Changeset 228386 in webkit

Timestamp:

Feb 12, 2018 11:52:00 AM (6 years ago)

Author:

jmarcell@apple.com

Message:

Cherry-pick r228231. rdar://problem/37408885

Location:

branches/safari-605-branch

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/insecure-basic-auth-image.https-expected.txt (added)
• LayoutTests/http/tests/security/mixedContent/insecure-basic-auth-image.https.html (added)
• LayoutTests/http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/resources/subresource/protected-page.php (added)
• LayoutTests/http/tests/security/mixedContent/resources/subresource2 (added)
• LayoutTests/http/tests/security/mixedContent/resources/subresource2/protected-image.php (added)
• LayoutTests/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt (added)
• LayoutTests/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html (added)
• LayoutTests/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt (added)
• LayoutTests/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html (added)
• LayoutTests/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/loader/FrameLoader.cpp (modified) (3 diffs)
• Source/WebCore/loader/FrameLoader.h (modified) (1 diff)
• Source/WebCore/loader/ResourceLoader.cpp (modified) (5 diffs)
• Source/WebCore/loader/ResourceLoader.h (modified) (5 diffs)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkLoad.cpp (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkLoadClient.h (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkResourceLoader.h (modified) (1 diff)
• Source/WebKit/WebProcess/Network/WebResourceLoader.cpp (modified) (1 diff)
• Source/WebKit/WebProcess/Network/WebResourceLoader.h (modified) (1 diff)
• Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in (modified) (1 diff)

branches/safari-605-branch/LayoutTests/ChangeLog

@@ +1 @@
+2018-02-12  Jason Marcell  <jmarcell@apple.com>
+
+        Cherry-pick r228231. rdar://problem/37408885
+
+    2018-02-07  Daniel Bates  <dabates@apple.com>
+
+            Log error when authentication challenge is blocked due to an insecure request
+            https://bugs.webkit.org/show_bug.cgi?id=182358
+
+            Reviewed by Andy Estes.
+
+            Add more tests and update expected results of existing tests now that we emit console messages.
+
+            Also fixed a typo in LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html
+            so that it tests what it actually claims to test and made the test programmatically load the image
+            to avoid output flakiness caused by the preload scanner preloading it. The preload scanner performs
+            mixed content checks and this can cause duplicate mixed content warnings in the test output.
+
+            * http/tests/security/mixedContent/insecure-basic-auth-image.https-expected.txt: Added.
+            * http/tests/security/mixedContent/insecure-basic-auth-image.https.html: Copied from LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html.
+            * http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt:
+            * http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt:
+            * http/tests/security/mixedContent/resources/subresource/protected-page.php: Added.
+            * http/tests/security/mixedContent/resources/subresource2/protected-image.php: Added.
+            * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt: Added.
+            * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html: Added.
+            * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt: Added.
+            * http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html: Added.
+            * http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt:
+            * http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt:
+            * http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html:
+
 2018-02-09  Jason Marcell  <jmarcell@apple.com>
 

branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt

@@ +1 @@
+CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-pdf.php from asking for credentials because it was loaded via an insecure redirect from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-pdf.php.
+CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-pdf.php from asking for credentials because it was navigated to from a secure page or went through an insecure redirect.
 ALERT: Unauthorized
 

branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: line 17: The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image-redirects-to-basic-auth-secure-image.html was allowed to display insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php.
 
+CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php from asking for credentials because it was loaded via an insecure redirect from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php.
 This test opens a new window to a secure page that loads an insecure image that redirects to a secure image guarded by basic authentication. The secure image should be blocked because it requires credentials and was loaded via an insecure redirect.
 

branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https.html was allowed to display insecure content from http://127.0.0.1:8080/resources/redirect.php?url=https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php.
 
+CONSOLE MESSAGE: Blocked https://localhost:8443/security/mixedContent/resources/subresource/protected-image.php from asking for credentials because it was loaded via an insecure redirect from https://127.0.0.1:8443/resources/redirect.php?url=http%3A//127.0.0.1%3A8080/resources/redirect.php%3Furl%3Dhttps%3A//localhost%3A8443/security/mixedContent/resources/subresource/protected-image.php.
 This test loads a secure image that redirects to an insecure image that redirects to a secure image guarded by basic authentication. The secure image should be blocked because it requires credentials and was loaded via an insecure redirect.
 

branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html was allowed to display insecure content from http://127.0.0.1:8443/resources/redirect.php?url=http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php.
+CONSOLE MESSAGE: The page at https://127.0.0.1:8443/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html was allowed to display insecure content from http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php.
 
