Closed
Bug 656503
Opened 13 years ago
Closed 3 years ago
Encoding to use for HTTP authentication is not automatically detected
Categories
(Core :: Networking: HTTP, defect, P5)
Core
Networking: HTTP
Tracking
()
RESOLVED
WONTFIX
Tracking | Status | |
---|---|---|
blocking2.0 | --- | - |
People
(Reporter: briansmith, Unassigned)
References
Details
(Keywords: intl, Whiteboard: [necko-would-take])
+++ This bug was initially created as a clone of Bug #41489 +++ We should infer from the websites' 401 response what encoding the website is expecting for HTTP authentication, when possible, and then use that encoding instead of our default (ISO-8859-1). Gen Kanai and Hong Tang would be good people to contact to see who can help us determine what is common in Asia. Note that bug 656213 is about implementing a mechanism for servers to *explicitly* indicate what encoding to use.
Comment 1•13 years ago
|
||
I don't think there's currently anything in there to infer it from. *If* a heuristics is added then another well-defined mechanism should be added, too, so that the heuristics are really just a fallback.
Reporter | ||
Comment 2•13 years ago
|
||
(In reply to comment #1) > I don't think there's currently anything in there to infer it from. I think that the contents and/or encoding of the realm might provide a clue, at least some of the time. > *If* a heuristics is added then another well-defined mechanism should be > added, too, so that the heuristics are really just a fallback. See bug 656213. > > *If* a heuristics is added then another well-defined mechanism should be > added, too, so that the heuristics are really just a fallback.
Comment 3•13 years ago
|
||
I think you'd still have to be very careful. I'd guess that a lot of sites use UTF8, but still have users with existing passwords that has been handled as ASCII before. And so any change in client behavior would cause the same breakage discussed in bug 41489.
I don't see many such case here in China, certainly I'm going to ask around.
Updated•8 years ago
|
Whiteboard: [necko-would-take]
Comment 5•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
Comment 6•3 years ago
|
||
The HTTP specs were updated in 2015 so that WWW-Authenticate:
can now specify a charset
parameter, although UTF-8 is currently the only value value. bug 1735854 is about supporting this parameter, which in theory could be updated to support additional charsets in the future.
The behavior is now well-specified and supports internationalization compatibly across browsers and servers. We're not going to implement a competing custom heuristic and attempt to infer something else.
You need to log in
before you can comment on or make changes to this bug.
Description
•