Changeset 59669 in webkit

Timestamp:

May 18, 2010 7:07:00 AM (14 years ago)

Author:

Simon Hausmann

Message:

[Qt] Fix http/tests/xmlhttprequest/cross-origin-no-authorization.html

2010-05-08 Robert Hogan <​robert@roberthogan.net>

Reviewed by Simon Hausmann.

[Qt] Fix http/tests/xmlhttprequest/cross-origin-no-authorization.html

and http/tests/xmlhttprequest/cross-origin-authorization.html

QHttpNetworkRequest adds Authorization and Cookie headers to XHRs
without knowing if this is valid behaviour or not. In order to allow
Qt to decide whether Cookie/Authorization headers should be added
to an XHR QtWebKit needs to use an attribute added to QNetworkRequest.
These new attributes are: QNetworkRequest::CookieLoadControlAttribute,
QNetworkRequest::CookieSaveControlAttribute,and
QNetworkRequest::AuthenticationReuseControlAttribute.

QtWebKit will set QNetworkRequest::AuthenticationReuseControlAttribute to false
unless withCredentials is set to true in the XHR.

QtWebkit will set CookieLoad/SaveControlAttribute to false unless withCredentials
is set to true in the XHR.

Qt will pass the values onto QHttpNetworkRequest and this will permit
the Qt network access processing to decide whether or not to add either
or both of the Cookie/Authorisation headers, and whether to save cookies
returned from such requests. By default the attribute
will always be true so unless QtWebKit sets it to false normal
header processing is unaffected.

There are platform-specific results for cross-origin-no-authorization.html:

1. Qt's DRT does not capture the final 'DONE'.
2. QNetworkReplyHandler.cpp's ignoreHttpError() means that async requests do not execute didFail() when they receive a 401 HTTP response. This results in async tests passing with '401 Authorisation required' rather than 'received error event'.

The Qt part of these changes was merged at: ​http://gitorious.org/qt/qt/merge_requests/592

In order to properly support the tests, Qt's DRT needs to use one
NetworkAccessManager for all pages. This allows it to use cached
credentials where appropriate.

The tests now pass when run individually but there seems to be a problem with
leaking the results of requests across tests when run with the others in
http/tests. This will be addressed in a separate patch.

​https://bugs.webkit.org/show_bug.cgi?id=32967

• DumpRenderTree/qt/DumpRenderTreeQt.cpp: (WebCore::WebPage::WebPage): (WebCore::DumpRenderTree::DumpRenderTree):
• DumpRenderTree/qt/DumpRenderTreeQt.h:
• platform/network/qt/ResourceRequestQt.cpp: (WebCore::ResourceRequest::toNetworkRequest):
• platform/qt/Skipped: Group together the tests that are waiting for 4.7 to be unskipped.
• platform/qt/http/tests/xmlhttprequest/cross-origin-no-authorization-expected.txt: Added.

Location:

trunk

Files:

• WebCore/ChangeLog (modified) (1 diff)
• WebCore/platform/network/qt/ResourceRequestQt.cpp (modified) (1 diff)
• WebKitTools/ChangeLog (modified) (1 diff)
• WebKitTools/DumpRenderTree/qt/DumpRenderTreeQt.cpp (modified) (2 diffs)
• WebKitTools/DumpRenderTree/qt/DumpRenderTreeQt.h (modified) (4 diffs)

trunk/WebCore/ChangeLog

@@ +1 @@
+2010-05-08  Robert Hogan  <robert@roberthogan.net>
+
+        Reviewed by Simon Hausmann.
+
+        [Qt] Fix http/tests/xmlhttprequest/cross-origin-no-authorization.html
+             and http/tests/xmlhttprequest/cross-origin-authorization.html
+
+        QHttpNetworkRequest adds Authorization and Cookie headers to XHRs
+        without knowing if this is valid behaviour or not. In order to allow
+        Qt to decide whether Cookie/Authorization headers should be added
+        to an XHR QtWebKit needs to use an attribute added to QNetworkRequest.
+        These new attributes are: QNetworkRequest::CookieLoadControlAttribute,
+        QNetworkRequest::CookieSaveControlAttribute,and
+        QNetworkRequest::AuthenticationReuseControlAttribute.
+
+        QtWebKit will set QNetworkRequest::AuthenticationReuseControlAttribute to false
+        unless withCredentials is set to true in the XHR.
+
+        QtWebkit will set CookieLoad/SaveControlAttribute to false unless withCredentials
+        is set to true in the XHR.
+
+        Qt will pass the values onto QHttpNetworkRequest and this will permit
+        the Qt network access processing to decide whether or not to add either
+        or both of the Cookie/Authorisation headers, and whether to save cookies
+        returned from such requests. By default the attribute
+        will always be true so unless QtWebKit sets it to false normal
+        header processing is unaffected.
+
+        The Qt part of these changes was merged at: http://gitorious.org/qt/qt/merge_requests/592
+
+        https://bugs.webkit.org/show_bug.cgi?id=32967
+
+        * platform/network/qt/ResourceRequestQt.cpp:
+        (WebCore::ResourceRequest::toNetworkRequest):
+
 2010-05-18  Zoltan Herczeg  <zherczeg@webkit.org>
 

trunk/WebCore/platform/network/qt/ResourceRequestQt.cpp

@@ -81 +81 @@
     }
 
+#if QT_VERSION >= QT_VERSION_CHECK(4, 7, 0)
+    if (!allowCookies()) {
+        request.setAttribute(QNetworkRequest::CookieLoadControlAttribute, QNetworkRequest::Manual);
+        request.setAttribute(QNetworkRequest::CookieSaveControlAttribute, QNetworkRequest::Manual);
+        request.setAttribute(QNetworkRequest::AuthenticationReuseAttribute, QNetworkRequest::Manual);
+    }
+#endif
+
     return request;
 }

trunk/WebKitTools/ChangeLog

@@ +1 @@
+2010-05-08  Robert Hogan  <robert@roberthogan.net>
+
+        Reviewed by Simon Hausmann.
+
+        [Qt] Fix http/tests/xmlhttprequest/cross-origin-no-authorization.html
+             and http/tests/xmlhttprequest/cross-origin-authorization.html
+
+        QHttpNetworkRequest adds Authorization and Cookie headers to XHRs
+        without knowing if this is valid behaviour or not. In order to allow
+        Qt to decide whether Cookie/Authorization headers should be added
+        to an XHR QtWebKit needs to use an attribute added to QNetworkRequest.
+        These new attributes are: QNetworkRequest::CookieLoadControlAttribute,
+        QNetworkRequest::CookieSaveControlAttribute,and
+        QNetworkRequest::AuthenticationReuseControlAttribute.
+
+        In order to properly support the tests, Qt's DRT needs to use one
+        NetworkAccessManager for all pages. This allows it to use cached
+        credentials where appropriate.
+
+        The tests now pass when run individually but there seems to be a problem with
+        leaking the results of requests across tests when run with the others in
+        http/tests. This will be addressed in a separate patch.
+
+        https://bugs.webkit.org/show_bug.cgi?id=32967
+
+
+        * DumpRenderTree/qt/DumpRenderTreeQt.cpp:
+        (WebCore::WebPage::WebPage):
+        (WebCore::DumpRenderTree::DumpRenderTree):
+        * DumpRenderTree/qt/DumpRenderTreeQt.h:
+
+
 2010-05-18  Fumitoshi Ukai  <ukai@chromium.org>
 

trunk/WebKitTools/DumpRenderTree/qt/DumpRenderTreeQt.cpp

@@ -157 +157 @@
             this, SLOT(setViewGeometry(const QRect & )));
 
-    setNetworkAccessManager(new NetworkAccessManager(this));
+    setNetworkAccessManager(m_drt->networkAccessManager());
     setPluginFactory(new TestPlugin(this));
 }
@@ -347 +347 @@
     QWebSettings::enablePersistentStorage(m_persistentStoragePath);
 
+    m_networkAccessManager = new NetworkAccessManager(this);
     // create our primary testing page/view.
     m_mainView = new QWebView(0);

trunk/WebKitTools/DumpRenderTree/qt/DumpRenderTreeQt.h

@@ -62 +62 @@
 
 class WebPage;
+class NetworkAccessManager;
 
 class DumpRenderTree : public QObject {
@@ -88 +89 @@
     TextInputController *textInputController() const { return m_textInputController; }
     QString persistentStoragePath() const { return m_persistentStoragePath; }
+    NetworkAccessManager *networkAccessManager() const { return m_networkAccessManager; }
 
     QWebPage *createWindow();
@@ -95 +97 @@
 
     WebPage *webPage() const { return m_page; }
-
 
 #if defined(Q_WS_X11)
@@ -137 +138 @@
     TextInputController *m_textInputController;
     GCController* m_gcController;
+    NetworkAccessManager* m_networkAccessManager;
 
     QFile *m_stdin;