mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-13 21:35:39 +00:00
Bug 1423522 - We should not block http-authentication prompts for proxies. r=ckerschb
This commit is contained in:
parent
f39232154e
commit
6faa3298a5
@ -910,7 +910,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
|
||||
// sub-resources, or always allowed for sub-resources.
|
||||
// For more details look at the bug 647010.
|
||||
// BlockPrompt will set mCrossOrigin parameter as well.
|
||||
if (BlockPrompt()) {
|
||||
if (BlockPrompt(proxyAuth)) {
|
||||
LOG(("nsHttpChannelAuthProvider::GetCredentialsForChallenge: "
|
||||
"Prompt is blocked [this=%p pref=%d img-pref=%d]\n",
|
||||
this, sAuthAllowPref, sImgCrossOriginAuthAllowPref));
|
||||
@ -962,7 +962,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
|
||||
}
|
||||
|
||||
bool
|
||||
nsHttpChannelAuthProvider::BlockPrompt()
|
||||
nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth)
|
||||
{
|
||||
// Verify that it's ok to prompt for credentials here, per spec
|
||||
// http://xhr.spec.whatwg.org/#the-send%28%29-method
|
||||
@ -976,6 +976,11 @@ nsHttpChannelAuthProvider::BlockPrompt()
|
||||
return true;
|
||||
}
|
||||
|
||||
if (proxyAuth) {
|
||||
// Do not block auth-dialog if this is a proxy authentication.
|
||||
return false;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIChannel> chan = do_QueryInterface(mAuthChannel);
|
||||
nsCOMPtr<nsILoadInfo> loadInfo;
|
||||
chan->GetLoadInfo(getter_AddRefs(loadInfo));
|
||||
|
@ -122,7 +122,7 @@ private:
|
||||
// for all sub-resources, blocked for cross-origin sub-resources, or
|
||||
// always allowed for sub-resources.
|
||||
// For more details look at the bug 647010.
|
||||
bool BlockPrompt();
|
||||
bool BlockPrompt(bool proxyAuth);
|
||||
|
||||
// Store credentials to the cache when appropriate aFlags are set.
|
||||
MOZ_MUST_USE nsresult UpdateCache(nsIHttpAuthenticator *aAuth,
|
||||
|
Loading…
Reference in New Issue
Block a user