Closed
Bug 535103
Opened 14 years ago
Closed 12 years ago
Thunderbird does not (offer to) remember authenticated proxy password
Categories
(Thunderbird :: Security, defect)
Thunderbird
Security
Tracking
(thunderbird3.1 .17-fixed, thunderbird9 fixed, thunderbird10 fixed)
RESOLVED
FIXED
Thunderbird 11.0
People
(Reporter: meine.adresse, Assigned: Irving)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
1.21 KB,
patch
|
standard8
:
review+
standard8
:
approval-comm-aurora+
standard8
:
approval-thunderbird3.1.17+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 Build Identifier: Thunderbird 3.0 I am sitting behind an authenticated proxy. When I open an HTML email that loads parts of the mail contents (e.g. images) through HTTP, the password dialogue for proxy authentication pops up (multiple times, actually, but that is a separate bug 469117). The proxy authentication dialogue window offers no checkbox to tell Thunderbird to remember the password. So the next time I start Thunderbird I have to enter the proxy username and password again (and again, multiple times). This is a major annoyance, and a massive regression in behavior over Thunderbird 2. Reproducible: Always
Updated•14 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
Reporter | ||
Comment 2•14 years ago
|
||
Sorry, but I beg to differ: this bug is _not_ a duplicate of bug 469117! THIS bug is about Thunderbird not offering to save the proxy authentication password when opening an email. Bug 469117 is about proxy authentication triggering multiple authentication windows. Fixing bug 469117 does _not_ fix this bug.
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
Comment 3•14 years ago
|
||
(In reply to comment #2) > Bug 469117 is about proxy authentication triggering multiple authentication > windows. Fixing bug 469117 does _not_ fix this bug. How about it does it because the passwords are not saved.
Updated•14 years ago
|
Component: General → Security
QA Contact: general → thunderbird
Reporter | ||
Comment 4•14 years ago
|
||
I am no expert on any of the code used here, but I doubt that; the multiple proxy authentication dialogues issue is also present in Firefox (bug 475053). Yet, in Firefox there is no problem with FF remembering (i.e storing in in the password manager and recalling it on next startup) the proxy authentication. So I would assume that the multiple authentication dialogues issue and the unwillingness to remember the proxy authentication are separate issues.
I add my voice to Kai on this bug. The behaviour on the latest version of Thunderbird is exactly as described. AND it is really annoying.
The really odd/frustrating thing with this bug is that (at least in 3.0.5), non-message things CAN use stored proxy settings. The "What's New" page for example can not only store the username and password, but will use it just fine. Also, I'm getting this on Ubuntu 10.04. It's not platform dependant.
Comment 7•12 years ago
|
||
This is ANOYING LIKE HELL! Please fix it soon! PLEEEEEEZE!!
I confirm that this issue is present and VERY ANNOYING!!! I'm using thunderbird V3.1.11 and at each update I hope to find the bug solved
Comment 9•12 years ago
|
||
I think this bug goes together with 469117 . i think if Tb would save the credentials, the bug #469117 would be solved too. Axel
Comment 10•12 years ago
|
||
Firefox had these two bugs, and they were distinct bugs. 1. Don't remember credentials. 2. Popup multiple password questions. When you fix 1., you still get multiple password questions the first time round, because the password isn't remembered yet. In other words you get 20 simultaneous dialog boxes BEFORE you can tick "remember", and click OK. In fact, Firefox then ended up with a third problem: assuming your password locker has a master password, Firefox would popup 20 simultaneous questions for the master password. You could work around that by not having a master password. 1. Remember credentials. 2. Make ask-for-password blocking, so only one dialog box at a time pops up. The bugs are strongly related, and could probably be fixed by the same person. For the Firefox bug, see # 475053 mentioned earlier by Kai.
Comment 11•12 years ago
|
||
hey there! we got the same problem: our thunderbird v7 is on three winXP machines. all connected to the internet via squid proxy for which an authentication is needed. the proxy is added in the connection settings of thunderbird. problem: if an email from our local email server is received which contains a HTML formatted email, for every single element, which needs to be downloaded from the net, a authentication dialog appears and asking for username and password... but: this dialog doesn't show a "remember"-option for the credentials. workaround: whenever you startup thunderbird, first go to the menu Help -> About Thunderbird.. this checks for a new version of thunderbird in the internet. the authentication dialog appears with prefilled credentials and a "remember"-checkbox. once you just hit ok, thunderbird checks for a new version. just close the "about thunderbird"-dialog and open up a HTML-formatted email - é viola, the HTML content is loaded without authentication-dialog. anyway, this really annoying but needs a fix! I would think that it can't be so hard to implement a "remember"-function to the dialog?! or just use the credentials which are used for the thunderbird-update-check..
Updated•12 years ago
|
Blocks: tb-enterprise
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → irving
Assignee | ||
Comment 12•12 years ago
|
||
getNotificationBox() was returning a parent XUL element of the content window without checking that it was actually a XUL notificationbox; this caused the caller to later throw a no-such-method exception because it called a notificationbox method on the element. By returning null when a notificationbox isn't obviously available, the password manager instead displays a checkbox in the notification dialog and correctly saves the password.
