Bug 1423522 - We should not block http-authentication prompts for proxies. r=ckerschb

netwerk/protocol/http/nsHttpChannelAuthProvider.cpp

@@ -910,7 +910,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
             // sub-resources, or always allowed for sub-resources.
             // For more details look at the bug 647010.
             // BlockPrompt will set mCrossOrigin parameter as well.
-            if (BlockPrompt()) {
+            if (BlockPrompt(proxyAuth)) {
                 LOG(("nsHttpChannelAuthProvider::GetCredentialsForChallenge: "
                      "Prompt is blocked [this=%p pref=%d img-pref=%d]\n",
                       this, sAuthAllowPref, sImgCrossOriginAuthAllowPref));
@@ -962,7 +962,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
 }
 
 bool
-nsHttpChannelAuthProvider::BlockPrompt()
+nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth)
 {
     // Verify that it's ok to prompt for credentials here, per spec
     // http://xhr.spec.whatwg.org/#the-send%28%29-method
@@ -976,6 +976,11 @@ nsHttpChannelAuthProvider::BlockPrompt()
         return true;
     }
 
+    if (proxyAuth) {
+      // Do not block auth-dialog if this is a proxy authentication.
+      return false;
+    }
+
     nsCOMPtr<nsIChannel> chan = do_QueryInterface(mAuthChannel);
     nsCOMPtr<nsILoadInfo> loadInfo;
     chan->GetLoadInfo(getter_AddRefs(loadInfo));

netwerk/protocol/http/nsHttpChannelAuthProvider.h

@@ -122,7 +122,7 @@ private:
     // for all sub-resources, blocked for cross-origin sub-resources, or
     // always allowed for sub-resources.
     // For more details look at the bug 647010.
-    bool BlockPrompt();
+    bool BlockPrompt(bool proxyAuth);
 
     // Store credentials to the cache when appropriate aFlags are set.
     MOZ_MUST_USE nsresult UpdateCache(nsIHttpAuthenticator *aAuth,