Chromium Code Reviews Chromium Code Reviews
Issue 164504:
Unescape username/passwords obtained from URLs before using them for HTTP aut... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_HTTP_HTTP_NETWORK_TRANSACTION_H_ | 5 #ifndef NET_HTTP_HTTP_NETWORK_TRANSACTION_H_ |
| 6 #define NET_HTTP_HTTP_NETWORK_TRANSACTION_H_ | 6 #define NET_HTTP_HTTP_NETWORK_TRANSACTION_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/ref_counted.h" | 10 #include "base/ref_counted.h" |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 55 HaveAuth(pending_auth_target_); | 55 HaveAuth(pending_auth_target_); |
| 56 } | 56 } |
| 57 | 57 |
| 58 virtual int Read(IOBuffer* buf, int buf_len, CompletionCallback* callback); | 58 virtual int Read(IOBuffer* buf, int buf_len, CompletionCallback* callback); |
| 59 virtual const HttpResponseInfo* GetResponseInfo() const; | 59 virtual const HttpResponseInfo* GetResponseInfo() const; |
| 60 virtual LoadState GetLoadState() const; | 60 virtual LoadState GetLoadState() const; |
| 61 virtual uint64 GetUploadProgress() const; | 61 virtual uint64 GetUploadProgress() const; |
| 62 | 62 |
| 63 private: | 63 private: |
| 64 FRIEND_TEST(HttpNetworkTransactionTest, ResetStateForRestart); | 64 FRIEND_TEST(HttpNetworkTransactionTest, ResetStateForRestart); |
| 65 FRIEND_TEST(HttpNetworkTransactionTest, GetIdentifyFromUrl); | |
| 66 FRIEND_TEST(HttpNetworkTransactionTest, GetIdentifyFromUrl_UTF8); | |
| 65 | 67 |
| 66 // This version of IOBuffer lets us use a string as the real storage and | 68 // This version of IOBuffer lets us use a string as the real storage and |
| 67 // "move" the data pointer inside the string before using it to do actual IO. | 69 // "move" the data pointer inside the string before using it to do actual IO. |
| 68 class RequestHeaders : public net::IOBuffer { | 70 class RequestHeaders : public net::IOBuffer { |
| 69 public: | 71 public: |
| 70 RequestHeaders() : net::IOBuffer() {} | 72 RequestHeaders() : net::IOBuffer() {} |
| 71 ~RequestHeaders() { data_ = NULL; } | 73 ~RequestHeaders() { data_ = NULL; } |
| 72 | 74 |
| 73 void SetDataOffset(size_t offset) { | 75 void SetDataOffset(size_t offset) { |
| 74 data_ = const_cast<char*>(headers_.data()) + offset; | 76 data_ = const_cast<char*>(headers_.data()) + offset; |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 252 // Invalidates any auth cache entries after authentication has failed. | 254 // Invalidates any auth cache entries after authentication has failed. |
| 253 // The identity that was rejected is auth_identity_[target]. | 255 // The identity that was rejected is auth_identity_[target]. |
| 254 void InvalidateRejectedAuthFromCache(HttpAuth::Target target); | 256 void InvalidateRejectedAuthFromCache(HttpAuth::Target target); |
| 255 | 257 |
| 256 // Sets auth_identity_[target] to the next identity that the transaction | 258 // Sets auth_identity_[target] to the next identity that the transaction |
| 257 // should try. It chooses candidates by searching the auth cache | 259 // should try. It chooses candidates by searching the auth cache |
| 258 // and the URL for a username:password. Returns true if an identity | 260 // and the URL for a username:password. Returns true if an identity |
| 259 // was found. | 261 // was found. |
| 260 bool SelectNextAuthIdentityToTry(HttpAuth::Target target); | 262 bool SelectNextAuthIdentityToTry(HttpAuth::Target target); |
| 261 | 263 |
| 264 // Extract the unescaped username/password from |url|, saving the results | |
| 265 // into |*username| and |*password|. | |
| 266 static void GetIdentifyFromUrl(const GURL& url, | |
|
wtc
2009/08/13 21:37:36
Consider moving this method to net_util.h, so that
| |
| 267 std::wstring* username, | |
| 268 std::wstring* password); | |
| 269 | |
| 262 // Searches the auth cache for an entry that encompasses the request's path. | 270 // Searches the auth cache for an entry that encompasses the request's path. |
| 263 // If such an entry is found, updates auth_identity_[target] and | 271 // If such an entry is found, updates auth_identity_[target] and |
| 264 // auth_handler_[target] with the cache entry's data and returns true. | 272 // auth_handler_[target] with the cache entry's data and returns true. |
| 265 bool SelectPreemptiveAuth(HttpAuth::Target target); | 273 bool SelectPreemptiveAuth(HttpAuth::Target target); |
| 266 | 274 |
| 267 bool HaveAuth(HttpAuth::Target target) const { | 275 bool HaveAuth(HttpAuth::Target target) const { |
| 268 return auth_handler_[target].get() && !auth_identity_[target].invalid; | 276 return auth_handler_[target].get() && !auth_identity_[target].invalid; |
| 269 } | 277 } |
| 270 | 278 |
| 271 // Get the {scheme, host, port} for the authentication target | 279 // Get the {scheme, host, port} for the authentication target |
| (...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 399 // The time that we request the ClientSocketPool for a connected socket. | 407 // The time that we request the ClientSocketPool for a connected socket. |
| 400 base::TimeTicks transport_socket_request_time_; | 408 base::TimeTicks transport_socket_request_time_; |
| 401 | 409 |
| 402 // The next state in the state machine. | 410 // The next state in the state machine. |
| 403 State next_state_; | 411 State next_state_; |
| 404 }; | 412 }; |
| 405 | 413 |
| 406 } // namespace net | 414 } // namespace net |
| 407 | 415 |
| 408 #endif // NET_HTTP_HTTP_NETWORK_TRANSACTION_H_ | 416 #endif // NET_HTTP_HTTP_NETWORK_TRANSACTION_H_ |
| OLD | NEW |
