Closed
Bug 1553222
Opened 5 years ago
Closed 5 years ago
Make sure a 407 from h2 proxy is passed to the channel consumer and not internally processed
Categories
(Core :: Networking: HTTP, task, P1)
Core
Networking: HTTP
Tracking
()
RESOLVED
WORKSFORME
Tracking | Status | |
---|---|---|
firefox69 | --- | affected |
People
(Reporter: mayhemer, Assigned: mayhemer)
References
Details
(Whiteboard: [necko-triaged][secure-proxy-mvp])
we want to send the 407 to the error handler.
Assignee | ||
Updated•5 years ago
|
Priority: -- → P1
Updated•5 years ago
|
Whiteboard: [necko-triaged]
Assignee | ||
Comment 1•5 years ago
|
||
This may well be a WFM - if the proxy doesn't send back any Proxy-Authenticate response header with the 407, necko won't know how to handle the authentication and just pass to the end consumer.
I will write a test ensuring that (probably the only thing needed for fixing this bug)
Assignee | ||
Updated•5 years ago
|
Assignee: nobody → honzab.moz
Assignee | ||
Comment 2•5 years ago
|
||
Let's take the test(s) from bug 1546924 and update test_proxy-authorization-via-proxyinfo.js to include:
- check for P-Aon is as expected
- return various error 50X codes back to the client and consult the nserror code
- return 407 w/o P-A8 and check we don't call into the credentials manager
Summary: Disallow authentication processing when 407 is returned by our secure proxy → Make sure a 407 from h2 proxy is passed to the channel consumer and not internally processed
Assignee | ||
Comment 3•5 years ago
|
||
It is confirmed by the test in bug 1554190 that we don't handle 407 from h2 proxies at all - which actually is a bug in opposite direction (tested with Chrome that they ask for a password and handle the authentication). Error propagation will be updated in bug 1545421. For the sake of this bug intention we are WFM.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
Updated•5 years ago
|
Whiteboard: [necko-triaged] → [necko-triaged][secure-proxy-mvp]
You need to log in
before you can comment on or make changes to this bug.
Description
•