Closed Bug 1495313 Opened 5 years ago Closed 4 years ago

Failures in xhr/send-authentication-competing-names-passwords.htm


(Core :: Networking, enhancement, P3)




Tracking Status
firefox64 --- wontfix
firefox65 --- fixed


(Reporter: twisniewski, Assigned: valentin)


(Blocks 1 open bug)


(Whiteboard: [necko-triaged])


(2 files)

NS_NewURI does not consider a URL with an empty username (just a password) to be valid. For instance:

This causes us to fail two of the WPTs in xhr/send-authentication-competing-names-passwords.htm.

Blink and WebKit pass these tests, while Edge doesn't seem to support username *or* password in URLs passed to Per the WhatWG URL and XHR specs, we seem to be doing the wrong thing here.

anne, smaug, what do you think? It seems like we would probably need to address this in NS_NewURI, not the XHR code. Should we?
Flags: needinfo?(bugs)
Flags: needinfo?(annevk)
Yeah, this should be fixed in the URL parser. No bug blocking bug 906714 is about this as far as I can tell. Valentin, do you know of any, do you want to reuse this bug, or should a new bug be filed?
Flags: needinfo?(valentin.gosu)
Flags: needinfo?(bugs)
Flags: needinfo?(annevk)
There might be one, but I can't find it right now. I'll just use this one for the fix.
Assignee: nobody → valentin.gosu
Component: DOM → Networking
Flags: needinfo?(valentin.gosu)
Priority: -- → P3
Whiteboard: [necko-triaged]
Pushed by
Allow empty username in URLs r=dragana
Attachment #9023466 - Attachment description: Bug 1495313 - Allow empty username in URLs r?dragana! → Bug 1495313 - Allow password with empty username in URLs r?dragana!
(In reply to Andreea Pavel [:apavel] from comment #9)
> Backed out for failing mochitest at
> dom/security/test/cors/test_CrossSiteXHR.html 

It seems I used lando to push the stack, but I pushed only the first commit :)
Flags: needinfo?(valentin.gosu)
Pushed by
Allow password with empty username in URLs r=dragana
Fix xhr/fetch tests to allow passwords with no username in URLs r=baku
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
Flags: in-testsuite+
Regressions: 1648493
You need to log in before you can comment on or make changes to this bug.