From 6faa3298a56035bdccc076cb06f34814ff812f78 Mon Sep 17 00:00:00 2001 From: Dragana Damjanovic Date: Wed, 6 Dec 2017 14:13:32 +0100 Subject: [PATCH] Bug 1423522 - We should not block http-authentication prompts for proxies. r=ckerschb --- netwerk/protocol/http/nsHttpChannelAuthProvider.cpp | 9 +++++++-- netwerk/protocol/http/nsHttpChannelAuthProvider.h | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp index 92abed30355a..26bd6752525a 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ -910,7 +910,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge, // sub-resources, or always allowed for sub-resources. // For more details look at the bug 647010. // BlockPrompt will set mCrossOrigin parameter as well. - if (BlockPrompt()) { + if (BlockPrompt(proxyAuth)) { LOG(("nsHttpChannelAuthProvider::GetCredentialsForChallenge: " "Prompt is blocked [this=%p pref=%d img-pref=%d]\n", this, sAuthAllowPref, sImgCrossOriginAuthAllowPref)); @@ -962,7 +962,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge, } bool -nsHttpChannelAuthProvider::BlockPrompt() +nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth) { // Verify that it's ok to prompt for credentials here, per spec // http://xhr.spec.whatwg.org/#the-send%28%29-method @@ -976,6 +976,11 @@ nsHttpChannelAuthProvider::BlockPrompt() return true; } + if (proxyAuth) { + // Do not block auth-dialog if this is a proxy authentication. + return false; + } + nsCOMPtr chan = do_QueryInterface(mAuthChannel); nsCOMPtr loadInfo; chan->GetLoadInfo(getter_AddRefs(loadInfo)); diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.h b/netwerk/protocol/http/nsHttpChannelAuthProvider.h index 4cf61c5a5881..7dcbede0a386 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.h +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.h @@ -122,7 +122,7 @@ private: // for all sub-resources, blocked for cross-origin sub-resources, or // always allowed for sub-resources. // For more details look at the bug 647010. - bool BlockPrompt(); + bool BlockPrompt(bool proxyAuth); // Store credentials to the cache when appropriate aFlags are set. MOZ_MUST_USE nsresult UpdateCache(nsIHttpAuthenticator *aAuth,