From 6a6881a3ff408ab630684ae1779f12b83a024044 Mon Sep 17 00:00:00 2001 From: Steve Block Date: Wed, 24 Mar 2010 16:27:17 +0000 Subject: Fixes XHR requests to use the username and password supplied from JavaScript Currently, the browser does not use the credentials supplied from JavaScript. If a request returns a 401 Unauthorized, the browser always prompts the user. This violates http://www.w3.org/TR/XMLHttpRequest/#the-send-method Bug: 2533522 Change-Id: Ic232003a3f321167810fc7263d6ecb654eeeb5eb --- WebCore/platform/network/android/ResourceHandleAndroid.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'WebCore/platform') diff --git a/WebCore/platform/network/android/ResourceHandleAndroid.cpp b/WebCore/platform/network/android/ResourceHandleAndroid.cpp index 6759852..aadf43b 100644 --- a/WebCore/platform/network/android/ResourceHandleAndroid.cpp +++ b/WebCore/platform/network/android/ResourceHandleAndroid.cpp @@ -158,7 +158,11 @@ void ResourceHandle::loadResourceSynchronously(const ResourceRequest& request, SyncLoader s(error, response, data); ResourceHandle h(request, &s, false, false, false); // This blocks until the load is finished. - ResourceLoaderAndroid::start(&h, request, frame->loader()->client(), false, true); + // Use the request owned by the ResourceHandle. This has had the username + // and password (if present) stripped from the URL in + // ResourceHandleInternal::ResourceHandleInternal(). This matches the + // behaviour in the asynchronous case. + ResourceLoaderAndroid::start(&h, h.getInternal()->m_request, frame->loader()->client(), false, true); } } // namespace WebCore -- cgit v1.1