Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4f0e56b7 authored by Iain Merrick's avatar Iain Merrick
Browse files

Fix deadlock in HTTP authentication within synchronous request. 

When HTTP authentication results in the user being prompted for a username
and password, this is handled asynchronously in the UI thread. However, we
can't post the result back to the WebKit thread in the normal way because
WebKit does not pump its message queue during synchronous requests.

Instead, we call WebKit directly from the UI thread and let it handle the
threading. This is safe to do because we're using thread-safe STL and
Chrome objects, not WebCore objects.

Change-Id: I79c21510186c2352f842c4ff4311687ec40ba45f
parent 1115d0da

core/java/android/webkit/BrowserFrame.java

+6 −23
Original line number Diff line number Diff line
@@ -1037,15 +1037,16 @@ class BrowserFrame extends Handler { 
     * We delegate the request to CallbackProxy, and route its response to

     * {@link #nativeAuthenticationProceed(int, String, String)} or

     * {@link #nativeAuthenticationCancel(int)}.

     *

     * We don't care what thread the callback is invoked on. All threading is

     * handled on the C++ side, because the WebKit thread may be blocked on a

     * synchronous call and unable to pump our MessageQueue.

     */

    private void didReceiveAuthenticationChallenge(

            final int handle, String host, String realm, final boolean useCachedCredentials) {



        HttpAuthHandler handler = new HttpAuthHandler() {



            private static final int AUTH_PROCEED = 1;

            private static final int AUTH_CANCEL = 2;



            @Override

            public boolean useHttpAuthUsernamePassword() {

                return useCachedCredentials;
@@ -1053,30 +1054,12 @@ class BrowserFrame extends Handler { 


            @Override

            public void proceed(String username, String password) {

                Message msg = obtainMessage(AUTH_PROCEED);

                msg.getData().putString("username", username);

                msg.getData().putString("password", password);

                sendMessage(msg);

                nativeAuthenticationProceed(handle, username, password);

            }



            @Override

            public void cancel() {

                sendMessage(obtainMessage(AUTH_CANCEL));

            }



            @Override

            public void handleMessage(Message msg) {

                switch (msg.what) {

                    case AUTH_PROCEED:

                        String username = msg.getData().getString("username");

                        String password = msg.getData().getString("password");

                        nativeAuthenticationProceed(handle, username, password);

                        break;



                    case AUTH_CANCEL:

                nativeAuthenticationCancel(handle);

                        break;

                }

            }

        };

        mCallbackProxy.onReceivedHttpAuthRequest(handler, host, realm);