+CONSOLE MESSAGE: Blocked http://localhost:8080/security/mixedContent/resources/subresource/protected-image.php from asking for credentials because it is insecure content that was loaded via a redirect from https://127.0.0.1:8443/resources/redirect.php?url=https%3A//localhost%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php.
 This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The insecure image should be blocked because it requires credentials.
 

branches/safari-605-branch/LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html

@@ -23 +23 @@
     finishJSTest();
 }
+
+function runTest()
+{
+    // Load the image programmatically instead of declaratively to avoid output flakiness caused by
+    // the preload scanner performing mixed content checks as part of preloading the image.
+    let image = new Image;
+    image.onload = fail;
+    image.onerror = pass;
+    image.src = "https://127.0.0.1:8443/resources/redirect.php?url=https%3A//localhost%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php";
+    document.body.appendChild(image);
+}
+
+window.onload = runTest;
 </script>
 <script>
 description("This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The insecure image should be blocked because it requires credentials.");
 </script>
-<img src="https://127.0.0.1:8443/resources/redirect.php?url=http%3A//127.0.0.1%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php" onerror="pass()" onload="fail()">
 </body>
 </html>

branches/safari-605-branch/Source/WebCore/ChangeLog

@@ +1 @@
+2018-02-12  Jason Marcell  <jmarcell@apple.com>
+
+        Cherry-pick r228231. rdar://problem/37408885
+
+    2018-02-07  Daniel Bates  <dabates@apple.com>
+
+            Log error when authentication challenge is blocked due to an insecure request
+            https://bugs.webkit.org/show_bug.cgi?id=182358
+
+            Reviewed by Andy Estes.
+
+            Emit an error message to Web Inspector console that explains why an authentication
+            challenge was blocked so that a developer can fix up their site.
+
+            Tests: http/tests/security/mixedContent/insecure-basic-auth-image.https.html
+                   http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html
+                   http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html
+
+            * loader/FrameLoader.cpp:
+            (WebCore::FrameLoader::receivedFirstData): Log to the console an error message
+            if the document we are loading was forbidden from prompting for credentials.
+            Also removed duplicate assertion to ensure document is non-null and update
+            call to LinkLoader::loadLinksFromHeader() to use local variable to access
+            the document we are loading instead of asking the frame for it, again.
+            (WebCore::FrameLoader::reportAuthenticationChallengeBlocked): Added.
+            * loader/FrameLoader.h:
+
+            * loader/ResourceLoader.cpp:
+            (WebCore::ResourceLoader::init):
+            (WebCore::ResourceLoader::willSendRequestInternal):
+            Track the decision to forbid asking for credentials due to Fetch spec. requirements (m_canAskClientForCredentials)
+            independently from the decision to forbid them due to making an insecure request (m_wasInsecureRequestSeen)
+            so that we know the reason why we blocked asking for credentials when we receive an authentication challenge.
+
+            (WebCore::ResourceLoader::didBlockAuthenticationChallenge): Added.
+            (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Modified code now that we track
+            whether we have seen an insecure request so far independently from decision to forbid prompting for
+            credentials due to a Fetch spec. requirement.
+
+            (WebCore::ResourceLoader::didReceiveAuthenticationChallenge):
+            Store a bit whether we have seen an insecure request when loading the resource so far. Disallow
+            asking for credentials if we have seen an insecure request so far. Once we receive a response
+
+            * loader/ResourceLoader.h:
+            (WebCore::ResourceLoader::wasAuthenticationChallengeBlocked const): Added.
+            (WebCore::ResourceLoader::wasInsecureRequestSeen const): Added.
+
 2018-02-12  Jason Marcell  <jmarcell@apple.com>
 

branches/safari-605-branch/Source/WebCore/loader/FrameLoader.cpp

@@ -116 +116 @@
 #include "Settings.h"
 #include "SubframeLoader.h"
+#include "SubresourceLoader.h"
 #include "TextResourceDecoder.h"
 #include "UserContentController.h"
@@ -679 +680 @@
     auto& document = *m_frame.document();
 
+    auto* mainResourceLoader = documentLoader.mainResourceLoader();
+    if (mainResourceLoader && mainResourceLoader->wasAuthenticationChallengeBlocked() && mainResourceLoader->wasInsecureRequestSeen())
+        reportAuthenticationChallengeBlocked(&m_frame, document.url(), ASCIILiteral { "it was navigated to from a secure page or went through an insecure redirect" });
+
     LinkLoader::loadLinksFromHeader(documentLoader.response().httpHeaderField(HTTPHeaderName::Link), document.url(), document, LinkLoader::MediaAttributeCheck::MediaAttributeEmpty);
 
