Open
Bug 1291893
Opened 7 years ago
Updated 3 years ago
basic authorization header is not added to service worker fetch() network request
Categories
(Core :: DOM: Service Workers, defect, P5)
Core
DOM: Service Workers
Tracking
()
NEW
People
(Reporter: bkelly, Unassigned)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
STR: 1) git clone https://github.com/mozilla/serviceworker-cookbook.git 2) cd serviceworker-cookbook/offline-fallback 3) Save the attached python script in the same directory 4) python SimpleAuthServer.py 8080 foo:bar 5) Launch new firefox instance 6) Browse to localhost:8080 7) Enter foo and bar for username and password. 8) Reload a few times. 9) Close firefox and reopen a new instance 10) Navigate to localhost:8080 11) Observe that the page shows an authorization failure. It works the first time because the navigation is not intercepted by the service worker. It goes the network directly and basic auth does its normal thing. We then seem to cache basic authorization credentials for the life of the session. On the next browser load the service worker pass-through fetch() does not prompt for username and password. Instead it just doesn't add an Authorization header. This is likely because we don't know which window initiated the request. We most likely need bug 1183625 to fix this. So we can trace back to our originating window to show the prompt. There is a similar issue with things requiring client certs, etc.
|
||
Updated•7 years ago
|
Priority: -- → P2
|
|
||
Updated•7 years ago
|
Priority: P2 → P3
|
Reporter | |
Comment 2•6 years ago
|
||
It seems I never attached the SimpleAuthServer.py script I mentioned in comment 0.
|
||
Comment 3•3 years ago
|
||
Bulk-downgrade of unassigned, >=3 years untouched DOM/Storage bug's priority.
If you have reason to believe this is wrong, please write a comment and ni :jstutte.
Severity: normal → S4
Priority: P3 → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•