User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0 Build ID: 20150122214805 Steps to reproduce: I'm using a proxy server which requires HTTP Basic authentication for all requests. Firefox is configured to always validate a certificate using OCSP. Actual results: When accessing a HTTPS site in Private Browsing mode, Firefox tries to send requests to the OCSP server through the proxy without authentication. This fails since the proxy server is respondig with a HTTP/403 error which leads to a firefox error page "sec_error_ocsp_server_error". Expected results: Firefox should send those OCSP requests also with authentication like in "normal mode".
This is an interesting problem. The OCSP fetch appears to be created nsHttpDownloadEvent::Run (http://in mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSCallbacks.cpp#50), and there's nothing special about the channel. It doesn't appear to have any ties to the originating window, so I can't see how the behaviour in private windows would behave differently, yet obviously it does.
Figuring out what changes in the behaviour of http://mxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#158 between private and normal modes would be instructive.
Component: Private Browsing → Security: PSM
Product: Firefox → Core
This changeset illustrates what's going on, I think: https://hg.mozilla.org/mozilla-central/rev/da6a55f4fdae We don't want to send cookies, etc. with OCSP requests (they should be as anonymous as possible), so we set the LOAD_ANONYMOUS flag, but that also prevents proxy auth, it seems.
That doesn't explain why it works in non-private mode, though.
I have described a similar issue, but without "Private Browsing mode" involvement, in https://bugzilla.mozilla.org/show_bug.cgi?id=1389783
You need to log in before you can comment on or make changes to this bug.