@@ -1551 +1556 @@
     
     frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to use restricted network port: " + url);
+}
+
+void FrameLoader::reportAuthenticationChallengeBlocked(Frame* frame, const URL& url, const String& reason)
+{
+    if (!frame)
+        return;
+
+    frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, makeString("Blocked ", url.stringCenterEllipsizedToLength(), " from asking for credentials because ", reason, '.'));
 }
 

branches/safari-605-branch/Source/WebCore/loader/FrameLoader.h

@@ -132 +132 @@
     static void reportLocalLoadFailed(Frame*, const String& url);
     static void reportBlockedPortFailed(Frame*, const String& url);
+    static void reportAuthenticationChallengeBlocked(Frame*, const URL&, const String& reason);
 
     // FIXME: These are all functions which stop loads. We have too many.

branches/safari-605-branch/Source/WebCore/loader/ResourceLoader.cpp

@@ -134 +134 @@
     
     m_defersLoading = m_options.defersLoadingPolicy == DefersLoadingPolicy::AllowDefersLoading && m_frame->page()->defersLoading();
-    m_canAskClientForCredentials = m_options.clientCredentialPolicy == ClientCredentialPolicy::MayAskClientForCredentials && !isMixedContent(clientRequest.url());
+    m_canAskClientForCredentials = m_options.clientCredentialPolicy == ClientCredentialPolicy::MayAskClientForCredentials;
+    m_wasInsecureRequestSeen = isMixedContent(clientRequest.url());
 
     if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin().canDisplay(clientRequest.url())) {
@@ -405 +406 @@
 
     if (isMixedContent(m_request.url()) || (isRedirect && isMixedContent(request.url())))
-        m_canAskClientForCredentials = false;
+        m_wasInsecureRequestSeen = true;
 
     if (isRedirect)
@@ -463 +464 @@
 }
 
+void ResourceLoader::didBlockAuthenticationChallenge()
+{
+    m_wasAuthenticationChallengeBlocked = true;
+
+    if (!m_canAskClientForCredentials)
+        return;
+
+    if (!m_wasInsecureRequestSeen)
+        return;
+
+    // Comparing the initial request URL and final request URL does not tell us whether a redirect happened or not since
+    // a server can serve a redirect to the same URL that was requested. However, this is good enough for our purpose.
+    bool wasRedirected = m_request.url() != originalRequest().url();
+
+    bool isMixedContent = this->isMixedContent(m_request.url());
+    String reason;
+    if (isMixedContent && wasRedirected)
+        reason = makeString("it is insecure content that was loaded via a redirect from ", originalRequest().url().stringCenterEllipsizedToLength());
+    else if (isMixedContent)
+        reason = ASCIILiteral { "it is insecure content" };
+    else
+        reason = makeString("it was loaded via an insecure redirect from ", originalRequest().url().stringCenterEllipsizedToLength());
+    FrameLoader::reportAuthenticationChallengeBlocked(m_frame.get(), m_request.url(), reason);
+}
+
 void ResourceLoader::didReceiveResponse(const ResourceResponse& r)
 {
@@ -714 +740 @@
     if (!m_canAskClientForCredentials)
         return false;
+    if (m_wasInsecureRequestSeen)
+        return false;
     return m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_frame->document()->securityOrigin().canRequest(originalRequest().url()));
 }
@@ -730 +758 @@
             return;
         }
+        didBlockAuthenticationChallenge();
     }
     challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge);

branches/safari-605-branch/Source/WebCore/loader/ResourceLoader.h

@@ -90 +90 @@
     unsigned long identifier() const { return m_identifier; }
 
+    bool wasAuthenticationChallengeBlocked() const { return m_wasAuthenticationChallengeBlocked; }
+    bool wasInsecureRequestSeen() const { return m_wasInsecureRequestSeen; }
+
     virtual void releaseResources();
     const ResourceResponse& response() const { return m_response; }
@@ -107 +110 @@
     virtual void didRetrieveDerivedDataFromCache(const String& type, SharedBuffer&);
 
+    WEBCORE_EXPORT void didBlockAuthenticationChallenge();
+
     virtual bool shouldUseCredentialStorage();
     virtual void didReceiveAuthenticationChallenge(const AuthenticationChallenge&);
@@ -150 +155 @@
 protected:
     ResourceLoader(Frame&, ResourceLoaderOptions);
+
+    bool isMixedContent(const URL&) const;
 
     void didFinishLoadingOnePart(const NetworkLoadMetrics&);
@@ -205 +212 @@
 #endif
 
-    bool isMixedContent(const URL&) const;
-
     ResourceRequest m_request;
     ResourceRequest m_originalRequest; // Before redirects.
@@ -226 +231 @@
     bool m_defersLoading;
     bool m_canAskClientForCredentials;
+    bool m_wasInsecureRequestSeen { false };
+    bool m_wasAuthenticationChallengeBlocked { false };
     ResourceRequest m_deferredRequest;
     ResourceLoaderOptions m_options;

branches/safari-605-branch/Source/WebKit/ChangeLog

@@ +1 @@
+2018-02-12  Jason Marcell  <jmarcell@apple.com>
+
+        Cherry-pick r228231. rdar://problem/37408885
+
+    2018-02-07  Daniel Bates  <dabates@apple.com>
+
+            Log error when authentication challenge is blocked due to an insecure request
+            https://bugs.webkit.org/show_bug.cgi?id=182358
+
+            Reviewed by Andy Estes.
+
+            Have network process notify the web process when it blocks an authentication challenge.
+
+            * NetworkProcess/NetworkLoad.cpp:
+            (WebKit::NetworkLoad::completeAuthenticationChallenge):
+            * NetworkProcess/NetworkLoadClient.h:
+            (WebKit::NetworkLoadClient::didBlockAuthenticationChallenge):
+            * NetworkProcess/NetworkResourceLoader.cpp:
+            (WebKit::NetworkResourceLoader::didBlockAuthenticationChallenge):
+            * NetworkProcess/NetworkResourceLoader.h:
+            * WebProcess/Network/WebResourceLoader.cpp:
+            (WebKit::WebResourceLoader::didBlockAuthenticationChallenge):
+            * WebProcess/Network/WebResourceLoader.h:
+            * WebProcess/Network/WebResourceLoader.messages.in:
+
 2018-02-09  Jason Marcell  <jmarcell@apple.com>
 

branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkLoad.cpp

@@ -338 +338 @@
     bool isServerTrustEvaluation = m_challenge->protectionSpace().authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested;
     if (!isAllowedToAskUserForCredentials() && !isServerTrustEvaluation) {
+        m_client.get().didBlockAuthenticationChallenge();
         completionHandler(AuthenticationChallengeDisposition::UseCredential, { });
         return;

branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkLoadClient.h

@@ -57 +57 @@
     virtual void didFinishLoading(const WebCore::NetworkLoadMetrics&) = 0;
     virtual void didFailLoading(const WebCore::ResourceError&) = 0;
+    virtual void didBlockAuthenticationChallenge() { };
     virtual bool shouldCaptureExtraNetworkLoadMetrics() const { return false; }
 };

branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp

@@ -443 +443 @@
 }
 
+void NetworkResourceLoader::didBlockAuthenticationChallenge()
+{
+    send(Messages::WebResourceLoader::DidBlockAuthenticationChallenge());
+}
+
 void NetworkResourceLoader::willSendRedirectedRequest(ResourceRequest&& request, WebCore::ResourceRequest&& redirectRequest, ResourceResponse&& redirectResponse)
 {

branches/safari-605-branch/Source/WebKit/NetworkProcess/NetworkResourceLoader.h

@@ -97 +97 @@
     void didFinishLoading(const WebCore::NetworkLoadMetrics&) override;
     void didFailLoading(const WebCore::ResourceError&) override;
+    void didBlockAuthenticationChallenge() override;
     bool shouldCaptureExtraNetworkLoadMetrics() const override;
 

branches/safari-605-branch/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp

@@ -161 +161 @@
 }
 
+void WebResourceLoader::didBlockAuthenticationChallenge()
+{
+    LOG(Network, "(WebProcess) WebResourceLoader::didBlockAuthenticationChallenge for '%s'", m_coreLoader->url().string().latin1().data());
+    RELEASE_LOG_IF_ALLOWED("didBlockAuthenticationChallenge: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ")", m_trackingParameters.pageID, m_trackingParameters.frameID, m_trackingParameters.resourceID);
+
+    m_coreLoader->didBlockAuthenticationChallenge();
+}
+
 #if ENABLE(SHAREABLE_RESOURCE)
 void WebResourceLoader::didReceiveResource(const ShareableResource::Handle& handle)

branches/safari-605-branch/Source/WebKit/WebProcess/Network/WebResourceLoader.h

@@ -82 +82 @@
     void didFinishResourceLoad(const WebCore::NetworkLoadMetrics&);
     void didFailResourceLoad(const WebCore::ResourceError&);
+    void didBlockAuthenticationChallenge();
 #if ENABLE(SHAREABLE_RESOURCE)
     void didReceiveResource(const ShareableResource::Handle&);

branches/safari-605-branch/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in

@@ -29 +29 @@
     DidRetrieveDerivedData(String type, IPC::DataReference data)
     DidFailResourceLoad(WebCore::ResourceError error)
+    DidBlockAuthenticationChallenge()
 
 #if ENABLE(SHAREABLE_RESOURCE)