Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-14 12:13:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixes bug 96705 "[zope] authentication should invalidate cache" and

Browse Source 
bug 103402 "HTTP authentication allows view of first page if previously
authenticated" r=gagan sr=mscott
This commit is contained in:
darin%netscape.com 2002-02-08 23:13:36 +00:00
parent 35123d392b
commit 714b93ebb3
2 changed files with 49 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
netwerk/protocol/http/src/nsHttpChannel.cpp
View File

@ -817,6 +817,16 @@ nsHttpChannel::CheckCache()
}
buf.Adopt(0);
// We'll need this value in later computations...
PRUint32 lastModifiedTime;
rv = mCacheEntry->GetLastModified(&lastModifiedTime);
if (NS_FAILED(rv)) return rv;
// Determine if this is the first time that this cache entry
// has been accessed during this session.
PRBool fromPreviousSession =
(nsHttpHandler::get()->SessionStartTime() > lastModifiedTime);
// Get the cached HTTP response headers
rv = mCacheEntry->GetMetaDataElement("response-head", getter_Copies(buf));
if (NS_FAILED(rv)) return rv;
@ -911,16 +921,10 @@ nsHttpChannel::CheckCache()
rv = mCachedResponseHead->ComputeFreshnessLifetime(&time);
if (NS_FAILED(rv)) return rv;
if (time == 0) {
if (time == 0)
doValidation = PR_TRUE;
}
else {
rv = mCacheEntry->GetLastModified(&time);
if (NS_FAILED(rv)) return rv;
// Determine if this is the first time that this cache entry
// has been accessed in this session, and validate if so.
doValidation = (nsHttpHandler::get()->SessionStartTime() > time);
}
else
doValidation = fromPreviousSession;
}
else
doValidation = PR_TRUE;
@ -928,6 +932,24 @@ nsHttpChannel::CheckCache()
LOG(("%salidating based on expiration time\n", doValidation ? "V" : "Not v"));
}
if (!doValidation) {
//
// Check the authorization headers used to generate the cache entry.
// We must validate the cache entry if:
//
// 1) the cache entry was generated prior to this session w/
// credentials (see bug 103402).
// 2) the cache entry was generated w/o credentials, but would now
// require credentials (see bug 96705).
//
// NOTE: this does not apply to proxy authentication.
//
mCacheEntry->GetMetaDataElement("auth", getter_Copies(buf));
doValidation =
(fromPreviousSession && !buf.IsEmpty()) ||
(buf.IsEmpty() && mRequestHead.PeekHeader(nsHttp::Authorization));
}
mCachedContentIsValid = !doValidation;
// add validation headers unless the cached response is marked no-store...
@ -1081,6 +1103,10 @@ nsHttpChannel::InitCacheEntry()
rv = mCacheEntry->SetMetaDataElement("request-method", mRequestHead.Method().get());
if (NS_FAILED(rv)) return rv;
// Store the HTTP authorization scheme used if any...
rv = StoreAuthorizationMetaData();
if (NS_FAILED(rv)) return rv;
// Store the received HTTP head with the cache entry as an element of
// the meta data.
nsCAutoString head;
@ -1088,6 +1114,19 @@ nsHttpChannel::InitCacheEntry()
return mCacheEntry->SetMetaDataElement("response-head", head.get());
}
nsresult
nsHttpChannel::StoreAuthorizationMetaData()
{
// Not applicable to proxy authorization...
const char *val = mRequestHead.PeekHeader(nsHttp::Authorization);
if (val) {
// eg. [Basic realm="wally world"]
nsCAutoString buf(Substring(val, strchr(val, ' ')));
return mCacheEntry->SetMetaDataElement("auth", buf.get());
}
return NS_OK;
}
// Finalize the cache entry
// - may need to rewrite response headers if any headers changed
// - may need to recalculate the expiration time if any headers changed

1
netwerk/protocol/http/src/nsHttpChannel.h
View File

@ -103,6 +103,7 @@ private:
nsresult ReadFromCache();
nsresult CloseCacheEntry(nsresult status);
nsresult InitCacheEntry();
nsresult StoreAuthorizationMetaData();
nsresult FinalizeCacheEntry();
nsresult InstallCacheListener();