forked from
me.webbeef.org/browser.html
Rewild Your Web
net: revert unused bearer token auth support
Signed-off-by: webbeef <me@webbeef.org>
+22
-131
+1
-1
patches/components/net/atproto/xrpc.rs.patch
+1
-1
patches/components/net/atproto/xrpc.rs.patch
+13
-103
patches/components/net/http_loader.rs.patch
+13
-103
patches/components/net/http_loader.rs.patch
···
8
8
use std::sync::Arc as StdArc;
9
9
use std::time::{Duration, SystemTime};
10
10
11
-
@@ -12,7 +13,7 @@
12
-
use devtools_traits::ChromeToDevtoolsControlMsg;
13
-
use embedder_traits::{AuthenticationResponse, GenericEmbedderProxy};
14
-
use futures::{TryFutureExt, TryStreamExt, future};
15
-
-use headers::authorization::Basic;
16
-
+use headers::authorization::{Basic, Bearer};
17
-
use headers::{
18
-
AccessControlAllowCredentials, AccessControlAllowHeaders, AccessControlAllowMethods,
19
-
AccessControlMaxAge, AccessControlRequestMethod, Authorization, CacheControl, ContentLength,
20
-
@@ -53,7 +54,8 @@
11
+
@@ -53,9 +54,9 @@
21
12
CacheState, HttpsState, RedirectTaint, Response, ResponseBody, ResponseType,
22
13
};
23
14
use net_traits::{
24
15
- CookieSource, DOCUMENT_ACCEPT_HEADER_VALUE, NetworkError, RedirectEndValue, RedirectStartValue,
25
-
+ AtProtoSessionState, AuthCacheEntry, BasicAuthCacheEntry, CookieSource,
26
-
+ DOCUMENT_ACCEPT_HEADER_VALUE, NetworkError, RedirectEndValue, RedirectStartValue,
27
-
ReferrerPolicy, ResourceAttribute, ResourceFetchTimingContainer, ResourceTimeValue,
28
-
TlsSecurityInfo, TlsSecurityState,
16
+
- ReferrerPolicy, ResourceAttribute, ResourceFetchTimingContainer, ResourceTimeValue,
17
+
- TlsSecurityInfo, TlsSecurityState,
18
+
+ AtProtoSessionState, CookieSource, DOCUMENT_ACCEPT_HEADER_VALUE, NetworkError,
19
+
+ RedirectEndValue, RedirectStartValue, ReferrerPolicy, ResourceAttribute,
20
+
+ ResourceFetchTimingContainer, ResourceTimeValue, TlsSecurityInfo, TlsSecurityState,
29
21
};
30
-
@@ -94,7 +96,8 @@
31
-
use crate::http_cache::{
22
+
use parking_lot::{Mutex, RwLock};
23
+
use profile_traits::mem::{Report, ReportKind};
24
+
@@ -95,6 +96,7 @@
32
25
CacheKey, CachedResourcesOrGuard, HttpCache, construct_response, invalidate, refresh,
33
26
};
34
-
-use crate::resource_thread::{AuthCache, AuthCacheEntry};
35
-
+use crate::resource_thread::AuthCache;
27
+
use crate::resource_thread::{AuthCache, AuthCacheEntry};
36
28
+use crate::web_tiles::WebTile;
37
29
use crate::websocket_loader::start_websocket;
38
30
39
31
/// The various states an entry of the HttpCache can be in.
40
-
@@ -109,6 +112,7 @@
32
+
@@ -109,6 +111,7 @@
41
33
}
42
34
43
35
pub struct HttpState {
···
45
37
pub hsts_list: RwLock<HstsList>,
46
38
pub cookie_jar: RwLock<CookieStorage>,
47
39
pub http_cache: HttpCache,
48
-
@@ -117,9 +121,28 @@
40
+
@@ -117,9 +120,28 @@
49
41
pub client: ServoClient,
50
42
pub override_manager: CertificateErrorOverrideManager,
51
43
pub embedder_proxy: GenericEmbedderProxy<NetToEmbedderMsg>,
···
74
66
pub(crate) fn memory_reports(&self, suffix: &str, ops: &mut MallocSizeOfOps) -> Vec<Report> {
75
67
vec![
76
68
Report {
77
-
@@ -159,6 +182,31 @@
69
+
@@ -159,6 +181,31 @@
78
70
));
79
71
receiver.await.ok()?
80
72
}
···
106
98
}
107
99
108
100
/// Step 11 of <https://fetch.spec.whatwg.org/#concept-fetch>.
109
-
@@ -407,14 +455,40 @@
110
-
}
111
-
}
112
-
113
-
+enum AuthCredential {
114
-
+ Basic(Authorization<Basic>),
115
-
+ Bearer(Authorization<Bearer>),
116
-
+}
117
-
+
118
-
+impl AuthCredential {
119
-
+ fn update_headers(self, headers: &mut HeaderMap) {
120
-
+ match self {
121
-
+ Self::Basic(auth) => headers.typed_insert(auth),
122
-
+ Self::Bearer(auth) => headers.typed_insert(auth),
123
-
+ }
124
-
+ }
125
-
+}
126
-
+
127
-
fn auth_from_cache(
128
-
auth_cache: &RwLock<AuthCache>,
129
-
origin: &ImmutableOrigin,
130
-
-) -> Option<Authorization<Basic>> {
131
-
+) -> Option<AuthCredential> {
132
-
if let Some(auth_entry) = auth_cache.read().entries.get(&origin.ascii_serialization()) {
133
-
- let user_name = &auth_entry.user_name;
134
-
- let password = &auth_entry.password;
135
-
- Some(Authorization::basic(user_name, password))
136
-
+ match auth_entry {
137
-
+ AuthCacheEntry::Basic(auth_entry) => {
138
-
+ let user_name = &auth_entry.user_name;
139
-
+ let password = &auth_entry.password;
140
-
+ Some(AuthCredential::Basic(Authorization::basic(
141
-
+ user_name, password,
142
-
+ )))
143
-
+ },
144
-
+ AuthCacheEntry::Bearer(auth_entry) => {
145
-
+ let token = &auth_entry.token;
146
-
+ Some(AuthCredential::Bearer(
147
-
+ Authorization::bearer(token).unwrap(),
148
-
+ ))
149
-
+ },
150
-
+ }
151
-
} else {
152
-
None
153
-
}
154
-
@@ -1441,15 +1515,15 @@
155
-
authorization_value.is_none() &&
156
-
has_credentials(¤t_url)
157
-
{
158
-
- authorization_value = Some(Authorization::basic(
159
-
+ authorization_value = Some(AuthCredential::Basic(Authorization::basic(
160
-
current_url.username(),
161
-
current_url.password().unwrap_or(""),
162
-
- ));
163
-
+ )));
164
-
}
165
-
166
-
// Substep 6
167
-
if let Some(basic) = authorization_value {
168
-
- http_request.headers.typed_insert(basic);
169
-
+ basic.update_headers(&mut http_request.headers);
170
-
}
171
-
}
172
-
}
173
-
@@ -1651,7 +1725,7 @@
174
-
};
175
-
176
-
// Store the credentials as a proxy-authentication entry.
177
-
- let entry = AuthCacheEntry {
178
-
+ let entry = BasicAuthCacheEntry {
179
-
user_name: credentials.username,
180
-
password: credentials.password,
181
-
};
182
-
@@ -1658,7 +1732,7 @@
183
-
{
184
-
let mut auth_cache = context.state.auth_cache.write();
185
-
let key = request.current_url().origin().ascii_serialization();
186
-
- auth_cache.entries.insert(key, entry);
187
-
+ auth_cache.entries.insert(key, AuthCacheEntry::Basic(entry));
188
-
}
189
-
190
-
// Make sure this is set to None,
+6
-19
patches/components/net/resource_thread.rs.patch
+6
-19
patches/components/net/resource_thread.rs.patch
···
1
1
--- original
2
2
+++ modified
3
-
@@ -25,10 +25,10 @@
3
+
@@ -25,9 +25,9 @@
4
4
use net_traits::request::{Destination, PreloadEntry, PreloadId, RequestBuilder, RequestId};
5
5
use net_traits::response::{Response, ResponseInit};
6
6
use net_traits::{
7
7
- AsyncRuntime, CookieAsyncResponse, CookieData, CookieSource, CoreResourceMsg,
8
8
- CoreResourceThread, CustomResponseMediator, DiscardFetch, FetchChannels, FetchTaskTarget,
9
9
- ResourceFetchTiming, ResourceThreads, ResourceTimingType, WebSocketDomAction,
10
-
- WebSocketNetworkEvent,
11
-
+ AsyncRuntime, AtProtoSessionState, AuthCacheEntry, CookieAsyncResponse, CookieData,
12
-
+ CookieSource, CoreResourceMsg, CoreResourceThread, CustomResponseMediator, DiscardFetch,
13
-
+ FetchChannels, FetchTaskTarget, ResourceFetchTiming, ResourceThreads, ResourceTimingType,
14
-
+ WebSocketDomAction, WebSocketNetworkEvent,
10
+
+ AsyncRuntime, AtProtoSessionState, CookieAsyncResponse, CookieData, CookieSource,
11
+
+ CoreResourceMsg, CoreResourceThread, CustomResponseMediator, DiscardFetch, FetchChannels,
12
+
+ FetchTaskTarget, ResourceFetchTiming, ResourceThreads, ResourceTimingType, WebSocketDomAction,
13
+
WebSocketNetworkEvent,
15
14
};
16
15
use parking_lot::{Mutex, RwLock};
17
-
use profile_traits::mem::{
18
16
@@ -69,6 +69,7 @@
19
17
use crate::http_loader::{HttpState, http_redirect_fetch};
20
18
use crate::protocols::ProtocolRegistry;
···
66
64
};
67
65
68
66
(Arc::new(http_state), Arc::new(private_http_state))
69
-
@@ -661,20 +672,21 @@
67
+
@@ -661,9 +672,16 @@
70
68
return false;
71
69
},
72
70
// Ignore these messages as they are only sent on very specific channels.
···
86
84
}
87
85
true
88
86
}
89
-
}
90
-
91
-
-#[derive(Clone, Debug, Deserialize, Serialize)]
92
-
-pub struct AuthCacheEntry {
93
-
- pub user_name: String,
94
-
- pub password: String,
95
-
-}
96
-
-
97
-
impl Default for AuthCache {
98
-
fn default() -> Self {
99
-
Self {