost:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with username:password > > Tests that the media player sends authorization credentials when requesting a media file. > Testing same domain (127.0.0.1) >diff --git a/LayoutTests/platform/wk2/http/tests/misc/401-alternative-content-expected.txt b/LayoutTests/platform/wk2/http/tests/misc/401-alternative-content-expected.txt >index bab608a35065b1416a4fd2ce5fc6525427c73309..ea00363a95c9caf99c7cd3429896ceb9862fdab8 100644 >--- a/LayoutTests/platform/wk2/http/tests/misc/401-alternative-content-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/misc/401-alternative-content-expected.txt >@@ -1,2 +1,2 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > PASS >diff --git a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin-expected.txt b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin-expected.txt >index 74f972bee5e1087579c66230cd63690e9b419ba5..d859b159cce442d885b90d0f93c87bd91bec9063 100644 >--- a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-1/authentication-sent-to-redirect-cross-origin-expected.txt >@@ -1,4 +1,4 @@ >-localhost:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+localhost:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > https://bugs.webkit.org/show_bug.cgi?id=40138 > You should load this page at 127.0.0.1:8000 so localhost:8000 is considered a different security origin. > This test loads a php script which demands http authentication, then uses it to redirect to another script in a different origin that shows what authentication headers were sent with the final request. >diff --git a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin-expected.txt b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin-expected.txt >index 992031014ef9bf7cd526162189a6e44fc53590bb..d59fee57448c77cdd432d6d81be49bed5f03799b 100644 >--- a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-2/authentication-sent-to-redirect-same-origin-expected.txt >@@ -1,4 +1,4 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > https://bugs.webkit.org/show_bug.cgi?id=66354 > You should load this page at 127.0.0.1:8000 because the test relies on redirects within the 127.0.0.1:8000 security origin. > This test loads a php script which demands http authentication, then uses it to redirect to another script in the same origin that shows what authentication headers were sent with the final request. >diff --git a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials-expected.txt b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials-expected.txt >index a80c80b1fbf5da14f4602ad46e7862426b27c720..89d98d0ae37c9090acd6d4de1d094420fce392b3 100644 >--- a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-3/authentication-sent-to-redirect-same-origin-with-location-credentials-expected.txt >@@ -1,4 +1,4 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > https://bugs.webkit.org/show_bug.cgi?id=66354 > You should load this page at 127.0.0.1:8000 because the test relies on redirects within the 127.0.0.1:8000 security origin. > This test loads a php script which demands http authentication, then uses it to redirect to another script in the same origin that shows what authentication headers were sent with the final request. >diff --git a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url-expected.txt b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url-expected.txt >index b72f4b38f2eceeeb67b5f59cf230c48784025585..217c8caa6d34439a38e29da088b886b967cb77c8 100644 >--- a/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/misc/authentication-redirect-4/authentication-sent-to-redirect-same-origin-url-expected.txt >@@ -1,4 +1,4 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > https://bugs.webkit.org/show_bug.cgi?id=105190 > You should load this page at 127.0.0.1:8000 because the test relies on redirects within the 127.0.0.1:8000 security origin. > This test loads a php script which demands http authentication, then uses it to redirect via 301 to another script in the same origin that shows what authentication headers were sent with the final request. It verifies that the credentials are not placed in the final URL. >diff --git a/LayoutTests/platform/wk2/http/tests/security/401-logout/401-logout-expected.txt b/LayoutTests/platform/wk2/http/tests/security/401-logout/401-logout-expected.txt >index fdfad3861d22bfbf21023d9f58156385a710b97c..412b71179779b8efe8d0d5881df455cce0f503bc 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/401-logout/401-logout-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/401-logout/401-logout-expected.txt >@@ -1,3 +1,3 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with username:password >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with username:password >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > PASS >diff --git a/LayoutTests/platform/wk2/http/tests/security/basic-auth-subresource-expected.txt b/LayoutTests/platform/wk2/http/tests/security/basic-auth-subresource-expected.txt >index 3aa99434903a9bff52320be7b6ce72cbfad8f380..6b9ff0303796438223c4f4e3de654009307ece34 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/basic-auth-subresource-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/basic-auth-subresource-expected.txt >@@ -1,8 +1,8 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > CONSOLE MESSAGE: Blocked http://localhost:8000/security/resources/subresource1/protected-image.php from asking for credentials because it is a cross-origin request. > CONSOLE MESSAGE: Blocked https://localhost:8443/security/resources/subresource1/protected-image.php from asking for credentials because it is a cross-origin request. > CONSOLE MESSAGE: Blocked http://localhost:8000/security/resources/subresource2/protected-image.php from asking for credentials because it is a cross-origin request. >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > CONSOLE MESSAGE: Blocked https://127.0.0.1:8443/security/resources/subresource2/protected-image.php from asking for credentials because it is a cross-origin request. > CONSOLE MESSAGE: Blocked https://localhost:8443/security/resources/subresource2/protected-image.php from asking for credentials because it is a cross-origin request. > CONSOLE MESSAGE: Blocked https://127.0.0.1:8443/security/resources/subresource2/protected-image.php from asking for credentials because it is a cross-origin request. >diff --git a/LayoutTests/platform/wk2/http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials-expected.txt b/LayoutTests/platform/wk2/http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >index