M1606: Implementing HTTP authorization UI and persistent sessions

From Expertiza_Wiki
Jump to navigation Jump to search

M1606: Implementing HTTP authorization UI and persistent sessions

Web pages make use of sessions all the time. These are required to persist throughout the life of the user's interaction with the web site or web application.This is supported by Servo as of today. However it doesn't support the persistence of data upon the closing and reopening of the web browser.<ref> https://github.com/servo/servo/wiki/Persistent-sessions-student-project</ref>

With this project we aim to create the necessary infrastructure to support this.

Introduction

Servo

Servo is a web browser layout engine written in Rust and is currently being developed by Mozilla Research. The aim of the project is not to create a full browser but is rather to create a highly parallel environment that allows for many components be handled by fine-grained, isolated tasks. Servo is built on top of Rust to provide a secure and reliable foundation and is focused on creating a reliable and fast browser engine.<ref>https://en.wikipedia.org/wiki/Servo_(layout_engine)</ref>

Rust

Rust is a multi-paradigm, compiled programming language that is a good language for creating highly safe systems. Rust and Servo have a symbiotic relationship as the development of servo has influenced the design of the language. Rust is a modern, fast, memory safe and multithreaded programming language that focuses on speed and safety for developing reliable and efficient systems. It eliminates all data races by having numerous compile-time safety checks that adds no runtime overhead.<ref>https://en.wikipedia.org/wiki/Rust_(programming_language)</ref>

Scope

The scope of the project is limited to the steps mentioned below:

1) Compile Servo and ensure that it runs on tests/html/about-mozilla.html.

2) Add a new command line flag --profile-dir [path] that stores an optional directory path in the Opts struct in opts.rs, creating the directory if it does not exist.

3) Create Rust FFI bindings for the tinyfiledialogs library to allow calling the C methods from Servo.

4) In resource_thread.rs, define an HTTP authorization cache storage (username, password, URL) and instantiate it like the cookie_storage member (inside an Arc<Rwlock<>> value, to enable sharing it between threads).

5) In modify_request_headers in http_loader.rs, implement the remaining pieces of step 12 of the appropriate specification using this new authorization cache.

Implementation

This is a quick summary of the changes. Not all code is shown. To see a more detailed view of the code changes look at the pull requests or commits in the repo.

Step 1:

The project requirement initially stated that we build and Compile servo. Servo is built with Cargo, the Rust package manager. Mozilla's Mach tools are used to orchestrate the build and other tasks.

Step 2:

The project required us to add a new command line flag that stored an optional directory path. The job of this flag was to create a directory in the absence of it.

Step 3:

To create the Rust FFI bindings for the tinyfiledialogs library so as to allow the C methods to be called from Servo.

An example program that uses the tinyfiledialogs bindings has been placed in /examples/tinytest

Step 4:

In the file resource_thread.rs, we were required to define an HTTP authorization cache storage (username, password, URL) and instantiate it like the cookie_storage member.

Step 5:

In the modify_request_headers in http_loader.rs, we were required to implement a portion of the appropriate specification using this new authorization cache.

Pull Requests

All pull requests that fully implement the initial steps have been accepted by a servo maintainer and successfully merged to the servo master branch

These are the pull requests that complete the initial steps of the project:

1) Added a new command line flag --profile-dir

2) Added Rust FFI bindings to lib.rs

3) Added authorization cache to resources & set authorization header from it if url does not have credentials

Testing the new command line flag --profile-dir

   git clone https://github.com/servo/servo.git
   cd servo
   ./mach build --dev
   ./mach run tests/html/about-mozilla.html --profile-dir [directory name]
   //A new folder should be created if it does not exist with the directory name

Unit Test for set authorization header if url does not have credentials

The project maintainer instructed us to add one unit test to test the initial step functionality. We have added a unit test to test that the authentication header is being set if credentials are contained in the cache

It can be run with the other unit tests with the command

   ./mach test-unit -p net

The unit test can be found in /servo/tests/unit/net/http_loader.rs

GUI test for the tinyfiledialogs lib

In addition to creating the rust FFI bindings for the tinyfiledialog C library our team also created a example rust program to test the new rust library.

To run the example and see all of the tinyfiledialog windows do the following.

   Git clone https://github.com/jdm/tinyfiledialogs.git
   cd tinyfiledialogs/examples/tinytest
   cargo run

This will run tinytest which is a rust program that show cases the different GUI windows that the new rust tinyfiledialogs library has.

Design patterns

The team was not given much freedom for design patterns. We followed and used the existing servo design strategy. You can read about the servo design here

Conclusion

The definition of the HTTP authorization cache and the implementation of the appropriate specification in the http_loader.rs, ensures the authorization UI will appear when a 401 HTTP response is received.

The Rust FFI Bindings for the tinyfiledialogs library will ultimately help with the dialogue box that will pop up in event of a 401 HTTP response.

The –profile-dir [path] command line flag will store an optional directory path, creating the directory in case it doesn’t exist.

References

<references/>