Closed Bug 613785 Opened 14 years ago Closed 4 years ago

Switch to using tab-modal prompt dialogs for HTTP authentication

Categories

(Toolkit :: General, defect, P3)

Product:
Toolkit
Component:
General
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
82 Branch
Tracking Flags:
Tracking Status
firefox82 --- fixed

People

(Reporter: ehsan.akhgari, Assigned: pbz)

References

(Depends on 2 open bugs, Blocks 5 open bugs,
URL
)

Details

(Whiteboard: [qx:spec])

Attachments

(4 files)

Screen Shot showing how the tab-modal PaymentRequest dialog overlaps chrome
(deleted), image/png
Details
Bug 613785 - Updated http auth prompt tests to support tab prompts. r=gijs
(deleted), text/x-phabricator-request
Details
Bug 613785 - Tab modal http auth prompts. r=johannh
(deleted), text/x-phabricator-request
Details
Bug 613785 - Updated marionette modal#findModalDialogs to support SubDialog prompts. r=whimboo
(deleted), text/x-phabricator-request
Details
With bug 59314 fixed, we should probably port our HTTP authentication dialogs to be tab-modal and not window-modal.
duplicate of bug 377496?
This bug will solve bug 377496 as well.
Blocks: 377496
And what about bug 567804 "Convert HTTP Auth modal dialog to a doorhanger"?
They're basically covering the same thing, only with two different UI proposals. We should decide which path we want to take...
Keywords: uiwanted
Security related dialogs shouldn't be implemented using the tab-modal dialogs (at least in their current form) as they are easily spoofable.
Since as earlier comments mention this has security implications, and is also related to the user's identity, the UX team was planing to use our doorhanger approach over in bug 567804 (also related to the account manager work we have in progress for after Firefox 4: http://people.mozilla.com/~faaborg/files/firefox4Mockups/accountManager/account%20manager%20i6.png )
I'm not particularly thrilled with putting HTTP Auth prompts entirely into content, due to spoofing. Although that's largely already a lost battle. Sigh. Anyway, I think doorhangers (or something like them) are probably somewhat better, and Account Manager in general even better still. So, WONTFIX in favor of bug 567804 instead.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WONTFIX
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(In reply to Justin Dolske [:Dolske] from comment #7) > I'm not particularly thrilled with putting HTTP Auth prompts entirely into > content, due to spoofing. Although that's largely already a lost battle. > Sigh. Spoofing is not much of an issue as long as we only show the dialog box for the document origin, AFAICT.
Blocks: 411085, 616843, 676434
OS: Mac OS X → All
Hardware: x86 → All
:shorlander and I are not concerned about spoofing here. Spoofing the prompt is neither more dangerous nor more difficult that spoofing any HTML login form on the web. HTTP authentication is inherently modal and should display a modal prompt that can be dismissed easily by accident. The solution proposed here is better than the one in bug 567804. Firefox for Windows 8 Metro will be implementing a solution similar to this one.
Status: REOPENED → NEW
Keywords: uiwanted
(In reply to Frank Yan (:fryn) from comment #14) > :shorlander and I are not concerned about spoofing here. Spoofing the prompt > is neither more dangerous nor more difficult that spoofing any HTML login > form on the web. HTTP authentication is inherently modal and should display > a modal prompt that can be dismissed easily by accident. I get the impression :Dolske is thinking about taking an opportunity to make spoofing more difficult by making the prompt visibly extend outside the content region. I suppose another option would be to visually differentiate privileged and unprivileged tab-modal dialogs using some other mechanism. (eg. Tinting or patterning a highly-visible portion of the chrome while a privileged tab-modal is being displayed)
(In reply to Frank Yan (:fryn) from comment #14) > :shorlander and I are not concerned about spoofing here. Spoofing the prompt > is neither more dangerous nor more difficult that spoofing any HTML login > form on the web. Not true. Consider (on page https://victim.example.com/): <img src='http://attacker.example.com'> This can force an HTTP auth prompt for http://attacker.example.com in the UI context of http://victim.example.com, and it is up to the user to notice that he's authenticating for something other than the page by reading the text of the HTTP auth dialog box very carefully, which is an unreasonable expectation for us to make of our users. However, I agree that, as long as we fix bug 647010, then we don't have to worry about it here. (That's what I was saying in comment 13.) However, if we don't/can't fix bug 647010 then we will need a solution for spoofing. And, we may find that fixing bug 647010 is impossible due to compatibility issues, especially for XHR. > HTTP authentication is inherently modal and should display > a modal prompt that can be dismissed easily by accident. I guess you mean "cannot be dismissed easily by accident." But, I thin it is likely there must be some way to dismiss it on purpose. (The fact that doorhangers can be dismissed accidentally and then become difficult/impossible to resurrect are one of the most serious deficiencies of the doorhanger UX in general.) I disagree that HTTP authentication inherently requires a modal dialog box. We could always, by default, just display the error page that results when the user refuses to log in and then have the user initiate the login explicitly if he/she chooses. I imagine that we will eventually have to do something similar for SSL client certificate authentication. The advantage of doing things this way is that the error page can give the user instructions regarding which credentials to use amongst other things. However, I agree that a modal prompt is the "safe" choice, assuming there is a way to cancel the dialog box to read the error page. (But, then, you end up again with the problem of "How do I get the HTTP auth dialog box back after I've read the error page?")
(In reply to Brian Smith (:bsmith) from comment #16) > (In reply to Frank Yan (:fryn) from comment #14) > > :shorlander and I are not concerned about spoofing here. Spoofing the prompt > > is neither more dangerous nor more difficult that spoofing any HTML login > > form on the web. > > Not true. Consider (on page https://victim.example.com/): > > <img src='http://attacker.example.com'> Also, consider in particular iframes: <iframe src='http://attacker.com'> </iframe> Especially when the iframe is not even visible, it is easy to confuse the user into entering the embedding page's credentials into the embedded iframe page's HTTP auth dialog box.
(In reply to Brian Smith (:bsmith) from comment #17) > (In reply to Brian Smith (:bsmith) from comment #16) > > (In reply to Frank Yan (:fryn) from comment #14) > > > :shorlander and I are not concerned about spoofing here. Spoofing the prompt > > > is neither more dangerous nor more difficult that spoofing any HTML login > > > form on the web. > > > > Not true. Consider (on page https://victim.example.com/): > > > > <img src='http://attacker.example.com'> > > Also, consider in particular iframes: > > <iframe src='http://attacker.com'> > </iframe> > > Especially when the iframe is not even visible, it is easy to confuse the > user into entering the embedding page's credentials into the embedded iframe > page's HTTP auth dialog box. Good point. Does anyone have any ideas for a generally-applicable way to provide better indication of the source of a login prompt now that we're in an era where it's so common for a site to be stitched together with content from multiple domains?
Bug 647010 is about only allowing HTTP auth from the top level document. Does this cover your concerns?
well give the url and the frame name information to user, it's better to check what password browser is asking about when we have many passwords to enter
(In reply to Brian Smith (:bsmith) from comment #16) > However, I agree that, as long as we fix bug 647010, then we don't have to > worry about it here. (That's what I was saying in comment 13.) However, if > we don't/can't fix bug 647010 then we will need a solution for spoofing. > And, we may find that fixing bug 647010 is impossible due to compatibility > issues, especially for XHR. Yeah, this is the crux of the issue. Can we try fixing bug 647010 now, seeing if that sticks, and then go with a tab-modal prompt? It probably needs to stick though an actual release to shake out the full impact of things it might break... Frank, how's that match with Metro's timing? (Or maybe Metro can take a fix for 647010 in the interm, lest legacy compat issues prevent Firefox Desktop from shipping it.) > (The fact that > doorhangers can be dismissed accidentally and then become > difficult/impossible to resurrect are one of the most serious deficiencies > of the doorhanger UX in general.) Fodder for another bug, that that's quite intentional. > I disagree that HTTP authentication inherently requires a modal dialog box. Well, it does if you're loading resources within the page. The most obvious example being loading a script that triggers authentication... The rest of the page may depend upon effects of the script's execution. But if 647010 is actually going to only allow the top-level doc itself to trigger authentication, then you're right. The "prompt" can just be an error page with a username+password entry field. I'm all for 647010, but I fear that it carries a pretty big webcompat risk. And so we either need to tread carefully and try to fix it, or ensure that any auth prompt changes we make here are non-spoofable. Note that there are 2 subtly different issues: One is that a cross-origin auth prompt is something many users won't understand (no matter what the UI is), and so we should do things like 647010 to make that problem go away. The other is that given the web-we-have and not the web-we-want, how do we do our best to give users the info/tools to make the best of a bad situation? (Specifically for users to do understand or have been told what to look for.)
