Closed Bug 184582 Opened 22 years ago Closed 19 years ago

URL containing name/password not handled correctly within authenticated realm

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: steevithak, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021126
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021126

Mozilla seems to make the assumption that the name and password will never
change within a given realm, causing correctly formatted URLs that contain a
name and password to fail under some circumstances.

Reproducible: Always

Steps to Reproduce:
1. Visit the specified URL
2. Follow the detailed instructions
3. Click link #1, it works. Click link #2, it fails. Click link #2 again, it
works. Click link #1 again, it fails. Repeat until bored.


Actual Results:  
Two correctly formatted URLs containing different names and passwords within the
same realm fail alternately, apparently because Mozilla is overriding the
specified name and/or password with a previously used one.

Expected Results:  
Both test URLs should work consistently. Test pages were verified to work in a
recent version of IE.
to HTTP; this is already filed, I believe...
Assignee: mstoltz → darin
Component: Security: General → Networking: HTTP
QA Contact: bsharma → httpqa
Whiteboard: DUPEME
related: bug 140645, bug 137852 ?
Bug 137852 is most likely related but slightly different. In 137852 Mozilla
presents name/pass data for realm1 when authenticating in realm2 (same URL,
different realms). With this bug, we have only one realm but with multiple names
and passwords (different URLs, same realm). In both cases Mozilla is sending
stale name/pass info so maybe they are caused by the same underlying bug.
Blocks: 232560
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/

.
-> default owner
Assignee: darin → nobody
Component: Networking: HTTP → Networking
QA Contact: networking.http → networking
This bug appears to be fixed. Firefox v1.5.0.4 and SeaMonkey 1.0.2 on my Fedora Linux box both work on the test case.  Someone may want to verify that it's working under Windows as well and, if so, close out the bug.
WFM per previous comment
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → WORKSFORME
Whiteboard: DUPEME
You need to log in before you can comment on or make changes to this bug.