Hi, Thanks for your answer.
> > I encountered today an unexpected behaviour of Firefox today. When I > > receive this kind of http Digest challenge : > > from what server/url? Unfortunately, it was on a private network. > > HTTP/1.1 401 Unauthorized > > [...] > > WWW-Authenticate: Digest realm="X.X.X.X", > > nonce="jDtaVwL2Yn41zxAefxOtRZ6FoLB2bAAAAAAAAAAAAAA=", qop="auth-int", > > algorithm=AKAv1-MD5 > > > Firefox hangs and does not respond to the challenge correctly. > > when you say hangs, does this mean that you can not use the ui at all? Hmm, my mistake, I was not precise enough. Firefox does not really "hang", the UI is still usable. But nothing happens after the URL is reached. > > I don't > > see the usual pop-up asking for a username/password when it receives a > > Http Digest challenge, and apparently the usual code handling Http > > Digest challenge in Firefox is not called (XPCOM component > > "@mozilla.org/network/http-authenticator;1?scheme=digest"). > > > Firefox works fine with other Http Digest challenge, so I suspect > > (since it's the only visible difference) that's because of the > > parameter algorithm=AKAv1-MD5. So I've investigated to see how RFC3310 > > (dealing with Http Digest AKA) was supposed to be handled by browsers. > > > I didn't find any clue about Firefox supposed behaviour when receiving > > such a Digest challenge... Could anyone give me any lead/clue/ > > information please ? > > i loaded:http://mxr.mozilla.org/seamonkey/source/netwerk/ > and typed 'algorithm' into the search box > and pressed search > The logical match from the output was: > # line 635 -- nsCRT::strncasecmp(challenge+nameStart, "algorithm", 9) > == 0) > But I personally settled on giving you this > link:http://mxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsH... > > feel free to trace the code, but i believe you'll find that we just > plain don't support that algorithm. find/file a bug. In the meantime, I had time to investigate a little more and I found this comment here : http://mxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsHttpDigestAuth.cpp#251 "// we do not support auth-int "quality of protection" currently" and the challenge I receive has : qop="auth-int" so I guess this is part of the explanation. But maybe the algorithm isn't supported as well. But do I have to file a bug ? It looks like more a "feature request" rather than a bug ? Anyway, I'm gonna try to recompile Firefox with debug information enabled (unless there is already a debug version available somewhere, but I haven't found it) to see what kind of error message I get. Best regards, _______________________________________________ dev-tech-xpcom mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-xpcom