(In reply to Justin Dolske [:Dolske] from comment #21) > Yeah, this is the crux of the issue. Can we try fixing bug 647010 now, > seeing if that sticks, and then go with a tab-modal prompt? It probably > needs to stick though an actual release to shake out the full impact of > things it might break... Frank, how's that match with Metro's timing? (Or > maybe Metro can take a fix for 647010 in the interm, lest legacy compat > issues prevent Firefox Desktop from shipping it.) I think that we should start working on bug 647010, but I don't think that bug 647010 should block this bug. I just want to make sure that people understand that spoofing *is* still a concern and fixing this bug isn't the last word on improving the HTTP auth experience; i.e. I want to avoid running into the "we just modified the HTTP auth UX once, and it would be too confusing to change it again so soon" type of argument. > > I disagree that HTTP authentication inherently requires a modal dialog box. > > Well, it does if you're loading resources within the page. The most obvious > example being loading a script that triggers authentication... The rest of > the page may depend upon effects of the script's execution. Right, though I am curious about how much of a problem it would be in practice. It is something we could definitely measure the impact of with telemetry, "relatively easily." If people think it would be valuable to consider a non-modal HTTP auth prompt, either now or in the future, we could investigate it. > But if 647010 is actually going to only allow the top-level doc itself to > trigger authentication, then you're right. The "prompt" can just be an error > page with a username+password entry field. The motivation for bug 647010 is to prevent some kinds of cross-origin attacks, and we can prevent those types of attacks while still allowing same-origin subresources to trigger the HTTP auth prompt. However, if the UX teams think it would be useful to limit the prompt to only the top-level document, then we could experiment with that as part of bug 647010. > I'm all for 647010, but I fear that it carries a pretty big webcompat risk. > And so we either need to tread carefully and try to fix it, or ensure that > any auth prompt changes we make here are non-spoofable. I suggest that we assume that we can fix bug 647010 so that we can make forward progress on this bug, and if that assumption turns out to be wrong, then we can consider implementing alternative approaches to subresource-based spoofing later.
Please note that having tab-modal prompt, [bug 896253] with infinite-load-until-the-first-and-only-auth-prompt-proceeded can only be amplified because it can happen with only a single FF window opened (as opposed to current situation in which the bug is only exposed with more windows accessing the same authed site -- quite rare).
No longer blocks: 873810
Blocks: fxdesktopbacklog
Whiteboard: [triage]
Whiteboard: [triage]
No longer blocks: fxdesktopbacklog
Assignee: nobody → philipp
Status: NEW → ASSIGNED
Whiteboard: [ux] p=0 → [ux] p=3 s=it-30c-29a-28b.2
Whiteboard: [ux] p=3 s=it-30c-29a-28b.2 → [ux] p=3 s=it-30c-29a-28b.2 [qa+]
QA Contact: manuela.muntean
Assignee: philipp → mmaslaney
Carry over to Iteration it-30c-29a-28b.3
Whiteboard: [ux] p=3 s=it-30c-29a-28b.2 [qa+] → [ux] p=3 s=it-30c-29a-28b.3 [qa+]
Status: ASSIGNED → RESOLVED
Closed: 14 years ago11 years ago
Resolution: --- → FIXED
I don't think this bug is supposed to be marked as fixed, is it? Though, if you want to continue the implementation in Bug 977037, please mark as duplicate.
Flags: needinfo?(mmaslaney)
Flags: needinfo?(mmaslaney)
Resolution: FIXED → DUPLICATE
No longer blocks: fxdesktopbacklog
Whiteboard: [ux] p=3 s=it-30c-29a-28b.3 [qa+]
This bug is neither fixed, nor a dupe of bug 977037. Bug 977037 is just covering the designs, and doesn't focus on the implementation work, which should presumably happen here.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Returning to the Backlog for Gavin, Chad and Madhava to review.
Blocks: fxdesktopbacklog
Status: REOPENED → NEW
Whiteboard: p=0
Depends on: 983796
Whiteboard: p=0 → p=0, [qa+]
QA Contact: manuela.muntean → camelia.badau
No longer blocks: fxdesktopbacklog
Flags: firefox-backlog+
Whiteboard: p=0, [qa+] → p=0 [qa+]
Summary: Switch to using tab-modal prompt dialogs for HTTP authentication → Breakdown: Switch to using tab-modal prompt dialogs for HTTP authentication
Whiteboard: p=0 [qa+] → p=0 [qa-]
(In reply to :Ehsan Akhgari (lagging on bugmail, needinfo? me!) from comment #0) > we should probably port our HTTP authentication > dialogs to be tab-modal and not window-modal Yes. And the menus have to be operational. I have a Firefox tab asking me authentication. To look up my auth info, I need to go to a webmail. So I press Apple N, to create a new window. This does not work. Because the menu bar is crippled. So I go to Safari to open the needed webmail. This is a failure of Firefox. This needs to be improved. Thank you.
Summary: Breakdown: Switch to using tab-modal prompt dialogs for HTTP authentication → Switch to using tab-modal prompt dialogs for HTTP authentication
Whiteboard: p=0 [qa-] → p=0 [qa+]
Depends on: 1016403
(In reply to Nicolas Barbulesco from comment #36) > Yes. And the menus have to be operational. > > I have a Firefox tab asking me authentication. > To look up my auth info, I need to go to a webmail. So I press Apple N, to > create a new window. > This does not work. Because the menu bar is crippled. > So I go to Safari to open the needed webmail. > This is a failure of Firefox. Apologies if this is just a "+1" - but I feel I must echo the above sentiment. In my case when I open Firefox on either my laptop or desktop, about 10-15 pinned tabs autoload, of which about 7 of these tabs steal focus due to their authentication dialogs. For me I would prefer to have those tabs higlight (or flash or whatever, as long as it doesn't steal focus) and only ask me for the auth when I actually click on the tab. The present alternative is quickly clicking "Cancel" for each popup and re-loading them later on. As with Nicolas experience, this is a fail, temporarily making Firefox inconvenient/unusable until I've gone through each of these tabs. "Steal focus" should be a swearphrase.
Specs can be found in this bug: 977037
Whiteboard: p=0 [qa+] → p=0 [qa+] [qx]
Severity: enhancement → normal
FireFox 36.0.4 - problem still here :(
Whiteboard: p=0 [qa+] [qx] → p=0 [qa+] [qx:spec]
FireFox 39.0.3 - problem still here :(
Shutting off authentication from more than one origin point was not a bug fix. It was a breaking of useful functionality. A strongly-worded embedded warning with the ability to add and store an exception would have been a much better solution instead of just pulling the rug on thousands of sites that rely on this functionality and have for years and years.
Blocks: 1271852
It was put to my attention that this bug is actively exploited in the wild to extort ransom from website visitors. The attackers site keeps reloading so that the authentication dialog will immediately pop up again if closed, denying the victim any access to Firefox. The authentication message reads something like "Your browser has been locked. Call 0800-xxx to regain access." The only solution is to kill the firefox process with system tools. When firefox is then restarted and set to automatically restore the previous session the dialog will immediately occur again.
Blocks: 1312874
Flags: qe-verify+
Priority: -- → P3
Whiteboard: p=0 [qa+] [qx:spec] → [qx:spec]
Seems to me that this is a serious issue and should be upgraded to P1. I just encountered a page with a fake Firefox error page and a repeated HTTP authentication dialog and I was unable to close the tab to get out of the loop. Anything that lets a page cripple the browser needs to be fixed.
The WebExtensions team is in the initial stages of providing a tab hiding API under bug 1410548. One of the issues we are encountering is that a hidden tab that runs into an HTTP auth request must be forcibly shown to the user, since it is window-modal and would block all interaction with the browser if it were to remain hidden. While this isn't strictly blocking the implementation of hidden tabs, it definitely destroys the user's workflow. Making HTTP auth tab-modal would present a much nicer user experience when they are using hidden tabs.
Blocks: 1410548
> Switch to using tab-modal prompt dialogs for HTTP authentication Please: will the switch allow LastPass to regain functionality that was lost in the shift to WebExtensions APIs? <https://discourse.mozilla.org/t/-/19745/8?u=grahamperrin> relates to LastPass premium support ticket # 6529225 > … LastPass 4.2.1.21 is not compatible with modal authentication dialogues …
Blocks: 1435085
Yep, after upgrade to 58, I see this issue (as many other people), because Firefox now complete hangs on any page with HTTP auth. Only way for fix - kill FF process and do not open any page with HTTP authentication.. My case on Mac OS 10.10.5, Fixefox 58.0.1
Alternative workaround that has worked for me: Put mouse over tab close button (X). Press escape (ESC) immediately followed by left mouse button (LMB) click. Depending on speed of the server you may need to try a couple times but I can usually close the tab before it issues another authentication dialog.
Blocks: 1427272
Flags: needinfo?(dolske)

We can probably use an approach similar to the Web Payments dialog which was still connected to the .browserContainer but also overlapped the chrome using absolute positioning (via a hack using HTML since XUL doesn't support abs. pos.). I think we could move all <tabmodalprompt> inside an <html:div> like .paymentDialogContainer and then have CSS trigger the position:absolute depending on which prompt is top-most since I assume we don't want regular alert()/confirm() to overlap chrome, only http-auth.

https://searchfox.org/mozilla-central/rev/c21d6620d384dfb13ede6054015da05a6353b899/browser/components/payments/paymentUIService.js#68-75,188-193

Depends on: 1029815

As the design from bug 977037 is already somewhat dated by now, should it be reopened to adjust the UI?

Blocks: 791594
Assignee: nobody → pbz
Status: NEW → ASSIGNED
Depends on: 1632199
No longer blocks: 1633806

Depends on D75567

Attachment #9149415 - Attachment description: Bug 613785 - Show tab modal http auth prompts. r=johannh → Bug 613785 - Tab modal http auth prompts. r=johannh
Pushed by pzuhlcke@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/fdc328259d08 Updated http auth prompt tests to support tab prompts. r=johannh https://hg.mozilla.org/integration/autoland/rev/333d10fedb1a Tab modal http auth prompts. r=johannh

This got backed out along with Bug 1633370. I'm currently working on the new UX for tab chrome prompts. It's probably better to re-land this once the new UI is done.

Attachment #9149414 - Attachment description: Bug 613785 - Updated http auth prompt tests to support tab prompts. r=johannh → Bug 613785 - Updated http auth prompt tests to support tab prompts. r=gijs
Pushed by pzuhlcke@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/aeeb3f688098 Updated http auth prompt tests to support tab prompts. r=extension-reviewers,Gijs,zombie https://hg.mozilla.org/integration/autoland/rev/4738b2f8406d Tab modal http auth prompts. r=johannh

Backed out 3 changesets (bug 1633370, bug 613785) for test_alert_opened_before_session_starts failures.

Push with failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&searchStr=marionette&tochange=4738b2f8406d718f29d8168046e948c6a07eae3b&fromchange=c84b2f303275e16c946117a8d0859fd3c8b0f29f&selectedTaskRun=dAQvZSLqQZi1kqJMpR0uGg.1

Backout link: https://hg.mozilla.org/integration/autoland/rev/a82361f4787aaf24b3814249e756d08c80fb2686

Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=315152856&repo=autoland&lineNumber=39118

[task 2020-09-08T23:56:34.959Z] 23:56:34     INFO - TEST-START | testing/marionette/harness/marionette_harness/tests/unit/test_modal_dialogs.py TestModalAlerts.test_alert_opened_before_session_starts
[task 2020-09-08T23:56:34.963Z] 23:56:34     INFO -  1599609394958	Marionette	DEBUG	Closed connection 9
[task 2020-09-08T23:56:34.963Z] 23:56:34     INFO -  1599609394959	Marionette	DEBUG	Accepted connection 10 from 127.0.0.1:58306
[task 2020-09-08T23:56:34.964Z] 23:56:34     INFO -  1599609394960	Marionette	DEBUG	10 -> [0,1,"WebDriver:NewSession",{"strictFileInteractability":true}]
[task 2020-09-08T23:56:34.964Z] 23:56:34     INFO -  1599609394961	Marionette	TRACE	[15] Frame script loaded
[task 2020-09-08T23:56:34.964Z] 23:56:34     INFO -  1599609394961	Marionette	TRACE	[15] Frame script registered
[task 2020-09-08T23:56:34.965Z] 23:56:34     INFO -  1599609394962	Marionette	DEBUG	10 <- [1,1,null,{"sessionId":"e2b792a8-6746-4ed6-aa27-9d2f7c7b19d8","capabilities":{"browserName":"firefox","browserVersion":"82.0a ... mp/tmpiKgglC.mozrunner","moz:shutdownTimeout":60000,"moz:useNonSpecCompliantPointerOrigin":false,"moz:webdriverClick":true}}]
[task 2020-09-08T23:56:34.967Z] 23:56:34     INFO -  1599609394965	Marionette	DEBUG	10 -> [0,2,"WebDriver:SetTimeouts",{"script":30000}]
[task 2020-09-08T23:56:34.967Z] 23:56:34     INFO -  1599609394965	Marionette	DEBUG	10 <- [1,2,null,{"value":null}]
[task 2020-09-08T23:56:34.967Z] 23:56:34     INFO -  1599609394966	Marionette	DEBUG	10 -> [0,3,"WebDriver:SetTimeouts",{"pageLoad":300000}]
[task 2020-09-08T23:56:34.968Z] 23:56:34     INFO -  1599609394966	Marionette	DEBUG	10 <- [1,3,null,{"value":null}]
[task 2020-09-08T23:56:34.972Z] 23:56:34     INFO -  1599609394968	Marionette	DEBUG	10 -> [0,4,"WebDriver:SetTimeouts",{"implicit":0}]
[task 2020-09-08T23:56:34.972Z] 23:56:34     INFO -  1599609394968	Marionette	DEBUG	10 <- [1,4,null,{"value":null}]
[task 2020-09-08T23:56:34.973Z] 23:56:34     INFO -  1599609394969	Marionette	DEBUG	10 -> [0,5,"WebDriver:GetChromeWindowHandle",{}]
[task 2020-09-08T23:56:34.973Z] 23:56:34     INFO -  1599609394969	Marionette	DEBUG	10 <- [1,5,null,{"value":"1"}]
[task 2020-09-08T23:56:34.973Z] 23:56:34     INFO -  1599609394970	Marionette	DEBUG	10 -> [0,6,"WebDriver:GetChromeWindowHandles",{}]
[task 2020-09-08T23:56:34.973Z] 23:56:34     INFO -  1599609394970	Marionette	DEBUG	10 <- [1,6,null,["1"]]
[task 2020-09-08T23:56:34.973Z] 23:56:34     INFO -  1599609394970	Marionette	DEBUG	10 -> [0,7,"WebDriver:GetWindowHandle",{}]
[task 2020-09-08T23:56:34.974Z] 23:56:34     INFO -  1599609394970	Marionette	DEBUG	10 <- [1,7,null,{"value":"15"}]
[task 2020-09-08T23:56:34.976Z] 23:56:34     INFO -  1599609394971	Marionette	DEBUG	10 -> [0,8,"WebDriver:GetWindowHandles",{}]
[task 2020-09-08T23:56:34.976Z] 23:56:34     INFO -  1599609394972	Marionette	DEBUG	10 <- [1,8,null,["15"]]
[task 2020-09-08T23:56:34.977Z] 23:56:34     INFO -  1599609394974	Marionette	DEBUG	10 -> [0,9,"WebDriver:GetWindowHandles",{}]
[task 2020-09-08T23:56:34.977Z] 23:56:34     INFO -  1599609394975	Marionette	DEBUG	10 <- [1,9,null,["15"]]
[task 2020-09-08T23:56:34.978Z] 23:56:34     INFO -  1599609394975	Marionette	DEBUG	10 -> [0,10,"WebDriver:NewWindow",{"type":"tab","focus":false,"private":false}]
[task 2020-09-08T23:56:34.994Z] 23:56:34     INFO -  1599609394983	Marionette	TRACE	Received DOM event TabOpen for [object XULElement]
[task 2020-09-08T23:56:35.034Z] 23:56:35     INFO -  DEBUG: Adding blocker ContentParent: id=7fb88b0af000 for phase xpcom-will-shutdown
[task 2020-09-08T23:56:35.034Z] 23:56:35     INFO -  DEBUG: Adding blocker ContentParent: id=7fb88b0af000 for phase profile-before-change
[task 2020-09-08T23:56:35.076Z] 23:56:35     INFO -  1599609395070	Marionette	TRACE	[34] Frame script loaded
[task 2020-09-08T23:56:35.076Z] 23:56:35     INFO -  1599609395072	Marionette	TRACE	[34] Frame script registered
[task 2020-09-08T23:56:35.104Z] 23:56:35     INFO -  1599609395098	Marionette	DEBUG	10 <- [1,10,null,{"handle":"34","type":"tab"}]
[task 2020-09-08T23:56:35.120Z] 23:56:35     INFO -  1599609395115	Marionette	DEBUG	10 -> [0,11,"WebDriver:GetWindowHandles",{}]
