proxy.onRequest return with proxyAuthorizationHeader not proxying the request
Categories
(WebExtensions :: Request Handling, task, P3)
Tracking
(Not tracked)
People
(Reporter: danielfadeev, Unassigned)
Details
(Keywords: dev-doc-needed)
Attachments
(2 files)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0
Steps to reproduce:
I am trying to provide different proxy basic authentication credentials through proxy.onRequest for different requests, so I cant really use onAuthRequired.
Actual results:
If I return the onRequest Listener like this:
return {type:"http", host:currentProxy.host, port:currentProxy.port};
It works, but it doesn't provide the credentials so I am stuck on the authorization page. But if i return this:
return {type:"http", host:currentProxy.host, port:currentProxy.port, proxyAuthorizationHeader:"Basic "+btoa(currentProxy.username+":"+currentProxy.password)};
It just doesn't proxy the request.
Expected results:
Pass the Value to the Proxy-Authorization header
Comment 1•4 years ago
|
||
Bugbug thinks this bug should belong to this component, but please revert this change in case of error.
Comment 2•4 years ago
|
||
Thanks for this report.
Do you see error messages in the browser console? (Ctrl-Shift-J)
Could you also gather some HTTP logs for us? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Use the following modules: timestamp,sync,rotate:200,nsHttp:5,cache2:5,nsSocketTransport:5,nsHostResolver:5,cookie:5,proxy:5
Comment 3•4 years ago
|
||
Because this bug's Severity is normal
and has not been changed, and this bug's priority is --
(none,) indicating it has has not been previously triaged, the bug's Severity is being updated to --
(default, untriaged.)
Comment on attachment 9168958 [details]
proxy.onError.png
(In reply to Valentin Gosu [:valentin] (he/him) from comment #2)
Thanks for this report.
Do you see error messages in the browser console? (Ctrl-Shift-J)Could you also gather some HTTP logs for us? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Use the following modules:timestamp,sync,rotate:200,nsHttp:5,cache2:5,nsSocketTransport:5,nsHostResolver:5,cookie:5,proxy:5
I also encountered this when I tried to use browser.proxy
api. If the browser.proxy.onRequest
returns a proxyInfo
like below:
{type: 'http', host: '127.0.0.1', port: '12345', proxyAuthorizationHeader:"Basic "+btoa(usr+":"+pwd)}
then browser.proxy.onError will reurn a message ProxyInfoData: ProxyAuthorizationHeader requires type \"https\"
, and requests are sent directly without proxy.
Now I'm using webRequest.onAuthRequired
to bypass this, which needs 2 additional permission webRequest
& webRequestBlocking
...
(firefox version: 78.10esr, 80.0b5
Comment 7•4 years ago
|
||
(In reply to ksusix from comment #5)
then browser.proxy.onError will reurn a message
ProxyInfoData: ProxyAuthorizationHeader requires type \"https\"
, and requests are sent directly without proxy.
I think this just means you should use a https
proxy instead of a http
one.
(In reply to Valentin Gosu [:valentin] (he/him) from comment #7)
I think this just means you should use a
https
proxy instead of ahttp
one.
Thanks for the reply, Valentin.
I'm just kind of confused because the documentation of ProxyInfo.ProxyAuthorizationHeader
in MDN(link) didn't mention this limitation, and it's using HTTP proxy as an example..
Updated•4 years ago
|
Updated•4 years ago
|
Updated•4 years ago
|
Updated•4 years ago
|
Reporter | ||
Comment 9•4 years ago
|
||
Hey, I have been trying to do a workaround. My aim is to proxy different requests from different tabs differently. If I use onAuthRequired, the browser always saves the authorization credentials for a certain amount of time, whereas I want to submit unique credentials for every Request. I have not found a solution to trigger onAuthRequired on every request, so this workaround doesn't work for me.
Comment 10•3 years ago
|
||
I get this message on the debugger console:
Proxy error: ProxyInfoData: ProxyAuthorizationHeader requires type "https"
Searching in Firefox source code leads to this https://hg.mozilla.org/mozilla-central/file/0e6db6c31531004febb037f974d186f671fc6d3b/toolkit/components/extensions/ProxyChannelFilter.jsm#l182.
OK, I understand that mozilla developers are trying to keep me safe by slapping me on the wrist here for trying to use an "http" proxy, but guess what, I don't like being told what to do, I am grown up and I can take care of myself. So please, kindly remove that restriction. There are various reasons to use a Proxy-Authorization header with plain HTTP CONNECT, and none of these are security related, I hope I don't have to write an essay to convince you. You're being paranoid, I hope you aren't thinking to stop me from putting a username/password on a SOCKS request because it's also transmitted in plain text!
Description
•