Defensive (anti-phishing) auth prompts are displayed when they should not be displayed

RESOLVED FIXED in mozilla1.7final

Status

()

Core
Networking: HTTP
P1
critical
RESOLVED FIXED
14 years ago
7 years ago

People

(Reporter: Darin Fisher, Assigned: Darin Fisher)

Tracking

({fixed1.7})

Trunk
mozilla1.7final
fixed1.7
Points:
---
Bug Flags:
blocking1.7 +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: fixed-aviary1.0)

Attachments

(1 attachment)

(Assignee)

Description

14 years ago
Defensive (anti-phishing) auth prompts are displayed when they should not be
displayed!  This affects Mozilla 1.7rc2 and the Mozilla trunk.

We should not ship Mozilla 1.7 with this bug.

Short of a code change, my recommendation is to set the hidden pref to disable
these prompts in Mozilla 1.7.  Here's the pref to add to all.js:

  pref("network.http.phishy-userpass-length", 256);

I'm investigating the cause of this problem.  I might have a real fix in time
for 1.7.
(Assignee)

Comment 1

14 years ago
Created attachment 150383 [details] [diff] [review]
v1 patch

The original check-in was missing code to set the flag that suppresses
duplicate prompting on a channel.
(Assignee)

Updated

14 years ago
Attachment #150383 - Flags: superreview?(dveditz)
Attachment #150383 - Flags: review?(dveditz)
Comment on attachment 150383 [details] [diff] [review]
v1 patch

works great,
r/sr dveditz

This should go into 1.7 if at all possible. Very safe.
Attachment #150383 - Flags: superreview?(dveditz)
Attachment #150383 - Flags: superreview+
Attachment #150383 - Flags: review?(dveditz)
Attachment #150383 - Flags: review+
Attachment #150383 - Flags: approval1.7?
(Assignee)

Updated

14 years ago
Severity: normal → critical
Status: NEW → ASSIGNED
Flags: blocking1.7?
Priority: -- → P1
Target Milestone: --- → mozilla1.7final
(Assignee)

Comment 3

14 years ago
fixed-on-trunk

Comment 4

14 years ago
Comment on attachment 150383 [details] [diff] [review]
v1 patch

a=asa (on behalf of drivers) for checkin to 1.7
Attachment #150383 - Flags: approval1.7? → approval1.7+
(Assignee)

Comment 5

14 years ago
fixed1.7
Status: ASSIGNED → RESOLVED
Last Resolved: 14 years ago
Keywords: fixed1.7
Resolution: --- → FIXED
Flags: blocking1.7? → blocking1.7+
Whiteboard: need-aviary1.0

Updated

14 years ago
Whiteboard: need-aviary1.0 → needed-aviary1.0
(Assignee)

Comment 6

14 years ago
fixed-aviary1.0

Updated

14 years ago
Whiteboard: needed-aviary1.0 → fixed-aviary1.0
(Assignee)

Comment 7

14 years ago
*** Bug 244206 has been marked as a duplicate of this bug. ***
You need to log in before you can comment on or make changes to this bug.