[task 2020-09-08T23:56:35.120Z] 23:56:35     INFO -  1599609395115	Marionette	DEBUG	10 <- [1,11,null,["15","34"]]
[task 2020-09-08T23:56:35.120Z] 23:56:35     INFO -  1599609395116	Marionette	DEBUG	10 -> [0,12,"WebDriver:GetWindowHandles",{}]
[task 2020-09-08T23:56:35.120Z] 23:56:35     INFO -  1599609395116	Marionette	DEBUG	10 <- [1,12,null,["15","34"]]
[task 2020-09-08T23:56:35.140Z] 23:56:35     INFO -  1599609395135	Marionette	DEBUG	10 -> [0,13,"WebDriver:SwitchToWindow",{"handle":"34","focus":true}]
[task 2020-09-08T23:56:35.161Z] 23:56:35     INFO -  1599609395158	Marionette	TRACE	Received DOM event TabSelect for [object XULElement]
[task 2020-09-08T23:56:35.177Z] 23:56:35     INFO -  1599609395168	Marionette	DEBUG	10 <- [1,13,null,{"value":null}]
[task 2020-09-08T23:56:35.177Z] 23:56:35     INFO -  1599609395171	Marionette	DEBUG	10 -> [0,14,"Marionette:GetContext",{}]
[task 2020-09-08T23:56:35.177Z] 23:56:35     INFO -  1599609395171	Marionette	DEBUG	10 <- [1,14,null,{"value":"content"}]
[task 2020-09-08T23:56:35.177Z] 23:56:35     INFO -  1599609395173	Marionette	DEBUG	10 -> [0,15,"Marionette:SetContext",{"value":"chrome"}]
[task 2020-09-08T23:56:35.177Z] 23:56:35     INFO -  1599609395174	Marionette	DEBUG	10 <- [1,15,null,{"value":null}]
[task 2020-09-08T23:56:35.177Z] 23:56:35     INFO -  1599609395175	Marionette	DEBUG	10 -> [0,16,"WebDriver:ExecuteScript",{"script":"Components.utils.import(\"resource://gre/modules/Preferences.jsm\");\n\n           ... e,false],"filename":"../../venv/lib/python2.7/site-packages/marionette_driver/marionette.py","sandbox":"default","line":770}]
[task 2020-09-08T23:56:35.180Z] 23:56:35     INFO -  1599609395179	Marionette	DEBUG	10 <- [1,16,null,{"value":null}]
[task 2020-09-08T23:56:35.182Z] 23:56:35     INFO -  1599609395179	Marionette	DEBUG	10 -> [0,17,"Marionette:SetContext",{"value":"content"}]
[task 2020-09-08T23:56:35.182Z] 23:56:35     INFO -  1599609395180	Marionette	DEBUG	10 <- [1,17,null,{"value":null}]
[task 2020-09-08T23:56:35.183Z] 23:56:35     INFO -  1599609395180	Marionette	DEBUG	10 -> [0,18,"WebDriver:Navigate",{"url":"http://127.0.0.1:34551/http_auth"}]
[task 2020-09-08T23:56:35.186Z] 23:56:35     INFO -  1599609395184	Marionette	TRACE	Using browsing context 34
[task 2020-09-08T23:56:35.201Z] 23:56:35     INFO -  1599609395193	Marionette	TRACE	[34] Received DOM event beforeunload for about:blank
[task 2020-09-08T23:56:35.310Z] 23:56:35     INFO -  1599609395307	Marionette	TRACE	Received observer notification common-dialog-loaded
[task 2020-09-08T23:56:35.311Z] 23:56:35     INFO -  1599609395308	Marionette	DEBUG	10 <- [1,18,null,{"value":null}]
[task 2020-09-08T23:56:35.320Z] 23:56:35     INFO -  1599609395315	Marionette	DEBUG	10 -> [0,19,"WebDriver:GetTimeouts",{}]
[task 2020-09-08T23:56:35.320Z] 23:56:35     INFO -  1599609395315	Marionette	DEBUG	10 <- [1,19,null,{"implicit":0,"pageLoad":300000,"script":30000}]
[task 2020-09-08T23:56:35.320Z] 23:56:35     INFO -  1599609395316	Marionette	DEBUG	10 -> [0,20,"WebDriver:GetAlertText",{}]
[task 2020-09-08T23:56:35.320Z] 23:56:35     INFO -  1599609395316	Marionette	DEBUG	10 <- [1,20,null,{"value":"http://127.0.0.1:34551 is requesting your username and password. The site says: “secret”"}]
[task 2020-09-08T23:56:35.320Z] 23:56:35     INFO -  1599609395316	Marionette	DEBUG	10 -> [0,21,"WebDriver:DeleteSession",{}]
[task 2020-09-08T23:56:35.321Z] 23:56:35     INFO -  1599609395319	Marionette	DEBUG	10 <- [1,21,null,{"value":null}]
[task 2020-09-08T23:56:35.329Z] 23:56:35     INFO -  1599609395324	Marionette	DEBUG	Closed connection 10
[task 2020-09-08T23:56:35.330Z] 23:56:35     INFO -  1599609395326	Marionette	DEBUG	Accepted connection 11 from 127.0.0.1:58310
[task 2020-09-08T23:56:35.332Z] 23:56:35     INFO -  1599609395328	Marionette	DEBUG	11 -> [0,1,"WebDriver:NewSession",{"strictFileInteractability":true}]
[task 2020-09-08T23:56:35.334Z] 23:56:35     INFO -  1599609395331	Marionette	TRACE	[15] Frame script loaded
[task 2020-09-08T23:56:35.334Z] 23:56:35     INFO -  1599609395331	Marionette	TRACE	[34] Frame script loaded
[task 2020-09-08T23:56:35.334Z] 23:56:35     INFO -  1599609395332	Marionette	TRACE	[15] Frame script registered
[task 2020-09-08T23:56:35.334Z] 23:56:35     INFO -  1599609395332	Marionette	TRACE	[34] Frame script registered
[task 2020-09-08T23:56:35.338Z] 23:56:35     INFO -  1599609395335	Marionette	DEBUG	11 <- [1,1,null,{"sessionId":"3c981ab5-977b-4b94-ab28-8aface957fe9","capabilities":{"browserName":"firefox","browserVersion":"82.0a ... mp/tmpiKgglC.mozrunner","moz:shutdownTimeout":60000,"moz:useNonSpecCompliantPointerOrigin":false,"moz:webdriverClick":true}}]
[task 2020-09-08T23:56:35.338Z] 23:56:35     INFO -  1599609395336	Marionette	DEBUG	11 -> [0,2,"WebDriver:DismissAlert",{}]
[task 2020-09-08T23:56:35.340Z] 23:56:35     INFO -  1599609395336	Marionette	DEBUG	11 <- [1,2,{"error":"no such alert","message":"","stacktrace":"WebDriverError@chrome://marionette/content/error.js:175:5\nNoSuchAle ... e://gre/modules/LoginManagerAuthPrompter.jsm:760:30\nrun@resource://gre/modules/LoginManagerAuthPrompter.jsm:187:27\n"},null]
[task 2020-09-08T23:56:35.341Z] 23:56:35     INFO -  1599609395339	Marionette	DEBUG	11 -> [0,3,"Marionette:GetContext",{}]
