Closed Bug 1636751 Opened 6 years ago Closed 1 year ago

proxy.onRequest return with proxyAuthorizationHeader not proxying the request

Categories

(WebExtensions :: Request Handling, task, P3)

Product:
WebExtensions
Component:
Request Handling
Version:
76 Branch
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1794464

People

(Reporter: danielfadeev, Unassigned)

Details

(Keywords: dev-doc-complete)

Attachments

(2 files)

proxy.onError.png
206.36 KB, image/png
Details
log.txt-main.83840.moz_log
6.82 MB, application/octet-stream
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0

Steps to reproduce:

I am trying to provide different proxy basic authentication credentials through proxy.onRequest for different requests, so I cant really use onAuthRequired.

Actual results:

If I return the onRequest Listener like this:
return {type:"http", host:currentProxy.host, port:currentProxy.port};
It works, but it doesn't provide the credentials so I am stuck on the authorization page. But if i return this:
return {type:"http", host:currentProxy.host, port:currentProxy.port, proxyAuthorizationHeader:"Basic "+btoa(currentProxy.username+":"+currentProxy.password)};
It just doesn't proxy the request.

Expected results:

Pass the Value to the Proxy-Authorization header

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → Networking: HTTP
Product: Firefox → Core

Thanks for this report.
Do you see error messages in the browser console? (Ctrl-Shift-J)

Could you also gather some HTTP logs for us? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Use the following modules: timestamp,sync,rotate:200,nsHttp:5,cache2:5,nsSocketTransport:5,nsHostResolver:5,cookie:5,proxy:5

Flags: needinfo?(danielfadeev)

Because this bug's Severity is normal and has not been changed, and this bug's priority is -- (none,) indicating it has has not been previously triaged, the bug's Severity is being updated to -- (default, untriaged.)

Severity: normal → --
Attached image proxy.onError.png

Comment on attachment 9168958 [details]
proxy.onError.png

(In reply to Valentin Gosu [:valentin] (he/him) from comment #2)

Thanks for this report.
Do you see error messages in the browser console? (Ctrl-Shift-J)

Could you also gather some HTTP logs for us? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Use the following modules: timestamp,sync,rotate:200,nsHttp:5,cache2:5,nsSocketTransport:5,nsHostResolver:5,cookie:5,proxy:5

I also encountered this when I tried to use browser.proxy api. If the browser.proxy.onRequest returns a proxyInfo like below:
{type: 'http', host: '127.0.0.1', port: '12345', proxyAuthorizationHeader:"Basic "+btoa(usr+":"+pwd)}

then browser.proxy.onError will reurn a message ProxyInfoData: ProxyAuthorizationHeader requires type \"https\", and requests are sent directly without proxy.

Now I'm using webRequest.onAuthRequired to bypass this, which needs 2 additional permission webRequest & webRequestBlocking...
(firefox version: 78.10esr, 80.0b5

(In reply to ksusix from comment #5)

then browser.proxy.onError will reurn a message ProxyInfoData: ProxyAuthorizationHeader requires type \"https\", and requests are sent directly without proxy.

I think this just means you should use a https proxy instead of a http one.

Component: Networking: HTTP → Request Handling
Product: Core → WebExtensions

(In reply to Valentin Gosu [:valentin] (he/him) from comment #7)

I think this just means you should use a https proxy instead of a http one.

Thanks for the reply, Valentin.
I'm just kind of confused because the documentation of ProxyInfo.ProxyAuthorizationHeader in MDN(link) didn't mention this limitation, and it's using HTTP proxy as an example..

Flags: needinfo?(mixedpuppy)
Type: defect → task
Flags: needinfo?(mixedpuppy)
Keywords: dev-doc-needed
Flags: needinfo?(danielfadeev)
Priority: -- → P3
Severity: -- → N/A

Hey, I have been trying to do a workaround. My aim is to proxy different requests from different tabs differently. If I use onAuthRequired, the browser always saves the authorization credentials for a certain amount of time, whereas I want to submit unique credentials for every Request. I have not found a solution to trigger onAuthRequired on every request, so this workaround doesn't work for me.

I get this message on the debugger console:

Proxy error: ProxyInfoData: ProxyAuthorizationHeader requires type "https"

Searching in Firefox source code leads to this https://hg.mozilla.org/mozilla-central/file/0e6db6c31531004febb037f974d186f671fc6d3b/toolkit/components/extensions/ProxyChannelFilter.jsm#l182.

OK, I understand that mozilla developers are trying to keep me safe by slapping me on the wrist here for trying to use an "http" proxy, but guess what, I don't like being told what to do, I am grown up and I can take care of myself. So please, kindly remove that restriction. There are various reasons to use a Proxy-Authorization header with plain HTTP CONNECT, and none of these are security related, I hope I don't have to write an essay to convince you. You're being paranoid, I hope you aren't thinking to stop me from putting a username/password on a SOCKS request because it's also transmitted in plain text!

Please note Bug 1794464

The original documentation for http behavior was updated in https://github.com/mdn/content/pull/17958

Later, that change was superseded by https://github.com/mdn/content/pull/32536 as part of bug 1794464.

Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Duplicate of bug: 1794464
Keywords: dev-doc-neededdev-doc-complete
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: