Open Bug 1735850 Opened 3 years ago Updated 3 years ago

Firefox doesn't support userhash in Digest Auth from rfc7616

Tracking

()

Status:

NEW

People

(Reporter: dveditz, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Daniel Veditz [:dveditz]

Reporter

Description

•

3 years ago

The RFC 7616 update to Digest Auth specifies Username Hashing and a userhash parameter in http auth request/response headers which Firefox does not support. Because our responses to a userhash=true request don't respond in kind servers can tell that we don't support it and presumably handle it fine, although the specification gives them the option to reject the request.

This is almost certainly low priority without a compelling usecase, but it was noted by Junior in bug 41489 comment 195 as unfinished work so I'm moving it here in order to close that otherwise long-fixed bug.

Daniel Veditz [:dveditz]

Reporter

Updated

•

3 years ago

Updated

•

3 years ago

Assignee: nobody → valentin.gosu

Severity: -- → S3

Priority: -- → P3

Whiteboard: [necko-triaged]

Valentin Gosu [:valentin] (he/him)

Updated

•

3 years ago

Assignee: valentin.gosu → nobody

Blocks: necko-auth

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Firefox doesn't support userhash in Digest Auth from rfc7616

Categories

(Core :: Networking: HTTP, enhancement, P3)

Tracking

()

People

(Reporter: dveditz, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated