Revision 910563

Go back to digest for 18th January 2009

Other in KDE Base

Andreas Hartmetz committed changes in /trunk/KDE/kdelibs/kioslave/http:

Refactor HTTP authentication:
- One class per authentication scheme
- One parser for auth header, where in RFC format
- Don't manipulate HTTP state "somewhere"; explicitly model actions to be taken when using a specific scheme
- Reduce the ugly ugly proxy/WWW auth special-casing to a minimum
- Apply the effect of !m_request.isKeepAlive in one well-defined place

Benefits so far:
- (most of the time) just one auth popup even if konqi loads ten tabs
- apparently faster surfing via proxy with proxy auth
- I understand it :)

TODO:
- Resurrect Negotiate auth
- Fill in the case where the same credentials are used twice in a row without asking the user twice, aka. Digest auth with stale nonce value
- Fix SSL with proxy auth: looks like a Qt bug to me.
- Try and make sure that no unneeded credentials are sent. This can be a trivial to exploit security problem.
- Make sure there is no otherwise benign "garbage" in request headers
- Test, test, test

File Changes

Added 2 files
  • /trunk/KDE/kdelibs/kioslave/http
  •   /httpauthentication.cpp
  •   /httpauthentication.h
Modified 3 files
  • /trunk/KDE/kdelibs/kioslave/http
  •   /http.cpp
  •   /http.h
  •   /parsinghelpers.cpp
5 files changed in total