Closed
Bug 1312735
Opened 8 years ago
Closed 7 years ago
allow http auth delegation callbacks based on environmental variable
Categories
(bugzilla.mozilla.org :: General, defect, P1)
Tracking
()
RESOLVED
FIXED
People
(Reporter: glob, Assigned: dylan)
References
Details
Attachments
(1 file)
1.26 KB,
patch
|
dkl
:
review+
|
Details | Diff | Splinter Review |
bug 1310747 blocks all non-https authentication delegation callback urls, which is problematic in non-https development environments. please allow http callback urls to addresses in the private address ranges. thanks!
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → dylan
Summary: allow https auth delegation callbacks to private addresses → allow http auth delegation callbacks to private addresses
Assignee | ||
Comment 1•7 years ago
|
||
We can allow http:// BUGZILLA_UNSAFE_AUTH_DELEGATION is set. Allowing link-local addresses has security implications, so I'd rather just make this something that can work in a dev env.
Summary: allow http auth delegation callbacks to private addresses → allow http auth delegation callbacks based on environmental variable
Assignee | ||
Updated•7 years ago
|
Priority: -- → P1
Assignee | ||
Comment 2•7 years ago
|
||
Attachment #8862901 -
Flags: review?(dkl)
Comment 3•7 years ago
|
||
Comment on attachment 8862901 [details] [diff] [review] 1312735_1.patch Review of attachment 8862901 [details] [diff] [review]: ----------------------------------------------------------------- r=dkl
Attachment #8862901 -
Flags: review?(dkl) → review+
Assignee | ||
Comment 4•7 years ago
|
||
To git@github.com:mozilla-bteam/bmo.git dd4b912..e6423e2 master -> master
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•