diff options
| author | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-02 11:27:02 +0000 |
|---|---|---|
| committer | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-02 11:27:02 +0000 |
| commit | 6cc4218f3320d1ed11553c4a89a360a8db143ca7 (patch) | |
| tree | 49bd71667097cbfae482321451df754afd643a18 /net/http/http_auth_handler_mock.h | |
| parent | b05938fdfa5c1d830be859d4339d3992c6d12410 (diff) | |
| download | chromium_src-6cc4218f3320d1ed11553c4a89a360a8db143ca7.zip chromium_src-6cc4218f3320d1ed11553c4a89a360a8db143ca7.tar.gz chromium_src-6cc4218f3320d1ed11553c4a89a360a8db143ca7.tar.bz2 | |
Digest authentication uses a uri field to prevent replay attacks.
When authenticating to an HTTP proxy to establish a secure tunnel (via CONNECT), the uri should be the hostname of the server and the destination port, such as "www.example.com:443". When authenticating to an HTTP proxy for a non-secure content, the uri should be the path at the server, i.e. "/index.html".
If the site we are trying to connect to previously advertised "Alternate-Protocol: 443:spdy-npn/1" a request to "http://www.example.com" will be attempted on a secure port.
However, the URL passed into the digest authenticator was an unsecure one, and it decided to have a uri in the form "/index.html" rather than the correct "www.example.com:443". This causes persistent failure with the password and many password prompts.
BUG=49865
TEST=Run with --use-spdy=npn, force connection through a digest authenticating proxy, and browse a site which advertises Alternate-Protocol through http URLs.
Review URL: http://codereview.chromium.org/3028021
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54528 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_auth_handler_mock.h')
| -rw-r--r-- | net/http/http_auth_handler_mock.h | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/net/http/http_auth_handler_mock.h b/net/http/http_auth_handler_mock.h index f9a676c..a6b0d48 100644 --- a/net/http/http_auth_handler_mock.h +++ b/net/http/http_auth_handler_mock.h @@ -10,6 +10,7 @@ #include "base/string16.h" #include "base/task.h" +#include "googleurl/src/gurl.h" #include "net/http/http_auth_handler.h" #include "net/http/http_auth_handler_factory.h" @@ -46,15 +47,23 @@ class HttpAuthHandlerMock : public HttpAuthHandler { connection_based_ = connection_based; } + const GURL& request_url() const { + return request_url_; + } + // The Factory class simply returns the same handler each time // CreateAuthHandler is called. class Factory : public HttpAuthHandlerFactory { public: - Factory() {} - virtual ~Factory() {} + Factory(); + virtual ~Factory(); void set_mock_handler(HttpAuthHandler* handler, HttpAuth::Target target); + void set_do_init_from_challenge(bool do_init_from_challenge) { + do_init_from_challenge_ = do_init_from_challenge; + } + virtual int CreateAuthHandler(HttpAuth::ChallengeTokenizer* challenge, HttpAuth::Target target, const GURL& origin, @@ -65,6 +74,7 @@ class HttpAuthHandlerMock : public HttpAuthHandler { private: scoped_ptr<HttpAuthHandler> handlers_[HttpAuth::AUTH_NUM_TARGETS]; + bool do_init_from_challenge_; }; protected: @@ -89,6 +99,7 @@ class HttpAuthHandlerMock : public HttpAuthHandler { std::string* auth_token_; bool first_round_; bool connection_based_; + GURL request_url_; }; } // namespace net |