a19746e9330a87269172431daca3e0c3575f1c07..19193f462938b5adb8204d76feabfda2bda78189 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/credentials-iframes-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >@@ -1,4 +1,4 @@ > ALERT: parent host: 127.0.0.1 iframe host: 127.0.0.1 credentials:User: same-domain-user, password: same-domain-password. >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > ALERT: parent host: localhost iframe host: 127.0.0.1 credentials:Authentication canceled > >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >index e5ee7e8227f86c4f6539e8ea8035d2de33655206..b5028ba59942f7cfa093d86162999180a86c7ea2 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >@@ -1,6 +1,6 @@ > CONSOLE MESSAGE: line 33: The page at https://127.0.0.1:8443/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html was allowed to display insecure content from http://localhost:8000/security/mixedContent/resources/subresource2/protected-image.php. > >-localhost:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+localhost:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > Tests that we do not ask for credentials when loading an insecure image that requires basic authentication. > > On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >index 252c48083b57cbdc76f1133b0f5b7ba3a7ea5d8a..8c6e8bc1743b41cf70e1e5b9fb5561c62e4e49da 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials-expected.txt >@@ -1,6 +1,6 @@ > CONSOLE MESSAGE: line 18: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-redirects-to-basic-auth-secure-image.html?allowCrossOriginSubresourcesToAskForCredentials=1 was allowed to display insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php. > >-localhost:8443 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+localhost:8443 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > This test opens a new window to a secure page that loads an insecure image that redirects to a secure image guarded by basic authentication. The image should load. > > PASS did load image. >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt >index 4ab9a32b9913214ad13273f6d0aabb1d7b13597d..ce61e7620ce96550126c8d4131f1db90da673919 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt >@@ -1,2 +1,2 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > Authenticated with username testUser. >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt >index b019aa7d6896c37cc55d1293032df379cd07c033..0020e7614fb706a017e897e27f97e4f5c2111b82 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt >@@ -1,2 +1,2 @@ >-127.0.0.1:8443 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+127.0.0.1:8443 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > Authenticated with username testUser. >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >index 44a59e64169c85cf60f09aed079f08f4a3447da1..42d674b23bd4853bb4eb226f5fcfe8442b405f7a 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >@@ -1,6 +1,6 @@ > CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html was allowed to display insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php. > >-localhost:8443 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+localhost:8443 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > This test loads a secure image that redirects to an insecure image that redirects to a secure image guarded by basic authentication. The image should load. > > On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >index da01ffab2b62caf9b26a14d507b4aec6d04d1b0b..dd01562823ce0c75b28621f0b369eb0b9b6470b7 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >@@ -1,6 +1,6 @@ > CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html was allowed to display insecure content from http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php. > >-localhost:8080 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+localhost:8080 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The image should load. > > On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >diff --git a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >index 3f96a8a4b622c147c4a402c474803428c11a5687..eb9c90ca67586c5e36b45a4a24a95d93c2da2e7c 100644 >--- a/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt >@@ -1,4 +1,4 @@ >-localhost:8443 - didReceiveAuthenticationChallenge - Responding with testUser:testPassword >+localhost:8443 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Responding with testUser:testPassword > This test loads a secure image that redirects to a secure image that redirects to a secure image guarded by basic authentication. The secure image should load. > > On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >diff --git a/LayoutTests/platform/wk2/http/tests/xmlhttprequest/failed-auth-expected.txt b/LayoutTests/platform/wk2/http/tests/xmlhttprequest/failed-auth-expected.txt >index 7259256ec9d471ed33feba68fa19eb40fad46eec..cb01ef1fbc56913c275415ac2c2942b4bd30f9bf 100644 >--- a/LayoutTests/platform/wk2/http/tests/xmlhttprequest/failed-auth-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/xmlhttprequest/failed-auth-expected.txt >@@ -1,5 +1,5 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > Test for bug 13075: XMLHttpRequest with failed authentication should set status to 401. > > Sync, no credentials: OK >diff --git a/LayoutTests/platform/wk2/http/tests/xmlhttprequest/remember-bad-password-expected.txt b/LayoutTests/platform/wk2/http/tests/xmlhttprequest/remember-bad-password-expected.txt >index 400187f12121e53d9c74145377d07c156903378e..7a5142612406e9b23b6f577d811f3edcfd88cb1c 100644 >--- a/LayoutTests/platform/wk2/http/tests/xmlhttprequest/remember-bad-password-expected.txt >+++ b/LayoutTests/platform/wk2/http/tests/xmlhttprequest/remember-bad-password-expected.txt >@@ -1,5 +1,5 @@ >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >-127.0.0.1:8000 - didReceiveAuthenticationChallenge - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet >+127.0.0.1:8000 - didReceiveAuthenticationChallenge - ProtectionSpaceAuthenticationSchemeHTTPBasic - Simulating cancelled authentication sheet > rdar://problem/7062824 A wrong password entered for site or proxy auth remains in WebCore credential storage, and is sent with subsequent requests. > > This test counts the number of failed requests server side.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=347114">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186870
:
343201
|
346858
|
347110
|
347114
|
347120
|
347128
|
347209
|
347213
|
347217
|
347221
|
347222
|
347230
|
347231
|
347235
|
347237
|
347238