Closed Bug 1197944 Opened 7 years ago Closed 7 years ago

The bug 647010 (HTTP authentication from sub-resources) cause some problems. Change the pref to revert the behavior

Categories

(Core :: Networking: HTTP, defect)

defect
Not set
normal

Tracking

()

VERIFIED FIXED
mozilla43
Tracking Status
firefox40 + wontfix
firefox41 + fixed
firefox42 + fixed
firefox43 + verified
firefox-esr38 --- unaffected

People

(Reporter: dragana, Assigned: dragana)

References

(Depends on 1 open bug)

Details

(Keywords: dev-doc-needed)

Attachments

(1 file)

The bug 647010 cause some problems. Change the pref to revert the behavior.

See also bug 1189268.
Assignee: nobody → dd.mozilla
Status: NEW → ASSIGNED
Attachment #8651912 - Flags: review?(jduell.mcbugs)
See Also: → 1189268
Depends on: 647010
[Tracking Requested - why for this release]: The patch as landed for Firefox 40.0 via bug 647010 caused lots of troubles for users. See comments on that other bug and maybe other sources like SUMO. I wonder if we should include turning of the pref in one of the next security releases for 40.0.3 if we will have one.
Summary: The bug 647010 cause some problems. Change the pref to revert the behavior → The bug 647010 (HTTP authentication from sub-resources) cause some problems. Change the pref to revert the behavior
Make sense. Tracking (even for 40 as we might cancel the current build)
Attachment #8651912 - Flags: review?(jduell.mcbugs) → review+
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/21ffbd85373a
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
Dragana, Jason, do you think we should hot fix this for the 40 users? Thanks
Flags: needinfo?(jduell.mcbugs)
Flags: needinfo?(dd.mozilla)
If it's easy enough, let's hotfix (this is just a pref change, and we've used both codepaths in releases before, so there's really no risk).  OTOH this is only breaking small corners of the Internet, so if a hotfix is a lot of work we could live with waiting another release.
Flags: needinfo?(jduell.mcbugs)
Flags: needinfo?(dd.mozilla)
Keywords: dev-doc-needed
Comment on attachment 8651912 [details] [diff] [review]
bug_1197944.patch

Approval Request Comment
[Feature/regressing bug #]: Bug 647010
[User impact if declined]: Http authentication dialog for cross-origin subresources is blocked. See bug 1200247, 1189268 and some comments in bug 647010
[Describe test coverage new/current, TreeHerder]: This is only pref change. The code path that the pref change will use, was tested by a test in the patch from bug 647010 and also by some users(bug 1200247 and 1189268)
[Risks and why]: Low risk
[String/UUID change made/needed]: none
Attachment #8651912 - Flags: approval-mozilla-beta?
Attachment #8651912 - Flags: approval-mozilla-aurora?
Dragana, there is a chance that we might hotfix this. Could you please also request uplift to mozilla-release?
Flags: needinfo?(dd.mozilla)
Dragana, Jason, do you know whether this also affects esr38?
Flags: needinfo?(jduell.mcbugs)
Comment on attachment 8651912 [details] [diff] [review]
bug_1197944.patch

Given that this issue is affecting a significant number of our end-users, let's uplift soon to Aurora42 and Beta41.
Attachment #8651912 - Flags: approval-mozilla-beta?
Attachment #8651912 - Flags: approval-mozilla-beta+
Attachment #8651912 - Flags: approval-mozilla-aurora?
Attachment #8651912 - Flags: approval-mozilla-aurora+
I can verify that it works again in Nightly builds at least for the instance I have seen it with internally.
Status: RESOLVED → VERIFIED
Comment on attachment 8651912 [details] [diff] [review]
bug_1197944.patch

Review of attachment 8651912 [details] [diff] [review]:
-----------------------------------------------------------------

per comment 10
Attachment #8651912 - Flags: approval-mozilla-release?
re: comment 11: Given that bug 647010 landed on FF 40 I assume this does not affect esr 38.  Dragana can hopefully confirm.
Flags: needinfo?(jduell.mcbugs)
This change is not in esr 38. It landed only on FF 40.
Flags: needinfo?(dd.mozilla)
Depends on: 1201065
Duplicate of this bug: 1189268
Duplicate of this bug: 1201516
Blocks: 1195091
Comment on attachment 8651912 [details] [diff] [review]
bug_1197944.patch

Removing this flag as this fix landed in 41, 42 and 43.
Attachment #8651912 - Flags: approval-mozilla-release?
Duplicate of this bug: 1200247
You need to log in before you can comment on or make changes to this bug.