$OpenBSD: patch-plugins_shotwell-publishing_FacebookPublishing_vala,v 1.1 2016/01/08 10:28:42 ajacoutot Exp $

From b6aad5eb1af16acbb4ee4984e58dfeb08597923b Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@igalia.com>
Date: Fri, 4 Dec 2015 18:08:54 +0100
Subject: facebook: Don't disable XSS auditor

From f045b7a13cc1efbfa3054338d0edf569df51f4e7 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@igalia.com>
Date: Fri, 4 Dec 2015 17:34:17 +0100
Subject: Have all soup sessions validate TLS certificates

From 3ae27fc3f41ceb7820f365244e6ae6a4dc65fcaa Mon Sep 17 00:00:00 2001
From: Iain Lane <iain@orangesquash.org.uk>
Date: Tue, 30 Jun 2015 10:43:15 +0100
Subject: Port to webkit2gtk-4.0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-902a2b18d8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-191ff70357
https://bugzilla.gnome.org/show_bug.cgi?id=754488
https://bugzilla.gnome.org/show_bug.cgi?id=751709

--- plugins/shotwell-publishing/FacebookPublishing.vala.orig	Fri Jan  8 11:11:26 2016
+++ plugins/shotwell-publishing/FacebookPublishing.vala	Fri Jan  8 11:12:21 2016
@@ -535,7 +535,7 @@ public class FacebookPublisher : Spit.Publishing.Publi
             return;
 
         debug("EVENT: endpoint test transaction failed to detect a connection to the Facebook " +
-            "endpoint");
+            "endpoint" + error.message);
 
         on_generic_error(error);
     }
@@ -829,15 +829,14 @@ internal class WebAuthenticationPane : Spit.Publishing
 
         webview = new WebKit.WebView();
         webview.get_settings().enable_plugins = false;
-        webview.get_settings().enable_default_context_menu = false;
 
-        webview.load_finished.connect(on_page_load);
-        webview.load_started.connect(on_load_started);
+        webview.load_changed.connect(on_page_load_changed);
+        webview.context_menu.connect(() => { return true; });
 
         webview_frame.add(webview);
         pane_widget.pack_start(webview_frame, true, true, 0);
     }
-    
+
     private class LocaleLookup {
         public string prefix;
         public string translation;
@@ -945,10 +944,11 @@ internal class WebAuthenticationPane : Spit.Publishing
         return "https://%s.facebook.com/dialog/oauth?client_id=%s&redirect_uri=https://www.facebook.com/connect/login_success.html&scope=publish_actions,user_photos,user_videos&response_type=token".printf(facebook_locale, APPLICATION_ID);
     }
 
-    private void on_page_load(WebKit.WebFrame origin_frame) {
+    private void on_page_load() {
         pane_widget.get_window().set_cursor(new Gdk.Cursor(Gdk.CursorType.LEFT_PTR));
 
-        string loaded_url = origin_frame.get_uri().dup();
+        string loaded_url = webview.uri.dup();
+        debug("loaded url: " + loaded_url);
 
         // strip parameters from the loaded url
         if (loaded_url.contains("?")) {
@@ -960,7 +960,7 @@ internal class WebAuthenticationPane : Spit.Publishing
         // were we redirected to the facebook login success page?
         if (loaded_url.contains("login_success")) {
             cache_dirty = true;
-            login_succeeded(origin_frame.get_uri());
+            login_succeeded(webview.uri);
             return;
         }
 
@@ -971,10 +971,24 @@ internal class WebAuthenticationPane : Spit.Publishing
         }
     }
 
-    private void on_load_started(WebKit.WebFrame frame) {
+    private void on_load_started() {
         pane_widget.get_window().set_cursor(new Gdk.Cursor(Gdk.CursorType.WATCH));
     }
 
+    private void on_page_load_changed (WebKit.LoadEvent load_event) {
+        switch (load_event) {
+            case WebKit.LoadEvent.STARTED:
+            case WebKit.LoadEvent.REDIRECTED:
+                on_load_started();
+                break;
+            case WebKit.LoadEvent.FINISHED:
+                on_page_load();
+                break;
+        }
+
+        return;
+    }
+
     public static bool is_cache_dirty() {
         return cache_dirty;
     }
@@ -988,7 +1002,7 @@ internal class WebAuthenticationPane : Spit.Publishing
     }
 
     public void on_pane_installed() {
-        webview.open(get_login_url());
+        webview.load_uri(get_login_url());
     }
 
     public void on_pane_uninstalled() {
@@ -1458,6 +1472,7 @@ internal class GraphSession {
         this.soup_session.timeout = 15;
         this.access_token = null;
         this.current_message = null;
+        this.soup_session.ssl_use_system_ca_file = true;
     }
 
     ~GraphSession() {
@@ -1527,6 +1542,7 @@ internal class GraphSession {
                         "Service %s returned HTTP status code %u %s", real_message.get_uri(),
                         msg.status_code, msg.reason_phrase);
                 } else {
+                    debug(msg.reason_phrase);
                     error = new Spit.Publishing.PublishingError.NO_ANSWER(
                         "Failure communicating with %s (error code %u)", real_message.get_uri(),
                         msg.status_code);
