Modified: trunk/Source/WebCore/ChangeLog (101620 => 101621)
--- trunk/Source/WebCore/ChangeLog 2011-12-01 07:22:15 UTC (rev 101620)
+++ trunk/Source/WebCore/ChangeLog 2011-12-01 07:27:56 UTC (rev 101621)
@@ -1,3 +1,17 @@
+2011-11-30 Alexey Proskuryakov <[email protected]>
+
+ SocketStreamHandleCFNet doesn't check for proxy errors
+ https://bugs.webkit.org/show_bug.cgi?id=71965
+
+ Reviewed by Darin Adler.
+
+ * platform/network/cf/SocketStreamHandleCFNet.cpp:
+ (WebCore::getStoredCONNECTProxyCredentials): Added a FIXME about retrieving proxy credentials.
+ (WebCore::SocketStreamHandle::addCONNECTCredentials): Added human readable messages to errors,
+ they go to Web Inspector console.
+ (WebCore::SocketStreamHandle::readStreamCallback): Handle proxy response codes other than 200
+ and 407 by failing cleanly.
+
2011-11-30 Jeremy Apthorp <[email protected]>
When the mouse is dragged out of an :active element, it should lose :hover.
Modified: trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp (101620 => 101621)
--- trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp 2011-12-01 07:22:15 UTC (rev 101620)
+++ trunk/Source/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp 2011-12-01 07:27:56 UTC (rev 101621)
@@ -310,6 +310,8 @@
static bool getStoredCONNECTProxyCredentials(const ProtectionSpace& protectionSpace, String& login, String& password)
{
+ // FIXME (<rdar://problem/10416495>): Proxy credentials should be retrieved from AuthBrokerAgent.
+
// Try system credential storage first, matching HTTP behavior (CFNetwork only asks the client for password if it couldn't find it in Keychain).
Credential storedCredential = CredentialStorage::getFromPersistentStorage(protectionSpace);
if (storedCredential.isEmpty())
@@ -344,7 +346,7 @@
if (!CFHTTPAuthenticationRequiresUserNameAndPassword(authentication.get())) {
// That's all we can offer...
- m_client->didFailSocketStream(this, SocketStreamError()); // FIXME: Provide a sensible error.
+ m_client->didFailSocketStream(this, SocketStreamError(0, m_url.string(), "Proxy authentication scheme is not supported for WebSockets"));
return;
}
@@ -369,7 +371,7 @@
if (!proxyAuthorizationString) {
// Fails e.g. for NTLM auth.
- m_client->didFailSocketStream(this, SocketStreamError()); // FIXME: Provide a sensible error.
+ m_client->didFailSocketStream(this, SocketStreamError(0, m_url.string(), "Proxy authentication scheme is not supported for WebSockets"));
return;
}
@@ -379,9 +381,9 @@
return;
}
- // FIXME: Ask the client if credentials could not be found.
+ // FIXME: On platforms where AuthBrokerAgent is not available, ask the client if credentials could not be found.
- m_client->didFailSocketStream(this, SocketStreamError()); // FIXME: Provide a sensible error.
+ m_client->didFailSocketStream(this, SocketStreamError(0, m_url.string(), "Proxy credentials are not available"));
}
CFStringRef SocketStreamHandle::copyCFStreamDescription(void* info)
@@ -447,9 +449,20 @@
if (m_connectingSubstate == WaitingForConnect) {
if (m_connectionType == CONNECTProxy) {
RetainPtr<CFHTTPMessageRef> proxyResponse(AdoptCF, wkCopyCONNECTProxyResponse(m_readStream.get(), m_httpsURL.get()));
- if (proxyResponse && (407 == CFHTTPMessageGetResponseStatusCode(proxyResponse.get()))) {
- addCONNECTCredentials(proxyResponse.get());
- return;
+ if (proxyResponse) {
+ CFIndex proxyResponseCode = CFHTTPMessageGetResponseStatusCode(proxyResponse.get());
+ switch (proxyResponseCode) {
+ case 200:
+ // Successful connection.
+ break;
+ case 407:
+ addCONNECTCredentials(proxyResponse.get());
+ return;
+ default:
+ m_client->didFailSocketStream(this, SocketStreamError(static_cast<int>(proxyResponseCode), m_url.string(), "Proxy connection could not be established"));
+ platformClose();
+ return;
+ }
}
}
} else if (m_connectingSubstate == WaitingForCredentials)