[task 2020-09-08T23:56:35.344Z] 23:56:35     INFO -  1599609395339	Marionette	DEBUG	11 <- [1,3,null,{"value":"content"}]
[task 2020-09-08T23:56:35.345Z] 23:56:35     INFO -  1599609395341	Marionette	DEBUG	11 -> [0,4,"Marionette:SetContext",{"value":"chrome"}]
[task 2020-09-08T23:56:35.345Z] 23:56:35     INFO -  1599609395341	Marionette	DEBUG	11 <- [1,4,null,{"value":null}]
[task 2020-09-08T23:56:35.347Z] 23:56:35     INFO -  1599609395343	Marionette	DEBUG	11 -> [0,5,"WebDriver:TakeScreenshot",{"full":true,"hash":false,"id":null,"scroll":true}]
[task 2020-09-08T23:56:35.348Z] 23:56:35     INFO -  1599609395343	Marionette	TRACE	Using browsing context 1
[task 2020-09-08T23:56:35.425Z] 23:56:35     INFO - TEST-UNEXPECTED-ERROR | testing/marionette/harness/marionette_harness/tests/unit/test_modal_dialogs.py TestModalAlerts.test_alert_opened_before_session_starts | NoAlertPresentException: 
[task 2020-09-08T23:56:35.426Z] 23:56:35     INFO - stacktrace:
[task 2020-09-08T23:56:35.426Z] 23:56:35     INFO - 	WebDriverError@chrome://marionette/content/error.js:175:5
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	NoSuchAlertError@chrome://marionette/content/error.js:376:5
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	GeckoDriver.prototype._checkIfAlertIsPresent@chrome://marionette/content/driver.js:3381:11
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	GeckoDriver.prototype.dismissDialog@chrome://marionette/content/driver.js:3294:8
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	despatch@chrome://marionette/content/server.js:303:40
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	execute@chrome://marionette/content/server.js:273:16
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	onPacket/<@chrome://marionette/content/server.js:246:20
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	onPacket@chrome://marionette/content/server.js:247:9
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	_onJSONObjectReady/<@chrome://marionette/content/transport.js:501:20
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	openPromptSync@resource://gre/modules/Prompter.jsm:1081:17
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	nsIPrompt_promptUsernameAndPassword@resource://gre/modules/Prompter.jsm:1521:10
[task 2020-09-08T23:56:35.427Z] 23:56:35     INFO - 	promptAuth@resource://gre/modules/Prompter.jsm:1664:17
[task 2020-09-08T23:56:35.428Z] 23:56:35     INFO - 	promptAuthBC@resource://gre/modules/Prompter.jsm:689:14
[task 2020-09-08T23:56:35.428Z] 23:56:35     INFO - 	promptAuth@resource://gre/modules/LoginManagerAuthPrompter.jsm:760:30
[task 2020-09-08T23:56:35.428Z] 23:56:35     INFO - 	run@resource://gre/modules/LoginManagerAuthPrompter.jsm:187:27
[task 2020-09-08T23:56:35.428Z] 23:56:35     INFO - Traceback (most recent call last):
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -   File "/builds/worker/workspace/build/venv/lib/python2.7/site-packages/marionette_harness/marionette_test/testcases.py", line 196, in run
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -     testMethod()
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -   File "/builds/worker/workspace/build/tests/marionette/tests/testing/marionette/harness/marionette_harness/tests/unit/test_modal_dialogs.py", line 206, in test_alert_opened_before_session_starts
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -     alert.dismiss()
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -   File "/builds/worker/workspace/build/venv/lib/python2.7/site-packages/marionette_driver/marionette.py", line 378, in dismiss
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -     self.marionette._send_message("WebDriver:DismissAlert")
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -   File "/builds/worker/workspace/build/venv/lib/python2.7/site-packages/marionette_driver/decorators.py", line 26, in _
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -     return func(*args, **kwargs)
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -   File "/builds/worker/workspace/build/venv/lib/python2.7/site-packages/marionette_driver/marionette.py", line 602, in _send_message
[task 2020-09-08T23:56:35.429Z] 23:56:35     INFO -     self._handle_error(err)
[task 2020-09-08T23:56:35.430Z] 23:56:35     INFO -   File "/builds/worker/workspace/build/venv/lib/python2.7/site-packages/marionette_driver/marionette.py", line 622, in _handle_error
[task 2020-09-08T23:56:35.430Z] 23:56:35     INFO -     raise errors.lookup(error)(message, stacktrace=stacktrace)
[task 2020-09-08T23:56:35.430Z] 23:56:35     INFO - TEST-INFO took 441ms
[task 2020-09-08T23:56:35.430Z] 23:56:35     INFO -  1599609395392	Marionette	DEBUG	11 <- [1,5,null,{"value":"iVBORw0KGgoAAAANSUhEUgAABQAAAAQQCAYAAAC9RfbYAAAgAElEQVR4nOzd23OU953g//kDMv/KXm3t1e9yrnzjcmV+VZlMNqlKJvEmt ... AjAAIAAFA2awcgQJkACAAAQJkACOyeAAgAAECZAAjsngAIAABAmQAI7J4ACAAAQJkACOyeAAgAAECZAAjsngAIAABA2QdjdW0fo0V/uwAAAABJRU5ErkJggg=="}]
[task 2020-09-08T23:56:35.430Z] 23:56:35     INFO -  1599609395394	Marionette	DEBUG	11 -> [0,6,"Marionette:SetContext",{"value":"content"}]
