Firefox doesn't choose the most secure authentication scheme for proxy

RESOLVED WONTFIX

Status

()

Core
Networking: HTTP
RESOLVED WONTFIX
5 years ago
2 years ago

People

(Reporter: lameventanas, Unassigned)

Tracking

20 Branch
x86_64
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

5 years ago
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0
Build ID: 20130410095303

Steps to reproduce:

The proxy offers both Basic (plain text) and Negotiate (kerberos) authentication schemes:

Proxy-Authenticate: Basic realm="my proxy"
Proxy-Authenticate: Negotiate



Actual results:

Firefox tries to use Basic first, and prompts the user for a password.
Then it tries with Negotiate.


Expected results:

Firefox should try first with Negotiate (kerberos) and then with Basic (plain text).
could be related to bug 804605.
Did this work with previous Firefox builds ?
If that is the case could you please try a nightly build: http://nightly.mozilla.org/ ?
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
(Reporter)

Comment 2

5 years ago
(In reply to Matthias Versen [:Matti] from comment #1)
> could be related to bug 804605.
> Did this work with previous Firefox builds ?
> If that is the case could you please try a nightly build:
> http://nightly.mozilla.org/ ?

I don't know if it worked with previous builds.
I have tested 20.0.1 and the nightly build 23.0a1 for Windows and the problem is still there.
Also happens with 20.0 in Linux.
Does it make a Difference if you send the challenges in one Header?
(Reporter)

Comment 4

5 years ago
(In reply to XtC4UaLL [:xtc4uall] from comment #3)
> Does it make a Difference if you send the challenges in one Header?

I don't have a way to test that.
(Reporter)

Comment 5

5 years ago
Is there any update on this issue?
It shouldn't matter if the challenges come in a single header or different ones, the browser should always try the safest one first.
honestly, our basic support is much more reliable than windows auth.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.