Revert 76880 - ChromeFrame would fail to upload POST data to the server if the webserver requested NTLM

authentication. This is due to a bug in urlmon on IE6 and IE7 which manifests itself when
the post data is passed to urlmon as an IStream. 

Fix is to pass in the uploaded data as a HGLOBAL. We always pass in a copy of the HGLOBAL
which points to the posted data to urlmon. This is to have it accessible for reissuing
navigation requests which target downloads.

Fixes bug http://code.google.com/p/chromium/issues/detail?id=62687

BUG=62687
TEST=manually at this point. As we need a server which supports NTLM authentication like IIS.

Review URL: http://codereview.chromium.org/6603006

TBR=ananta@chromium.org
Review URL: http://codereview.chromium.org/6626008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@76886 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 30 insertions, 9 deletions

diff --git a/chrome_frame/utils.cc b/chrome_frame/utils.cc
index f622c7d..1db94dc 100644
--- a/chrome_frame/utils.cc
+++ b/chrome_frame/utils.cc
@@ -791,13 +791,9 @@ RendererType RendererTypeForUrl(const std::wstring& url) {
   return renderer_type;
 }
 
-HRESULT NavigateBrowserToMoniker(IUnknown* browser,
-                                 IMoniker* moniker,
-                                 const wchar_t* headers,
-                                 IBindCtx* bind_ctx,
-                                 const wchar_t* fragment,
-                                 const uint8* post_data,
-                                 int post_data_len) {
+HRESULT NavigateBrowserToMoniker(IUnknown* browser, IMoniker* moniker,
+                                 const wchar_t* headers, IBindCtx* bind_ctx,
+                                 const wchar_t* fragment, IStream* post_data) {
   DCHECK(browser);
   DCHECK(moniker);
   DCHECK(bind_ctx);
@@ -821,9 +817,34 @@ HRESULT NavigateBrowserToMoniker(IUnknown* browser,
   // If the data to be downloaded was received in response to a post request
   // then we need to reissue the post request.
   base::win::ScopedVariant post_data_variant;
-  if (post_data && post_data_len > 0) {
+  if (post_data) {
+    RewindStream(post_data);
+
     CComSafeArray<uint8> safe_array_post;
-    safe_array_post.Add(post_data_len, post_data);
+
+    STATSTG stat;
+    post_data->Stat(&stat, STATFLAG_NONAME);
+
+    if (stat.cbSize.LowPart > 0) {
+      std::string data;
+
+      HRESULT hr = E_FAIL;
+      while ((hr = ReadStream(post_data, 0xffff, &data)) == S_OK) {
+        safe_array_post.Add(
+            data.size(),
+            reinterpret_cast<unsigned char*>(const_cast<char*>(data.data())));
+        data.clear();
+      }
+    } else {
+      // If we get here it means that the navigation is being reissued for a
+      // POST request with no data. To ensure that the new window used as a
+      // target to handle the new navigation issues a POST request
+      // we need valid POST data. In this case we create a dummy 1 byte array.
+      // May not work as expected with some web sites.
+      DLOG(WARNING) << "Reissuing navigation with empty POST data. May not"
+                    << " work as expected";
+      safe_array_post.Create(1);
+    }
     post_data_variant.Set(safe_array_post.Detach());
   }
   // Create a new bind context that's not associated with our callback.