[Webkit-unassigned] [Bug 37989] New: Webkit based browsers do not supply credentials properly with Apache basic authentication
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Apr 22 06:55:19 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=37989
Summary: Webkit based browsers do not supply credentials
properly with Apache basic authentication
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: New Bugs
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: bugs at bsc.gwu.edu
I have observed this problem for several years and with all versions of webkit
based browsers. When a client visits a web site that is using Apache Basic
Authentication, the server will respond with a 401 HTTP status code requesting
a userID/password. However, at times, the browser will ignore the 401 status
code and repeatedly requests content without providing the userID/password on
the request. There could be several hundred requests that are generated
without properly providing this information even though the server responds to
each one with a 401.
Problem here is that this behavior will trigger server side security monitors
that consider this to be an failed attempt to login to a secured site.
Thanks.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list