Closed Bug 243149 Opened 20 years ago Closed 20 years ago

Hostname and port appears where 'Use Password Manager to remember these values.' usually is.

Categories

(SeaMonkey :: Passwords & Permissions, defect)

Product:
SeaMonkey
Component:
Passwords & Permissions
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
mozilla1.8alpha1

People

(Reporter: stephend, Assigned: darin.moz)

References

(
URL
)

Details

(Keywords: verified1.7)

Attachments

(1 file)

v1 patch
6.33 KB, patch
Biesinger
: review+
dveditz
: superreview+
dveditz
: approval1.7+
Details | Diff | Splinter Review 
Build ID: 2004-05-09-07

Steps to Reproduce:

1.  Load http://iuware.iu.edu/wintitle.asp?softid=vsnet01
2.  Right click on the 'Download' link and use the 'Save Link Target As' context
menu option at:

Download Option 1
Download the software in one large 390 MB file.
setup.exe 	390 MB 	Download


(Note, this WORKS FINE if you just click on Download
3.  Examine the resulting authentication box that comes up.

Expected Results:

'Use Password Manager to remember these values.'

Actual Results:

The string above is replace by:

'iuware-web001.uits.indiana.edu:443 (iuware-web001.uits.indiana.edu)'
Summary: Hostname and port appears where 'Use Download Manager to remember these values.' → Hostname and port appears where 'Use Download Manager to remember these values.' usually is.
Summary: Hostname and port appears where 'Use Download Manager to remember these values.' usually is. → Hostname and port appears where 'Use Password Manager to remember these values.' usually is.
I can reproduce this using a 1.7 branch build.  I wonder if the phishy auth
prompting patch introduced this somehow.

investigating...
Hmm... there's some bogus code here:

http://lxr.mozilla.org/mozilla/source/xpfe/communicator/resources/content/contentAreaUtils.js#475

nsIPromptService::PromptUsernameAndPassword does not take a realm parameter. 
Instead, it takes the text for the checkbox in the position where the realm is
being passed.  that's consistent with what we see in the dialog.

the changes to contentAreaUtils.js are dated 2002-03-05, which means that it was
made for moz 1.0.  see bug 116279.  it appears i sr='d it too :-(

it looks like this has probably been broken since it landed b/c
PromptUsernameAndPassword's signature has not changed since 10-Apr-01.

I can reproduce this bug using Mozilla 1.4.
URL: http://iuware.iu.edu/wintitle.asp?sof...
The correct fix here is probably to not implement nsIAuthPrompt in
contentAreaUtils.js.  Instead, contentAreaUtils should get a hold of a reference
to the same nsIAuthPrompt implementation used by nsDocShell.  And, that means
that it should be using the nsIWindowWatcher service's getNewAuthPrompter method.

-> me
Assignee: dveditz → darin
Status: NEW → ASSIGNED
Flags: blocking1.7?
OS: Windows XP → All
Hardware: PC → All
Target Milestone: --- → mozilla1.8alpha
Attached patch v1 patchSplinter Review 
simple patch.  just duplicate getInterface implementation from
nsProxyAutoConfig.js.  needed to patch both seamonkey's contentAreaUtils.js as
well as firefox's forked contentAreaUtils.js.  the same patch worked for both.
Attachment #148085 - Flags: superreview?(dveditz)
Attachment #148085 - Flags: review?(cbiesinger)
this is a duplicate of bug 159089; marking the dup the other way round I guess,
as this bug has a patch...
*** Bug 159089 has been marked as a duplicate of this bug. ***
Comment on attachment 148085 [details] [diff] [review]
v1 patch

hmm, nsIPrompt also has a method called promptUsernameAndPassword... with
different parameters. deserves a price for obfuscation.

this confused me into thinking
nsPrompt::nsIAuthPrompt::PromptUsernameAndPassword was wrongly implemented...
but I was looking at nsIPrompt's impl.

I also believe this makes it impossible to implement both interfaces on the
same object in javascript. ah well.
Attachment #148085 - Flags: review?(cbiesinger) → review+
thanks for making this patch!
Comment on attachment 148085 [details] [diff] [review]
v1 patch

sr=dveditz
Attachment #148085 - Flags: superreview?(dveditz) → superreview+
Comment on attachment 148085 [details] [diff] [review]
v1 patch

a=dveditz for 1.7
Attachment #148085 - Flags: approval1.7+
Nice to have, but blocking1.7-minus because we wouldn't hold for this. (lived
with it almost two years at least given bug 159089)
Flags: blocking1.7? → blocking1.7-
fixed-on-trunk
fixed1.7
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Flags: blocking1.7- → blocking1.7?
Keywords: fixed1.7
Resolution: --- → FIXED
Comment on attachment 148085 [details] [diff] [review]
v1 patch

>+    Components.returnCode = Components.results.NS_ERROR_NO_INTERFACE;
>+    return null;
Neat. I always thought you had to throw C.r.NS_ERROR_NO_INTERFACE;
> >+    Components.returnCode = Components.results.NS_ERROR_NO_INTERFACE;
> >+    return null;
> Neat. I always thought you had to throw C.r.NS_ERROR_NO_INTERFACE;

yeah, this is nice because it avoids the XPConnect exception output in the [JS]
console.
*** Bug 195780 has been marked as a duplicate of this bug. ***
Verified FIXED for me using trunk 2004-05-12-08 on Windows XP.
Status: RESOLVED → VERIFIED
Flags: blocking1.7?
Keywords: fixed1.7verified1.7
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: