Defensive (anti-phishing) auth prompts are displayed when they should not be displayed! This affects Mozilla 1.7rc2 and the Mozilla trunk. We should not ship Mozilla 1.7 with this bug. Short of a code change, my recommendation is to set the hidden pref to disable these prompts in Mozilla 1.7. Here's the pref to add to all.js: pref("network.http.phishy-userpass-length", 256); I'm investigating the cause of this problem. I might have a real fix in time for 1.7.
Created attachment 150383 [details] [diff] [review] v1 patch The original check-in was missing code to set the flag that suppresses duplicate prompting on a channel.
Comment on attachment 150383 [details] [diff] [review] v1 patch works great, r/sr dveditz This should go into 1.7 if at all possible. Very safe.
Severity: normal → critical
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → mozilla1.7final
Comment on attachment 150383 [details] [diff] [review] v1 patch a=asa (on behalf of drivers) for checkin to 1.7
Attachment #150383 - Flags: approval1.7? → approval1.7+
Status: ASSIGNED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → FIXED
Flags: blocking1.7? → blocking1.7+
*** Bug 244206 has been marked as a duplicate of this bug. ***
You need to log in before you can comment on or make changes to this bug.