Changeset 171859 in webkit

Timestamp:

Jul 31, 2014 9:45:19 AM (10 years ago)

Author:

mitz@apple.com

Message:

[WK2] Regression tests can't load HTTPS pages with NetworkProcess due to self-signed certificate
​https://bugs.webkit.org/show_bug.cgi?id=115282

Reviewed by Sam Weinig.

Tools:

• WebKitTestRunner/TestController.cpp:

(WTR::TestController::canAuthenticateAgainstProtectionSpaceInFrame): Return true for any
local host server trust protection space.
(WTR::TestController::didReceiveAuthenticationChallengeInFrame): Respond with a non-empty
credential to server trust challenges.

LayoutTests:

• platform/mac-wk2/TestExpectations: Removed the exceptions listed under this bug.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/platform/mac-wk2/TestExpectations (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/WebKitTestRunner/TestController.cpp (modified) (3 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2014-07-31  Dan Bernstein  <mitz@apple.com>
+
+        [WK2] Regression tests can't load HTTPS pages with NetworkProcess due to self-signed certificate
+        https://bugs.webkit.org/show_bug.cgi?id=115282
+
+        Reviewed by Sam Weinig.
+
+        * platform/mac-wk2/TestExpectations: Removed the exceptions listed under this bug.
+
 2014-07-31  Michał Pakuła vel Rutka  <m.pakula@samsung.com>
 

trunk/LayoutTests/platform/mac-wk2/TestExpectations

@@ -629 +629 @@
 [ Mavericks ] storage/websql/private-browsing-noread-nowrite.html [ Skip ]
 
-# https://bugs.webkit.org/show_bug.cgi?id=115282
-# PPT: https loads fail due to self-signed certificate
-[ Mavericks ] http/tests/appcache/different-https-origin-resource-main.html [ Skip ]
-[ Mavericks ] http/tests/cache/history-only-cached-subresource-loads-max-age-https.html [ Skip ]
-[ Mavericks ] http/tests/misc/dns-prefetch-control.html [ Skip ]
-[ Mavericks ] http/tests/navigation/https-in-page-cache.html [ Skip ]
-[ Mavericks ] http/tests/navigation/ping-cross-origin-from-https.html [ Skip ]
-[ Mavericks ] http/tests/security/contentSecurityPolicy/block-mixed-content-hides-warning.html [ Skip ]
-[ Mavericks ] http/tests/security/contentSecurityPolicy/script-src-star-cross-scheme.html [ Skip ]
-[ Mavericks ] http/tests/security/mixedContent [ Skip ]
-[ Mavericks ] http/tests/security/originHeader/origin-header-for-https.html [ Skip ]
-[ Mavericks ] http/tests/security/referrer-policy-https-always.html [ Skip ]
-[ Mavericks ] http/tests/security/referrer-policy-https-default.html [ Skip ]
-[ Mavericks ] http/tests/security/referrer-policy-https-never.html [ Skip ]
-[ Mavericks ] http/tests/security/referrer-policy-https-origin.html [ Skip ]
-[ Mavericks ] http/tests/security/referrer-policy-redirect-link.html [ Skip ]
-[ Mavericks ] http/tests/security/referrer-policy-redirect.html [ Skip ]
-[ Mavericks ] http/tests/ssl [ Skip ]
-
 # testRunner.setAlwaysAcceptCookies does not work with NetworkProcess
 [ Mavericks ] http/tests/cookies/third-party-cookie-relaxing.html [ Skip ]

trunk/Tools/ChangeLog

@@ +1 @@
+2014-07-31  Dan Bernstein  <mitz@apple.com>
+
+        [WK2] Regression tests can't load HTTPS pages with NetworkProcess due to self-signed certificate
+        https://bugs.webkit.org/show_bug.cgi?id=115282
+
+        Reviewed by Sam Weinig.
+
+        * WebKitTestRunner/TestController.cpp:
+        (WTR::TestController::canAuthenticateAgainstProtectionSpaceInFrame): Return true for any
+        local host server trust protection space.
+        (WTR::TestController::didReceiveAuthenticationChallengeInFrame): Respond with a non-empty
+        credential to server trust challenges.
+
 2014-07-31  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>
 

trunk/Tools/WebKitTestRunner/TestController.cpp

@@ -1199 +1199 @@
 bool TestController::canAuthenticateAgainstProtectionSpaceInFrame(WKPageRef, WKFrameRef, WKProtectionSpaceRef protectionSpace, const void*)
 {
-    return WKProtectionSpaceGetAuthenticationScheme(protectionSpace) <= kWKProtectionSpaceAuthenticationSchemeHTTPDigest;
+    WKProtectionSpaceAuthenticationScheme authenticationScheme = WKProtectionSpaceGetAuthenticationScheme(protectionSpace);
+
+    if (authenticationScheme == kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) {
+        std::string host = toSTD(adoptWK(WKProtectionSpaceCopyHost(protectionSpace)).get());
+        return host == "localhost" || host == "127.0.0.1";
+    }
+
+    return authenticationScheme <= kWKProtectionSpaceAuthenticationSchemeHTTPDigest;
 }
 
@@ -1250 +1257 @@
 void TestController::didReceiveAuthenticationChallengeInFrame(WKPageRef page, WKFrameRef frame, WKAuthenticationChallengeRef authenticationChallenge)
 {
+    WKProtectionSpaceRef protectionSpace = WKAuthenticationChallengeGetProtectionSpace(authenticationChallenge);
+    WKAuthenticationDecisionListenerRef decisionListener = WKAuthenticationChallengeGetDecisionListener(authenticationChallenge);
+
+    if (WKProtectionSpaceGetAuthenticationScheme(protectionSpace) == kWKProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) {
+        // Any non-empty credential signals to accept the server trust. Since the cross-platform API
+        // doesn't expose a way to create a credential from server trust, we use a password credential.
+
+        WKRetainPtr<WKCredentialRef> credential = adoptWK(WKCredentialCreate(toWK("accept server trust").get(), toWK("").get(), kWKCredentialPersistenceNone));
+        WKAuthenticationDecisionListenerUseCredential(decisionListener, credential.get());
+        return;
+    }
+
     String message;
     if (!m_handlesAuthenticationChallenges)
@@ -1257 +1276 @@
     m_currentInvocation->outputText(message);
 
-    WKAuthenticationDecisionListenerRef decisionListener = WKAuthenticationChallengeGetDecisionListener(authenticationChallenge);
     if (!m_handlesAuthenticationChallenges) {
         WKAuthenticationDecisionListenerUseCredential(decisionListener, 0);