[BROWSER] Opening a URL protected with basic authentication crashes the phone

VERIFIED FIXED in Firefox 22

Status

--
critical
VERIFIED FIXED
6 years ago
5 years ago

People

(Reporter: carlosmartinez, Assigned: justin.lebar+bug)

Tracking

({crash})

unspecified
B2G C4 (2jan on)
ARM
Gonk (Firefox OS)
crash
Bug Flags:
in-moztrap +

Firefox Tracking Flags

(blocking-b2g:leo+, firefox22 fixed, b2g18+ verified, b2g18-v1.0.0 unaffected, b2g18-v1.0.1 unaffected)

Details

(Whiteboard: [b2g-crash])

Attachments

(2 attachments)

Created attachment 721659 [details]
Strange screen in browser app when opening an URL

Tested in unagi with Gecko-9306ad2.Gaia-7636cc5.

STR:
1-Open browser app
2-Tap in the address bar
3-Type https://owd.tid.es/releases
4-Press enter

Expected result --> Page is loaded correctly and ask the user for user and password

Actual result --> A weird screen is shown (see screenshot attached) and if you tap the screen the phone freezes and you have to pull the battery out to recover it
The weird screen looks suspiciously like the standard dialog that's shown on desktop Firefox when a server requests basic authentication (which this server does, incidentally). On yesterday's build it was working correctly.
Summary: [BROWSER] Open https://owd.tid.es/releases crashes the phone → [BROWSER] Opening a URL protected with basic authentication crashes the phone

Updated

6 years ago
Severity: normal → critical
Keywords: crash
Whiteboard: [b2g-crash]
I can confirm this bug.

Justin, could this be a regression from bug 844530 ?
I can confirm this bug.

Justin, could this be a regression from bug 844530 ?

Updated

6 years ago
blocking-b2g: tef? → tef+

Updated

6 years ago
Severity: critical → normal

Comment 4

6 years ago
A crash is always critical especially an OS one although the situation is not frequent.
Severity: normal → critical
If comment 2 (and comment 3!) is correct then the change that caused this regression isn't going to be uplifted to 1.0.1 so this bug doesn't even exist in that branch. I doubt this needs to be tef+

QA could verify this.
Keywords: qawanted
(In reply to Ben Francis [:benfrancis] from comment #5)
> If comment 2 (and comment 3!) is correct then the change that caused this
> regression isn't going to be uplifted to 1.0.1 so this bug doesn't even
> exist in that branch. I doubt this needs to be tef+
> 
> QA could verify this.

OK, un-noming until this is clarified.
blocking-b2g: tef+ → ---

Updated

6 years ago
blocking-b2g: --- → leo?
tracking-b2g18: ? → +
We had a similar bug a while back:  bug 775464.
blocking-b2g: leo? → ---
tracking-b2g18: + → ?
(In reply to Ben Francis [:benfrancis] from comment #5)
> If comment 2 (and comment 3!) is correct then the change that caused this
> regression isn't going to be uplifted to 1.0.1 so this bug doesn't even
> exist in that branch. I doubt this needs to be tef+
> 
> QA could verify this.

Just checked it and today's version with the 1.0.1 branch doesn't break.
(Assignee)

Comment 9

6 years ago
> 3-Type https://owd.tid.es/releases

FWIW I can't access this site because it has an invalid cert.
(Assignee)

Updated

6 years ago
Assignee: nobody → justin.lebar+bug
Created attachment 721750 [details]
Script and certificate database to allow browsing of https://owd.tid.es

This zip includes a certificate database and the script to load it on a B2G phone. This allows browsing https://owd.tid.es
(In reply to Justin Lebar [:jlebar] from comment #9)
> > 3-Type https://owd.tid.es/releases
> 
> FWIW I can't access this site because it has an invalid cert.

It should fail on any site requiring basic authentication, in any case I just uploaded an attachment with a certdDB that has the required CAs and a script to install it on the phone.
(Assignee)

Comment 12

6 years ago
(In reply to Ben Francis [:benfrancis] from comment #3)
> Justin, could this be a regression from bug 844530 ?

Looks like my patch there was 100% bogus.  :(

Let's back it out and then we can figure out how to fix that bug properly.
(Assignee)

Comment 13

6 years ago
The backout in bug 844530 fixes this problem in my testing.  Sorry about breaking this, everyone.

Updated

6 years ago
blocking-b2g: --- → leo?
status-b2g18: --- → affected
status-b2g18-v1.0.0: --- → unaffected
status-b2g18-v1.0.1: --- → unaffected
tracking-b2g18: ? → +

Updated

6 years ago
Blocks: 844530
https://hg.mozilla.org/mozilla-central/rev/fdc942a65143

Fixed by backout.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → B2G C4 (2jan on)
status-b2g18: affected → fixed
status-firefox22: --- → fixed
Gecko  http://hg.mozilla.org/releases/mozilla-b2g18/rev/a0b06192f882
Gaia   fa5245750e7bb94b9f64180967536509316dedf5
BuildID 20130307103636
Version 18.0

Verified
Status: RESOLVED → VERIFIED
Keywords: qawanted

Updated

6 years ago
Duplicate of this bug: 849308
blocking-b2g: leo? → leo+

Updated

5 years ago
Flags: in-moztrap?

Updated

5 years ago
Flags: in-moztrap? → in-moztrap+

Comment 17

5 years ago
Added Browser Suite Test Case #8600 [Browser] Test that the Browser App can log in to a web page protected by a secure protocol

Updated

5 years ago
status-b2g18: fixed → verified
You need to log in before you can comment on or make changes to this bug.