--e89a8f502906442d3204be61241e Content-Type: multipart/alternative; boundary=e89a8f502906442d2e04be61241c --e89a8f502906442d2e04be61241c Content-Type: text/plain; charset=UTF-8 On Mon, Apr 23, 2012 at 1:12 PM, Alex Fiestas wrote: > KWebView can't do Private Browsing because of KIO integration, need advice > on > how to fix it but first let me explain the issue. > > What I consider PrivateBrowsing: > Private Browsing should have an empty CookieJar that will keep cookies > only as > long as the private browsing is activated, after that cookies will be > removed. What is happening now? > While in PrivateBrowsing all * new * cokies are created with an expiration > date of "right now" and stored in kcookiejar. This is done by calling > AccessManager::setDisablecookieStorage(false) and stored in > CookieJar::setCookiesFromUrl. > > File: kdelibs/kio/kio/accessmanager.cpp > > All existing cookies will still be available to KWebPage, so even though > I'm > in PrivateBrowser authentifications will remain as well as any other > information stored in the cookies. > As a practical usecase, in akonadi-google we need an empty cookieJar so any > previous authentification on GMail will be ignored (for example I can be > authentificated with X account on rekonq while configuring Y account on > akonadi-google). > Where is the problem located? > The problem is the integration class not doing the right thing right now. As you already discovered in private browsing mode the cookies are merely set to session cookies and added to KDE's central cookiejar which violates the privateness of any cookie. > As far as I understood the code there are two problems: > > -kio_http uses KCookieJar directly, and it doesn't have a Cookie mode like > the > one we need. It has: none, manual, auto we will need another one > (private?). > Nope. That is not necessary. The reason the "cookies: manual" meta-data exists is to allow the client application to deal with cookie management itself. In this case the client is KIO::Integration::AccessManager. However, since that class is not doing the right thing, you have this particular issue. -kio_http won't use any new QNetworkCookieJar we set via > AccessManager::setNetworkCookieJar. This is more difficult to fix since > kio_http is out of process. Maybe we can use some kind of DBus magic? > None of this is necessary. What should happen in private browsing mode is the "cookies" metadata should be set to "manual" to disable cookie handling kio_http. The KIO::Integration::AccessManager can be modified to send its own cookie header instead. This would give you want you want. I have attached an untested patch that does just that. Test it and let me know if it works okay for you. The only question I have and which the patch does not address is whether or not cookies stored outside of the private-browsing mode should be used (read: sent back to the server) during private browsing mode. Reading the up on the definition of private browsing mode, it seems to me that we should only stop saving information once in private browsing mode, not stop sending data that was previously stored before "private browsing mode" was initiated. --e89a8f502906442d2e04be61241c Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On Mon, Apr 23, 2012 = at 1:12 PM, Alex Fiestas <afiestas@kde.org> wrote:
KWebView can't do Private Browsing because of KIO integration, need adv= ice on
how to fix it but first let me explain the issue.

What I consider PrivateBrowsing:
Private Browsing should have an empty CookieJar that will keep cookies only= as
long as the private browsing is activated, after that cookies will be remov= ed.

What is happe= ning now?
While in PrivateBrowsing all * new * cokies are created with an expiration<= br> date of "right now" and stored in kcookiejar. This is done by cal= ling
AccessManager::setDisablecookieStorage(false) and stored in
CookieJar::setCookiesFromUrl.

File: kdelibs/kio/kio/accessmanager.cpp

All existing cookies will still be available to KWebPage, so even though I&= #39;m
in PrivateBrowser authentifications will remain as well as any other
information stored in the cookies.

As a practical usecase, in akonadi-google we need an empty cookieJar so any=
previous authentification on GMail will be ignored =C2=A0(for example I can= be
authentificated with X account on rekonq while configuring Y account on
akonadi-google).
=C2=A0
As far as I understood the code there are two problems:

-kio_http uses KCookieJar directly, and it doesn't have a Cookie mode l= ike the
one we need. It has: none, manual, auto we will need another one (private?)= .

