From 9737ba3e3767bb130011403f9ad3dc8a4742febb Mon Sep 17 00:00:00 2001
From: Paul Betts <paul@paulbetts.org>
Date: Mon, 4 May 2015 15:35:25 -0700
Subject: [PATCH 1/3] Explicitly create HttpAuthHandlerFactory

The CreateDefault method does not set a URLSecurityManager, so the code will
fall-back to disabling all built-in authentication. Instead, use the default
URLSecurityManager which will use IE Security Zones on Windows to determine
whether a URL is part of the Local Intranet zone or on non-Windows, default
proxy rules will be used (i.e. would a default proxy map vs. connect direct).
---
 .../browser/url_request_context_getter.cc     | 21 +++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/brightray/browser/url_request_context_getter.cc b/brightray/browser/url_request_context_getter.cc
index 6a92047266c8..75e18defc9ad 100644
--- a/brightray/browser/url_request_context_getter.cc
+++ b/brightray/browser/url_request_context_getter.cc
@@ -21,6 +21,7 @@
 #include "net/dns/mapped_host_resolver.h"
 #include "net/http/http_auth_handler_factory.h"
 #include "net/http/http_server_properties_impl.h"
+#include "net/http/url_security_manager.h"
 #include "net/proxy/dhcp_proxy_script_fetcher_factory.h"
 #include "net/proxy/proxy_config_service.h"
 #include "net/proxy/proxy_script_fetcher_impl.h"
@@ -188,11 +189,27 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
               NULL,
               url_request_context_->network_delegate()));
 
+    auto url_sec_mgr = net::URLSecurityManager::Create(NULL, NULL);
+
+    std::vector<std::string> schemes;
+    schemes.push_back(std::string("basic"));
+    schemes.push_back(std::string("digest"));
+    schemes.push_back(std::string("ntlm"));
+    schemes.push_back(std::string("negotiate"));
+
+    auto auth_handler_factory =
+      net::HttpAuthHandlerRegistryFactory::Create(
+        schemes,
+        url_sec_mgr,
+        host_resolver.get(),
+        std::string(),  // gssapi_library_name
+        false,          // negotiate_disable_cname_lookup
+        true);          // negotiate_enable_port
+
     storage_->set_cert_verifier(net::CertVerifier::CreateDefault());
     storage_->set_transport_security_state(new net::TransportSecurityState);
     storage_->set_ssl_config_service(new net::SSLConfigServiceDefaults);
-    storage_->set_http_auth_handler_factory(
-        net::HttpAuthHandlerFactory::CreateDefault(host_resolver.get()));
+    storage_->set_http_auth_handler_factory(auth_handler_factory);
     scoped_ptr<net::HttpServerProperties> server_properties(
         new net::HttpServerPropertiesImpl);
     storage_->set_http_server_properties(server_properties.Pass());

From dbe969b5c53d12622e752adbd4ba8be17de36f71 Mon Sep 17 00:00:00 2001
From: Paul Betts <paul@paulbetts.org>
Date: Tue, 5 May 2015 22:28:00 -0700
Subject: [PATCH 2/3] Fix indentation

---
 brightray/browser/url_request_context_getter.cc | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/brightray/browser/url_request_context_getter.cc b/brightray/browser/url_request_context_getter.cc
index 75e18defc9ad..4eeb6f24dfbd 100644
--- a/brightray/browser/url_request_context_getter.cc
+++ b/brightray/browser/url_request_context_getter.cc
@@ -198,13 +198,13 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
     schemes.push_back(std::string("negotiate"));
 
     auto auth_handler_factory =
-      net::HttpAuthHandlerRegistryFactory::Create(
-        schemes,
-        url_sec_mgr,
-        host_resolver.get(),
-        std::string(),  // gssapi_library_name
-        false,          // negotiate_disable_cname_lookup
-        true);          // negotiate_enable_port
+        net::HttpAuthHandlerRegistryFactory::Create(
+            schemes,
+            url_sec_mgr,
+            host_resolver.get(),
+            std::string(),  // gssapi_library_name
+            false,          // negotiate_disable_cname_lookup
+            true);          // negotiate_enable_port
 
     storage_->set_cert_verifier(net::CertVerifier::CreateDefault());
     storage_->set_transport_security_state(new net::TransportSecurityState);

From a18e5d7d5c1edb8e919fc876abce9d9cf3d742c4 Mon Sep 17 00:00:00 2001
From: Paul Betts <paul@paulbetts.org>
Date: Tue, 5 May 2015 22:35:48 -0700
Subject: [PATCH 3/3] Come Correct with memory management

---
 brightray/browser/url_request_context_getter.cc | 5 ++---
 brightray/browser/url_request_context_getter.h  | 2 ++
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/brightray/browser/url_request_context_getter.cc b/brightray/browser/url_request_context_getter.cc
index 4eeb6f24dfbd..03a3fa156f76 100644
--- a/brightray/browser/url_request_context_getter.cc
+++ b/brightray/browser/url_request_context_getter.cc
@@ -21,7 +21,6 @@
 #include "net/dns/mapped_host_resolver.h"
 #include "net/http/http_auth_handler_factory.h"
 #include "net/http/http_server_properties_impl.h"
-#include "net/http/url_security_manager.h"
 #include "net/proxy/dhcp_proxy_script_fetcher_factory.h"
 #include "net/proxy/proxy_config_service.h"
 #include "net/proxy/proxy_script_fetcher_impl.h"
@@ -120,6 +119,7 @@ URLRequestContextGetter::URLRequestContextGetter(
       base_path_(base_path),
       io_loop_(io_loop),
       file_loop_(file_loop),
+      url_sec_mgr_(net::URLSecurityManager::Create(NULL, NULL)),
       protocol_interceptors_(protocol_interceptors.Pass()) {
   // Must first be created on the UI thread.
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
@@ -189,7 +189,6 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
               NULL,
               url_request_context_->network_delegate()));
 
-    auto url_sec_mgr = net::URLSecurityManager::Create(NULL, NULL);
 
     std::vector<std::string> schemes;
     schemes.push_back(std::string("basic"));
@@ -200,7 +199,7 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
     auto auth_handler_factory =
         net::HttpAuthHandlerRegistryFactory::Create(
             schemes,
-            url_sec_mgr,
+            url_sec_mgr_.get(),
             host_resolver.get(),
             std::string(),  // gssapi_library_name
             false,          // negotiate_disable_cname_lookup
diff --git a/brightray/browser/url_request_context_getter.h b/brightray/browser/url_request_context_getter.h
index 85ed014422a0..599bf6c4d228 100644
--- a/brightray/browser/url_request_context_getter.h
+++ b/brightray/browser/url_request_context_getter.h
@@ -9,6 +9,7 @@
 #include "base/memory/scoped_ptr.h"
 #include "content/public/browser/content_browser_client.h"
 #include "net/http/http_cache.h"
+#include "net/http/url_security_manager.h"
 #include "net/url_request/url_request_context_getter.h"
 
 namespace base {
@@ -68,6 +69,7 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
   scoped_ptr<net::URLRequestContextStorage> storage_;
   scoped_ptr<net::URLRequestContext> url_request_context_;
   scoped_ptr<net::HostMappingRules> host_mapping_rules_;
+  scoped_ptr<net::URLSecurityManager> url_sec_mgr_;
   content::ProtocolHandlerMap protocol_handlers_;
   content::URLRequestInterceptorScopedVector protocol_interceptors_;