Changeset 141336 in webkit
- Timestamp:
- Jan 30, 2013 4:03:07 PM (11 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r141334 r141336 1 2013-01-30 Joe Mason <jmason@rim.com> 2 3 [BlackBerry] Never store empty credentials in NetworkJob::storeCredentials 4 https://bugs.webkit.org/show_bug.cgi?id=108387 5 6 Reviewed by Yong Li. 7 8 There is a code path that can cause NetworkJob::storeCredentials to be called with empty 9 credentials, causing the existing credentials to be overwritten even though authentication 10 succeeded. PR 287791 has been filed to investigate why this happens; in the meantime, ignore empty 11 credentials. 12 13 Internal PR: 281172 14 Internally Reviewed By: Leo Yang 15 16 * platform/network/blackberry/NetworkJob.cpp: 17 (WebCore::NetworkJob::storeCredentials): 18 1 19 2013-01-30 Andy Estes <aestes@apple.com> 2 20 -
trunk/Source/WebCore/platform/network/blackberry/NetworkJob.cpp
r140168 r141336 888 888 return; 889 889 890 // Obviously we can't have successfully authenticated with empty credentials. (To store empty 891 // credentials, use purgeCredentials.) 892 893 // FIXME: We should assert here, but there is one path (when the credentials are read from the 894 // proxy config entirely in the platform layer) where storeCredentials is called with an empty 895 // challenge. The credentials should be passed back from the platform layer for storage in this 896 // case - see PR 287791. 897 if (challenge.proposedCredential().user().isEmpty() || challenge.proposedCredential().password().isEmpty()) 898 return; 899 890 900 CredentialStorage::set(challenge.proposedCredential(), challenge.protectionSpace(), m_response.url()); 891 901 challenge.setStored(true);
Note: See TracChangeset
for help on using the changeset viewer.