[task 2020-09-08T23:56:35.430Z] 23:56:35     INFO -  1599609395394	Marionette	DEBUG	11 <- [1,6,null,{"value":null}]
[task 2020-09-08T23:56:35.431Z] 23:56:35     INFO -  1599609395394	Marionette	DEBUG	11 -> [0,7,"Marionette:GetContext",{}]
[task 2020-09-08T23:56:35.431Z] 23:56:35     INFO -  1599609395394	Marionette	DEBUG	11 <- [1,7,null,{"value":"content"}]
[task 2020-09-08T23:56:35.432Z] 23:56:35     INFO -  1599609395395	Marionette	DEBUG	11 -> [0,8,"Marionette:SetContext",{"value":"content"}]
[task 2020-09-08T23:56:35.432Z] 23:56:35     INFO -  1599609395395	Marionette	DEBUG	11 <- [1,8,null,{"value":null}]
[task 2020-09-08T23:56:35.433Z] 23:56:35     INFO -  1599609395395	Marionette	DEBUG	11 -> [0,9,"WebDriver:GetPageSource",{}]
[task 2020-09-08T23:56:35.433Z] 23:56:35     INFO -  1599609395397	Marionette	DEBUG	11 <- [1,9,null,{"value":"<html><head></head><body></body></html>"}]
[task 2020-09-08T23:56:35.434Z] 23:56:35     INFO -  1599609395397	Marionette	DEBUG	11 -> [0,10,"Marionette:SetContext",{"value":"content"}]
[task 2020-09-08T23:56:35.434Z] 23:56:35     INFO -  1599609395397	Marionette	DEBUG	11 <- [1,10,null,{"value":null}]
[task 2020-09-08T23:56:35.435Z] 23:56:35     INFO -  1599609395405	Marionette	DEBUG	11 -> [0,11,"Marionette:GetContext",{}]
[task 2020-09-08T23:56:35.435Z] 23:56:35     INFO -  1599609395405	Marionette	DEBUG	11 <- [1,11,null,{"value":"content"}]
[task 2020-09-08T23:56:35.435Z] 23:56:35     INFO -  1599609395407	Marionette	DEBUG	11 -> [0,12,"Marionette:SetContext",{"value":"chrome"}]
[task 2020-09-08T23:56:35.436Z] 23:56:35     INFO -  1599609395407	Marionette	DEBUG	11 <- [1,12,null,{"value":null}]
[task 2020-09-08T23:56:35.436Z] 23:56:35     INFO -  1599609395408	Marionette	DEBUG	11 -> [0,13,"WebDriver:ExecuteScript",{"script":"Components.utils.import(\"resource://gre/modules/Preferences.jsm\");\n             ... -allow"],"filename":"../../venv/lib/python2.7/site-packages/marionette_driver/marionette.py","sandbox":"default","line":708}]
[task 2020-09-08T23:56:35.437Z] 23:56:35     INFO -  1599609395410	Marionette	DEBUG	11 <- [1,13,null,{"value":null}]
[task 2020-09-08T23:56:35.437Z] 23:56:35     INFO -  1599609395411	Marionette	DEBUG	11 -> [0,14,"Marionette:SetContext",{"value":"content"}]
[task 2020-09-08T23:56:35.438Z] 23:56:35     INFO -  1599609395411	Marionette	DEBUG	11 <- [1,14,null,{"value":null}]
[task 2020-09-08T23:56:35.438Z] 23:56:35     INFO -  1599609395411	Marionette	DEBUG	11 -> [0,15,"WebDriver:GetWindowHandles",{}]
[task 2020-09-08T23:56:35.439Z] 23:56:35     INFO -  1599609395412	Marionette	DEBUG	11 <- [1,15,null,["15","34"]]
[task 2020-09-08T23:56:35.440Z] 23:56:35     INFO -  1599609395412	Marionette	DEBUG	11 -> [0,16,"WebDriver:SwitchToWindow",{"handle":"34","focus":true}]
[task 2020-09-08T23:56:35.446Z] 23:56:35     INFO -  1599609395413	Marionette	DEBUG	11 <- [1,16,null,{"value":null}]
[task 2020-09-08T23:56:35.450Z] 23:56:35     INFO -  1599609395413	Marionette	DEBUG	11 -> [0,17,"WebDriver:CloseWindow",{}]
[task 2020-09-08T23:56:35.458Z] 23:56:35     INFO -  1599609395441	Marionette	TRACE	Received DOM event TabClose for [object XULElement]
[task 2020-09-08T23:56:35.463Z] 23:56:35     INFO -  1599609395459	Marionette	TRACE	Received observer notification message-manager-disconnect
[task 2020-09-08T23:56:35.465Z] 23:56:35     INFO -  1599609395459	Marionette	DEBUG	11 <- [1,17,null,["15"]]
[task 2020-09-08T23:56:35.466Z] 23:56:35     INFO -  JavaScript error: resource://gre/modules/Prompter.jsm, line 1189: NS_ERROR_NOT_AVAILABLE: prompt aborted by user
[task 2020-09-08T23:56:35.467Z] 23:56:35     INFO -  1599609395462	Marionette	DEBUG	11 -> [0,18,"WebDriver:SwitchToWindow",{"handle":"15","focus":true}]
[task 2020-09-08T23:56:35.472Z] 23:56:35     INFO -  1599609395463	Marionette	DEBUG	11 <- [1,18,null,{"value":null}]
[task 2020-09-08T23:56:35.473Z] 23:56:35     INFO -  1599609395463	Marionette	DEBUG	11 -> [0,19,"WebDriver:GetChromeWindowHandles",{}]
[task 2020-09-08T23:56:35.474Z] 23:56:35     INFO -  1599609395463	Marionette	DEBUG	11 <- [1,19,null,["1"]]
[task 2020-09-08T23:56:35.474Z] 23:56:35     INFO -  1599609395465	Marionette	DEBUG	11 -> [0,20,"WebDriver:GetWindowHandles",{}]
[task 2020-09-08T23:56:35.475Z] 23:56:35     INFO -  1599609395466	Marionette	DEBUG	11 <- [1,20,null,["15"]]
[task 2020-09-08T23:56:35.477Z] 23:56:35     INFO -  1599609395467	Marionette	DEBUG	11 -> [0,21,"WebDriver:DeleteSession",{}]
[task 2020-09-08T23:56:35.478Z] 23:56:35     INFO -  1599609395471	Marionette	DEBUG	11 <- [1,21,null,{"value":null}]
...
Flags: needinfo?(pbz)
Flags: needinfo?(pbz)
Pushed by pzuhlcke@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9df275f6cd8d Updated http auth prompt tests to support tab prompts. r=extension-reviewers,Gijs,zombie https://hg.mozilla.org/integration/autoland/rev/c8555693674c Tab modal http auth prompts. r=johannh https://hg.mozilla.org/integration/autoland/rev/0f7dc1b122c6 Updated marionette modal#findModalDialogs to support SubDialog prompts. r=whimboo,marionette-reviewers
Backout by ccoroiu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c6d80d05c8f4 Backed out 3 changesets for license failure at toolkit/components/pictureinpicture/docs/PiP-diagram.svg on a CLOSED TREE