Attachment #574692 -
Flags: review?(mbanner)
Updated•12 years ago
|
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
OS: Windows XP → All
Hardware: x86 → All
Comment 13•12 years ago
|
||
Comment on attachment 574692 [details] [diff] [review] Only return notificationbox elements from getNotificationBox() yep, this now does the right thing for what we want, and is a big improvement.
Attachment #574692 -
Flags: review?(mbanner) → review+
Comment 14•12 years ago
|
||
Checked into trunk builds: http://hg.mozilla.org/comm-central/rev/69b52d8af4fa Ludovic: these feels like something we should have some sort of test for. I'm not sure it is easy to do in automated testing with our current set up, there again I'm not sure about doing it in litmus. Thoughts?
Status: ASSIGNED → RESOLVED
Closed: 14 years ago → 12 years ago
Flags: in-litmus?(ludovic)
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 11.0
Comment 15•12 years ago
|
||
Comment on attachment 574692 [details] [diff] [review] Only return notificationbox elements from getNotificationBox() I'm considering porting this to our branches so that it gets released earlier. It would be useful if folks seeing the issue could test today's nightly builds (a separate profile/backup is recommended) in a few hours when they appear here: http://ftp.mozilla.org/pub/mozilla.org/thunderbird/nightly/latest-comm-central/
Attachment #574692 -
Flags: approval-comm-beta?
Attachment #574692 -
Flags: approval-comm-aurora?
Assignee | ||
Comment 16•12 years ago
|
||
There is some existing test code for proxies in https://mxr.mozilla.org/comm-central/source/mozilla/netwerk/test/unit/test_auth_proxy.js and https://mxr.mozilla.org/comm-central/source/mozilla/browser/base/content/test/authenticate.sjs but I'm not sure how easy it would be to get the UI side of the test working. We could at least trap the nasty exception log messages that the old code dumped (at least in debug builds).
Comment 17•12 years ago
|
||
(In reply to Mark Banner (:standard8) from comment #15) > Comment on attachment 574692 [details] [diff] [review] [diff] [details] [review] > I'm considering porting this to our branches so that it gets released > earlier. It would be useful if folks seeing the issue could test today's > nightly builds (a separate profile/backup is recommended) in a few hours > when they appear here: 1st: YES PLEASE! please backport to pretty much any older TB (up to TB3 :) ) ! This bug was a blocker in many ways for TB3+ use in enterprises. 2nd - Nightly Tests: i tested nightly thunderbird-2011-11-15 >> FAILED i tested nightly thunderbird-2011-11-16 >> PASSED!!!!! GREAT JOB! As soon the Patch got back ported into the todays stable TB Version, hundreds if not thousands will be happy! best regards Axel
Comment 18•12 years ago
|
||
Yes, I'm agree with Axel. Please backport to Thunderbird 3.1 as soon as possible !!!!! 200 users will be happy in our enterprise !! ;))) I tested the last nightly of Thunderbird and it's ok !!! Thank you very much. best regards Vincent
Updated•12 years ago
|
Attachment #574692 -
Flags: approval-comm-beta?
Attachment #574692 -
Flags: approval-comm-beta+
Attachment #574692 -
Flags: approval-comm-aurora?
Attachment #574692 -
Flags: approval-comm-aurora+
Updated•12 years ago
|
Attachment #574692 -
Flags: approval-thunderbird3.1.17?
Comment 19•12 years ago
|
||
Checked in to branches for 9 & 10: http://hg.mozilla.org/releases/comm-aurora/rev/4bfc00a0d86a http://hg.mozilla.org/releases/comm-beta/rev/29a808426771
status-thunderbird10:
--- → fixed
status-thunderbird9:
--- → fixed
Comment 20•12 years ago
|
||
(In reply to Mark Banner (:standard8) from comment #14) > Checked into trunk builds: > > http://hg.mozilla.org/comm-central/rev/69b52d8af4fa > > Ludovic: these feels like something we should have some sort of test for. > I'm not sure it is easy to do in automated testing with our current set up, > there again I'm not sure about doing it in litmus. Thoughts? I'll add some litmus test - but the proxy part is almost *never* run. Having some test in litmus can't help. Running them specifically is more tricky as the user needs to have some kind of proxy setup. https://litmus.mozilla.org/show_test.cgi?id=40446
Flags: in-litmus?(ludovic) → in-litmus+
Comment 21•12 years ago
|
||
Comment on attachment 574692 [details] [diff] [review] Only return notificationbox elements from getNotificationBox() Whilst this doesn't really fit under the normal rules of acceptability stability and security releases, and 3.1 support will be ending in a few months, we recognise that it is a significant issue for people seeing this bug and therefore we'll include the fix in for 3.1.17.
Attachment #574692 -
Flags: approval-thunderbird3.1.17? → approval-thunderbird3.1.17+
Comment 22•12 years ago
|
||
Checked in: http://hg.mozilla.org/releases/comm-1.9.2/rev/9a0b75bf6ad7
status-thunderbird3.1:
--- → .17-fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•