Nope. That is not necessary. The reas= on the "cookies: manual" meta-data exists is to allow the client = application to deal with cookie management itself. In this case the client = is KIO::Integration::AccessManager. However, since that class is not doing = the right thing, you have this particular issue.

-kio_http won't use any new QNetworkCookieJar we set via
AccessManager::setNetworkCookieJar. This is more difficult to fix since
kio_http is out of process. Maybe we can use some kind of DBus magic?

None of this is necessary. What should happe= n in private browsing mode is the "cookies" metadata should be se= t to "manual" to disable cookie handling kio_http. The KIO::Integ= ration::AccessManager can be modified to send its own cookie header instead= . This would give you want you want. I have attached an untested patch that= does just that. Test it and let me know if it works okay for you.

The only question I have and which the patch does not a= ddress is whether or not cookies stored outside of the private-browsing mod= e should be used (read: sent back to the server) during private browsing mo= de. Reading the up on the definition of private browsing mode, it seems to = me that we should only stop saving information once in private browsing mod= e, not stop sending data that was previously stored before "private br= owsing mode" was initiated.



--e89a8f502906442d2e04be61241c-- --e89a8f502906442d3204be61241e Content-Type: application/octet-stream; name="kio_accessmanager_private_browsing_mode.patch" Content-Disposition: attachment; filename="kio_accessmanager_private_browsing_mode.patch" Content-Transfer-Encoding: base64 X-Attachment-Id: f_h1e61xss0 ZGlmZiAtLWdpdCBhL2tpby9raW8vYWNjZXNzbWFuYWdlci5jcHAgYi9raW8va2lvL2FjY2Vzc21h bmFnZXIuY3BwCmluZGV4IGU1MzVjOGEuLmE2NGJiNTMgMTAwNjQ0Ci0tLSBhL2tpby9raW8vYWNj ZXNzbWFuYWdlci5jcHAKKysrIGIva2lvL2tpby9hY2Nlc3NtYW5hZ2VyLmNwcApAQCAtMzMxLDYg