Sorry for the backout, relanding.

Pushed by ccoroiu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7603440e6c36 Updated http auth prompt tests to support tab prompts. r=extension-reviewers,Gijs,zombie on a CLOSED TREE https://hg.mozilla.org/integration/autoland/rev/3729a6bb6ab2 Tab modal http auth prompts. r=johannh on a CLOSED TREE https://hg.mozilla.org/integration/autoland/rev/184b034f637d Updated marionette modal#findModalDialogs to support SubDialog prompts. r=whimboo,marionette-reviewers on a CLOSED TREE

https://hg.mozilla.org/mozilla-central/rev/7603440e6c36
https://hg.mozilla.org/mozilla-central/rev/3729a6bb6ab2
https://hg.mozilla.org/mozilla-central/rev/184b034f637d

Status: ASSIGNED → RESOLVED
Closed: 11 years ago4 years ago
status-firefox82: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 82 Branch

Thanks for fixing this!

Does the fix also mean that the TLS client cert auth dialogs are also fixed, or will they need a similar fix? The bug for those is https://bugzilla.mozilla.org/show_bug.cgi?id=1401466

Also, it would be great to have a screenshot of what the new UI looks like attached to this bug.

(In reply to Paul Wise from comment #87)

Thanks for fixing this!

Does the fix also mean that the TLS client cert auth dialogs are also fixed, or will they need a similar fix? The bug for those is https://bugzilla.mozilla.org/show_bug.cgi?id=1401466

That's separate window code, but it should be possible to also show that in the TabDialogBox.

(In reply to Paul Wise from comment #88)

Also, it would be great to have a screenshot of what the new UI looks like attached to this bug.

You can see it in the latest Nightly when you open a site that requires basic auth. For example: https://jigsaw.w3.org/HTTP/Basic/

Depends on: 1665156
Depends on: 1665158
No longer depends on: 1665156
Regressions: 1665156
Regressions: 1665339

I verified the fix using latest Nightly 83.0a1 on Windows 10 x64, Ubuntu 18.04 x64 and macOS 10.13. The issue is not reproducing anymore.
However when I used Firefox 82.0b2 on Windows 10 x64 and Ubuntu 18.04 x64, the window-modal was displayed.

Flags: needinfo?(pbz)

The auth tab prompts are currently only enabled for Nightly.

Flags: needinfo?(pbz)
Blocks: 1667065

Hi all,

As a user of Nightly, I have noticed the new modal pop-up for HTTP authentication. While I do like the look and feel of the new prompt, I have run into a slight issue when using a password manager to auto-fill the username and password. The password manager utilizes the window's title to match the appropriate entry and previously the prompt had a window title of "Authentication Required". After this change, the title is simply "Firefox Nightly" which would still work, but is a bit ambiguous and might match more entries than intended.

My question is, I'm wondering if it's possible to set the tab's title to use the same one as the previous prompt? I'm sure this would help out a lot of others using password managers.

(In reply to Kuzma Fesenko from comment #93)

Hi all,

As a user of Nightly, I have noticed the new modal pop-up for HTTP authentication. While I do like the look and feel of the new prompt, I have run into a slight issue when using a password manager to auto-fill the username and password. The password manager utilizes the window's title to match the appropriate entry and previously the prompt had a window title of "Authentication Required". After this change, the title is simply "Firefox Nightly" which would still work, but is a bit ambiguous and might match more entries than intended.

My question is, I'm wondering if it's possible to set the tab's title to use the same one as the previous prompt? I'm sure this would help out a lot of others using password managers.

This is a valid suggestion, can you file a new bug, please?

Flags: needinfo?(kuzimoto)

(In reply to Kuzma Fesenko from comment #93)

Hi all,

As a user of Nightly, I have noticed the new modal pop-up for HTTP authentication. While I do like the look and feel of the new prompt, I have run into a slight issue when using a password manager to auto-fill the username and password. The password manager utilizes the window's title to match the appropriate entry and previously the prompt had a window title of "Authentication Required". After this change, the title is simply "Firefox Nightly" which would still work, but is a bit ambiguous and might match more entries than intended.

My question is, I'm wondering if it's possible to set the tab's title to use the same one as the previous prompt? I'm sure this would help out a lot of others using password managers.

(In reply to Johann Hofmann [:johannh] from comment #94)

(In reply to Kuzma Fesenko from comment #93)

Hi all,

As a user of Nightly, I have noticed the new modal pop-up for HTTP authentication. While I do like the look and feel of the new prompt, I have run into a slight issue when using a password manager to auto-fill the username and password. The password manager utilizes the window's title to match the appropriate entry and previously the prompt had a window title of "Authentication Required". After this change, the title is simply "Firefox Nightly" which would still work, but is a bit ambiguous and might match more entries than intended.

My question is, I'm wondering if it's possible to set the tab's title to use the same one as the previous prompt? I'm sure this would help out a lot of others using password managers.

This is a valid suggestion, can you file a new bug, please?

Will do!

Flags: needinfo?(kuzimoto)
Depends on: 1671011

Hi, I believe this has made to Firefox 83, and my first thought when I saw the new prompt was that I was being spoofed. Had to do some hg repo archaeology to confirm that it indeed was a legitimate change and find the corresponding bugzilla issue..
Perhaps worth including in the changelog, so people aren't confused by the change? Thanks!

Regressions: 1684469
Regressions: 1680066
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: