[Webkit-unassigned] [Bug 78993] New: Handle HTTP error 511 Network Authentication Required (standard secure proxy authentification/captive portal detection

Sun Feb 19 03:27:27 PST 2012

https://bugs.webkit.org/show_bug.cgi?id=78993

           Summary: Handle HTTP error 511 Network Authentication Required
                    (standard secure proxy authentification/captive portal
                    detection
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Platform
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: nicolas.mailhot at laposte.net

Since 
http://code.google.com/p/chromium/issues/detail?id=7338 and
https://bugzilla.mozilla.org/show_bug.cgi?id=479880

there is no clean way for a proxy or captive portal to get a browser to display an authentication dialog when user credentials expire while he is browsing on an https website.

(to be sure, the previous methods were insecure and hackish but they existed because nothing better was available)

The IETF finally set up to fix this problem and defined a standard HTTP error that let access control equipments tell the browser authentication or re-authentication is needed and where the authentication form is located.

http://tools.ietf.org/id/draft-nottingham-http-new-status-04.txt

(since error 511 uses out-of-band authentication it is possible for the browser to only trust specific certs on error 511 and protect the user)

Please add error 511 handling in webkit, or have the ietf draft corrected if it's missing something

→ <http://www.rfc-editor.org/queue2.html#draft-nottingham-http-new-status> (so the spec is approved and in the queue for publication as RFC)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.