KzMzMSwyMSBAQCBRTmV0d29ya1JlcGx5ICpBY2Nlc3NNYW5hZ2VyOjpjcmVhdGVSZXF1ZXN0KE9w ZXJhdGlvbiBvcCwgY29uc3QgUU5ldHdvcmtSZXF1ZXN0CiAgICAgICAgIGJyZWFrOwogICAgIH0K IAorICAgIC8vIElmIHBlcm1hbmVudCBzdG9yYWdlIG9mIGNvb2tpZXMgaXMgZGlzYWJsZWQsIHNl dCAiY29va2llcyIgbWV0YS1kYXRhIHRvCisgICAgSW50ZWdyYXRpb246OkNvb2tpZUphciogamFy ID0gcW9iamVjdF9jYXN0PEludGVncmF0aW9uOjpDb29raWVKYXIqPihjb29raWVKYXIoKSk7Cisg ICAgaWYgKGphciAmJiBqYXItPmlzQ29va2llU3RvcmFnZURpc2FibGVkKCkpIHsKKyAgICAgICAg bWV0YURhdGEuaW5zZXJ0KFFMMVMoImNvb2tpZXMiKSwgIFFMMVMoIm1hbnVhbCIpKTsKKyAgICAg ICAgUVN0cmluZ0xpc3QgY29va2llVmFsdWVzOworICAgICAgICBRX0ZPUkVBQ0goY29uc3QgUU5l dHdvcmtDb29raWUmIGNvb2tpZSwgamFyLT5jb29raWVzRm9yVXJsKHJlcS51cmwoKSkpIHsKKyAg ICAgICAgICAgIGNvb2tpZVZhbHVlcyA8PCBjb29raWUudG9SYXdGb3JtKFFOZXR3b3JrQ29va2ll OjpOYW1lQW5kVmFsdWVPbmx5KTsKKyAgICAgICAgfQorICAgICAgICBpZiAoIWNvb2tpZVZhbHVl cy5pc0VtcHR5KCkpIHsKKyAgICAgICAgICAgIFFTdHJpbmcgY29va2llU3RyIChRTDFTKCJDb29r aWU6ICIpKTsKKyAgICAgICAgICAgIGNvb2tpZVN0ciArPSBjb29raWVWYWx1ZXMuam9pbihRTDFT KCI7ICIpKTsKKyAgICAgICAgICAgIG1ldGFEYXRhLmluc2VydChRTDFTKCJzZXRjb29raWVzIiks IGNvb2tpZVN0cik7CisgICAgICAgIH0KKyAgICB9CisKICAgICAvLyBTZXQgdGhlIG1ldGEgZGF0 YSBmb3IgdGhpcyBqb2IuLi4KICAgICBraW9Kb2ItPnNldE1ldGFEYXRhKG1ldGFEYXRhKTsKIApA QCAtNDgzLDI1ICs0OTgsMzAgQEAgUUxpc3Q8UU5ldHdvcmtDb29raWU+IENvb2tpZUphcjo6Y29v a2llc0ZvclVybChjb25zdCBRVXJsICZ1cmwpIGNvbnN0CiAgICAgaWYgKCFkLT5pc0VuYWJsZWQp IHsKICAgICAgICAgcmV0dXJuIGNvb2tpZUxpc3Q7CiAgICAgfQotICAgIFFEQnVzSW50ZXJmYWNl IGtjb29raWVqYXIoIm9yZy5rZGUua2RlZCIsICIvbW9kdWxlcy9rY29va2llamFyIiwgIm9yZy5r ZGUuS0Nvb2tpZVNlcnZlciIpOwotICAgIFFEQnVzUmVwbHk8UVN0cmluZz4gcmVwbHkgPSBrY29v a2llamFyLmNhbGwoImZpbmRET01Db29raWVzIiwgdXJsLnRvU3RyaW5nKFFVcmw6OlJlbW92ZVVz ZXJJbmZvKSwgKHFsb25nbG9uZylkLT53aW5kb3dJZCk7CiAKLSAgICBpZiAoIXJlcGx5LmlzVmFs aWQoKSkgewotICAgICAgICBrV2FybmluZyg3MDQ0KSA8PCAiVW5hYmxlIHRvIGNvbW11bmljYXRl IHdpdGggdGhlIGNvb2tpZWphciEiOwotICAgICAgICByZXR1cm4gY29va2llTGlzdDsKLSAgICB9 CisgICAgaWYgKCFkLT5pc1N0b3JhZ2VEaXNhYmxlZCkgeworICAgICAgICBRREJ1c0ludGVyZmFj ZSBrY29va2llamFyKCJvcmcua2RlLmtkZWQiLCAiL21vZHVsZXMva2Nvb2tpZWphciIsICJvcmcu a2RlLktDb29raWVTZXJ2ZXIiKTsKKyAgICAgICAgUURCdXNSZXBseTxRU3RyaW5nPiByZXBseSA9 IGtjb29raWVqYXIuY2FsbCgiZmluZERPTUNvb2tpZXMiLCB1cmwudG9TdHJpbmcoUVVybDo6UmVt b3ZlVXNlckluZm8pLCAocWxvbmdsb25nKWQtPndpbmRvd0lkKTsKIAotICAgIGNvbnN0IFFTdHJp bmcgY29va2llU3RyID0gcmVwbHkudmFsdWUoKTsKLSAgICBjb25zdCBRU3RyaW5nTGlzdCBjb29r aWVzID0gY29va2llU3RyLnNwbGl0KFFMMVMoIjsgIiksIFFTdHJpbmc6OlNraXBFbXB0eVBhcnRz KTsKLSAgICBRX0ZPUkVBQ0goY29uc3QgUVN0cmluZyYgY29va2llLCBjb29raWVzKSB7Ci0gICAg ICAgIGNvbnN0IGludCBpbmRleCA9IGNvb2tpZS5pbmRleE9mKFFMMUMoJz0nKSk7Ci0gICAgICAg IGNvbnN0IFFTdHJpbmcgbmFtZSA9IGNvb2tpZS5sZWZ0KGluZGV4KTsKLSAgICAgICAgY29uc3Qg UVN0cmluZyB2YWx1ZSA9IGNvb2tpZS5yaWdodCgoY29va2llLmxlbmd0aCgpIC0gaW5kZXggLSAx KSk7Ci0gICAgICAgIGNvb2tpZUxpc3QgPDwgUU5ldHdvcmtDb29raWUobmFtZS50b1V0ZjgoKSwg dmFsdWUudG9VdGY4KCkpOwotICAgICAgICAvL2tEZWJ1Zyg3MDQ0KSA8PCAiY29va2llOiBuYW1l PSIgPDwgbmFtZSA8PCAiLCB2YWx1ZT0iIDw8IHZhbHVlOworICAgICAgICBpZiAoIXJlcGx5Lmlz VmFsaWQoKSkgeworICAgICAgICAgICAga1dhcm5pbmcoNzA0NCkgPDwgIlVuYWJsZSB0byBjb21t dW5pY2F0ZSB3aXRoIHRoZSBjb29raWVqYXIhIjsKKyAgICAgICAgICAgIHJldHVybiBjb29raWVM aXN0OworICAgICAgICB9CisKKyAgICAgICAgY29uc3QgUVN0cmluZyBjb29raWVTdHIgPSByZXBs eS52YWx1ZSgpOworICAgICAgICBjb25zdCBRU3RyaW5nTGlzdCBjb29raWVzID0gY29va2llU3Ry LnNwbGl0KFFMMVMoIjsgIiksIFFTdHJpbmc6OlNraXBFbXB0eVBhcnRzKTsKKyAgICAgICAgUV9G T1JFQUNIKGNvbnN0IFFTdHJpbmcmIGNvb2tpZSwgY29va2llcykgeworICAgICAgICAgICAgY29u c3QgaW50IGluZGV4ID0gY29va2llLmluZGV4T2YoUUwxQygnPScpKTsKKyAgICAgICAgICAgIGNv bnN0IFFTdHJpbmcgbmFtZSA9IGNvb2tpZS5sZWZ0KGluZGV4KTsKKyAgICAgICAgICAgIGNvbnN0 IFFTdHJpbmcgdmFsdWUgPSBjb29raWUucmlnaHQoKGNvb2tpZS5sZW5ndGgoKSAtIGluZGV4IC0g MSkpOworICAgICAgICAgICAgY29va2llTGlzdCA8PCBRTmV0d29ya0Nvb2tpZShuYW1lLnRvVXRm OCgpLCB2YWx1ZS50b1V0ZjgoKSk7CisgICAgICAgICAgICAvL2tEZWJ1Zyg3MDQ0KSA8PCAiY29v a2llOiBuYW1lPSIgPDwgbmFtZSA8PCAiLCB2YWx1ZT0iIDw8IHZhbHVlOworICAgICAgICB9CisK