Closed
Bug 579611
Opened 15 years ago
Closed 10 years ago
Negotiate auth performed while using private mode browsing
Categories
(Firefox :: Private Browsing, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: ulli.brennenstuhl, Assigned: mayhemer)
Details
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; de; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6
While debugging a problem with a single-sign-on system I switched to private mode to test a case when no cookie is present and without kerberos negotiate auth, but negotiate auth still sent the credentials. This isn't a very common scenario, but I still think in private browsing mode negotiate auth should not sent credentials.
Reproducible: Always
Steps to Reproduce:
1. Go to a webpage the browser is configured to perform auth via negotiate auth to see if it is generally working
2. Switch on private mode
3. Go to the same webpage, is still working but shouldn't
Expected Results:
Authenticated with negotiate auth
No authentication credentials should be sent
|
Reporter | |
Updated•15 years ago
|
Version: unspecified → 3.6 Branch
|
||
Comment 1•14 years ago
|
||
Reporter, can you still reproduce this bug in Firefox 6?
Please update to Firefox 6 or later, update your plugins, and retest in a new profile. If you still see the issue with the updated version of Firefox, please post here. Otherwise, please close as RESOLVED > WORKSFORME.
|
|
Reporter | |
Comment 2•14 years ago
|
||
The issue is still present. I am running openSuse 11.4 using MozillaFirefox 6.0-2.1 x86_64 from the openSuse Buildservice
Hello,
this issue is still open to me using Firefox 35.0.1 on Windows 7 x64 as well as Windows 8.1 x64.
I really think, Negotiate/Kerberos Credentials shouldn't be sent in Private Mode.
|
||
Updated•11 years ago
|
Component: General → Private Browsing
|
Assignee | |
Comment 4•11 years ago
|
||
This is weird. If the credentials cache it's not properly isolated, then we really have a bug. I can take a look.
Assignee: nobody → honzab.moz
|
|
Assignee | |
Comment 5•10 years ago
|
||
This is INVALID. Cannot reproduce and confirmed that we correctly isolate private auth cache from the regular one.
I think you missmatched windows.
If you have another steps to reproduce (probably more needs to be done) then please provide them and reopen this bug.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•