132329 - HTTP auto goes into infinite loop

Status: VERIFIED FIXED

(Core :: Networking: HTTP, defect, P1)

Description

[Henrik Gemal]

If you enter the following link into Location:
http://test:test@dev.gemal.dk/
and press enter
you get the Enter username/password dialog. Dont enter anything just press Enter
and. Now you get the username/password dialog again. Just press enter once more
and Mozilla seems to go into a infinite loop seding requests to dev.gemal.dk

v20020320

Comment 1

[Darin Fisher]

yikes!! this is a major regression

-> 1.0

Comment 2

[Darin Fisher]

Attachment: v1 patch

nsAString::IsEmpty() was being used to detect an unitialized mUser and mPass. 
when "unitialized" the code first looks for a user:pass in the URL.  if present
it uses that.  in the case of this bug, it was repeatedly taking user:pass from
the URL and then overwriting it with the ":" as stored in the auth cache. 
normally, the auth cache entry is cleared when mUser:mPass matches what is
stored.  but with mUser:mPass being reset to "test:test" (from the URL) on each
failure, the auth entry was never being cleared.  and that led to an infinite
loop :(

at any rate, the patch is trivial.  we should check for NULL instead of IsEmpty
to determine if we should be checking the URL for user:pass.  the patch also
adds some preventative logic to PromptForUserPass to ensure that user and pass
are never null on success.

Comment 3

[rpotts (gone)]

Comment on attachment 76315 [details] [diff] [review]
v1 patch

sr=rpotts@netscape.com

Comment 4

[Kevin McCluskey (gone)]

embed triage: topembed+.

Comment 5

[Gagan]

Comment on attachment 76315 [details] [diff] [review]
v1 patch

r=gagan

Comment 6

[Darin Fisher]

fixed-on-trunk

Comment 7

[Tom Everingham]

verified:  04/11/02 trunk builds, win, linux, mac