KyAgICAgICAgcmV0dXJuIGNvb2tpZUxpc3Q7CiAgICAgfQogCi0gICAgcmV0dXJuIGNvb2tpZUxp c3Q7CisgICAgcmV0dXJuIFFOZXR3b3JrQ29va2llSmFyOjpjb29raWVzRm9yVXJsKHVybCk7CiB9 CiAKIGJvb2wgQ29va2llSmFyOjpzZXRDb29raWVzRnJvbVVybChjb25zdCBRTGlzdDxRTmV0d29y a0Nvb2tpZT4gJmNvb2tpZUxpc3QsIGNvbnN0IFFVcmwgJnVybCkKQEAgLTUxMCwyMSArNTMwLDIw IEBAIGJvb2wgQ29va2llSmFyOjpzZXRDb29raWVzRnJvbVVybChjb25zdCBRTGlzdDxRTmV0d29y a0Nvb2tpZT4gJmNvb2tpZUxpc3QsIGNvbnN0CiAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICB9 CiAKLSAgICBRREJ1c0ludGVyZmFjZSBrY29va2llamFyKCJvcmcua2RlLmtkZWQiLCAiL21vZHVs ZXMva2Nvb2tpZWphciIsICJvcmcua2RlLktDb29raWVTZXJ2ZXIiKTsKLSAgICBRX0ZPUkVBQ0go Y29uc3QgUU5ldHdvcmtDb29raWUgJmNvb2tpZSwgY29va2llTGlzdCkgewotICAgICAgICBRQnl0 ZUFycmF5IGNvb2tpZUhlYWRlciAoIlNldC1Db29raWU6ICIpOwotICAgICAgICBpZiAoZC0+aXNT dG9yYWdlRGlzYWJsZWQgJiYgIWNvb2tpZS5pc1Nlc3Npb25Db29raWUoKSkgewotICAgICAgICAg ICAgUU5ldHdvcmtDb29raWUgc2Vzc2lvbkNvb2tpZShjb29raWUpOwotICAgICAgICAgICAgc2Vz c2lvbkNvb2tpZS5zZXRFeHBpcmF0aW9uRGF0ZShRRGF0ZVRpbWUoKSk7Ci0gICAgICAgICAgICBj b29raWVIZWFkZXIgKz0gc2Vzc2lvbkNvb2tpZS50b1Jhd0Zvcm0oKTsKLSAgICAgICAgfSBlbHNl IHsKKyAgICBpZiAoIWQtPmlzU3RvcmFnZURpc2FibGVkKSB7CisgICAgICAgIFFEQnVzSW50ZXJm YWNlIGtjb29raWVqYXIoIm9yZy5rZGUua2RlZCIsICIvbW9kdWxlcy9rY29va2llamFyIiwgIm9y Zy5rZGUuS0Nvb2tpZVNlcnZlciIpOworCisgICAgICAgIFFfRk9SRUFDSChjb25zdCBRTmV0d29y a0Nvb2tpZSAmY29va2llLCBjb29raWVMaXN0KSB7CisgICAgICAgICAgICBRQnl0ZUFycmF5IGNv b2tpZUhlYWRlciAoIlNldC1Db29raWU6ICIpOwogICAgICAgICAgICAgY29va2llSGVhZGVyICs9 IGNvb2tpZS50b1Jhd0Zvcm0oKTsKKyAgICAgICAgICAgIGtjb29raWVqYXIuY2FsbCgiYWRkQ29v a2llcyIsIHVybC50b1N0cmluZyhRVXJsOjpSZW1vdmVVc2VySW5mbyksIGNvb2tpZUhlYWRlciwg KHFsb25nbG9uZylkLT53aW5kb3dJZCk7CisgICAgICAgICAgICAvL2tEZWJ1Zyg3MDQ0KSA8PCAi WyIgPDwgZC0+d2luZG93SWQgPDwgIl0iIDw8IGNvb2tpZUhlYWRlciA8PCAiIGZyb20gIiA8PCB1 cmw7CiAgICAgICAgIH0KLSAgICAgICAga2Nvb2tpZWphci5jYWxsKCJhZGRDb29raWVzIiwgdXJs LnRvU3RyaW5nKFFVcmw6OlJlbW92ZVVzZXJJbmZvKSwgY29va2llSGVhZGVyLCAocWxvbmdsb25n KWQtPndpbmRvd0lkKTsKLSAgICAgICAgLy9rRGVidWcoNzA0NCkgPDwgIlsiIDw8IGQtPndpbmRv d0lkIDw8ICJdIiA8PCBjb29raWVIZWFkZXIgPDwgIiBmcm9tICIgPDwgdXJsOworCisgICAgICAg IHJldHVybiAha2Nvb2tpZWphci5sYXN0RXJyb3IoKS5pc1ZhbGlkKCk7CiAgICAgfQogCi0gICAg cmV0dXJuICFrY29va2llamFyLmxhc3RFcnJvcigpLmlzVmFsaWQoKTsKKyAgICByZXR1cm4gUU5l dHdvcmtDb29raWVKYXI6OnNldENvb2tpZXNGcm9tVXJsKGNvb2tpZUxpc3QsIHVybCk7CiB9CiAK IHZvaWQgQ29va2llSmFyOjpzZXREaXNhYmxlQ29va2llU3RvcmFnZShib29sIGRpc2FibGUpCmRp ZmYgLS1naXQgYS9raW8va2lvL2FjY2Vzc21hbmFnZXIuaCBiL2tpby9raW8vYWNjZXNzbWFuYWdl ci5oCmluZGV4IDFiNzU1YjIuLmRlOTFlOGQgMTAwNjQ0Ci0tLSBhL2tpby9raW8vYWNjZXNzbWFu YWdlci5oCisrKyBiL2tpby9raW8vYWNjZXNzbWFuYWdlci5oCkBAIC0zMjksNyArMzI5LDcgQEAg cHVibGljOgogICAgIGJvb2wgc2V0Q29va2llc0Zyb21VcmwoY29uc3QgUUxpc3Q8UU5ldHdvcmtD b29raWU+ICZjb29raWVMaXN0LCBjb25zdCBRVXJsICZ1cmwpOwogCiAgICAgLyoqCi0gICAgICog UmV0dXJucyB0cnVlIGlmIHBlcnNpc3RlbnQgY2FjaGluZyBvZiBjb29raWVzIGlzIGRpc2FibGVk LgorICAgICAqIFJldHVybnMgdHJ1ZSBpZiBwZXJtYW5lbnQgY29va2llIHN0b3JhZ2UgaXMgZGlz YWJsZWQuCiAgICAgICogCiAgICAgICogQHNlZSBzZXREaXNhYmxlQ29va2llU3RvcmFnZQogICAg ICAqIEBzaW5jZSA0LjYKQEAgLTMzOSw5ICszMzksOSBAQCBwdWJsaWM6CiAgICAgLyoqCiAgICAg ICogUHJldmVudCBwZXJzaXN0ZW50IHN0b3JhZ2Ugb2YgY29va2llcy4KICAgICAgKiAKLSAgICAg KiBDYWxsIHRoaXMgZnVuY3Rpb24gaWYgeW91IGRvIG5vdCB3YW50IGNvb2tpZXMgdG8gYmUgc3Rv cmVkIGxvY2FsbHkgZm9yCi0gICAgICogbGF0ZXIgYWNjZXNzIHdpdGhvdXQgZGlzYWJsaW5nIHRo ZSBjb29raWVqYXIuIEFsbCBjb29raWVzIHdpbGwgYmUgZGlzY2FyZGVkCi0gICAgICogb25jZSB0 aGUgc2Vzc2lvbnMgdGhhdCBhcmUgdXNpbmcgdGhlIGNvb2tpZSBhcmUgZG9uZS4KKyAgICAgKiBD YWxsIHRoaXMgZnVuY3Rpb24gaWYgeW91IGRvIG5vdCB3YW50IGNvb2tpZXMgdG8gYmUgc3RvcmVk IHBlcm1hbmVudGx5CisgICAgICogd2l0aG91dCBjb21wbGV0ZWx5IGRpc2FibGluZyB0aGUgY29v a2llamFyLiBBbGwgY29va2llcyB3aWxsIGJlIGRpc2NhcmRlZAorICAgICAqIG9uY2UgdGhpcyBj b29raWVqYXIgaW5zdGFuY2UgaXMgcmVtb3ZlZC4KICAgICAgKiAKICAgICAgKiBAc2luY2UgNC42 CiAgICAgICovCg== --e89a8f502906442d3204be61241e--