Issue 3091001: Revert 54528 - Digest authentication uses a uri field to prevent replay attac...

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 3091001: Revert 54528 - Digest authentication uses a uri field to prevent replay attac... (Closed)

Created:
10 years, 4 months ago by ncarter (slow)

Modified:
9 years, 7 months ago

Reviewers:
cbentzel

CC:
chromium-reviews, cbentzel+watch_chromium.org, darin-cc_chromium.org, Paweł Hajdan Jr.

Base URL:
svn://svn.chromium.org/chrome/trunk/src/

Visibility:
Public.

Description

Revert 54528 - Digest authentication uses a uri field to prevent replay attacks. [Reason for revert: we want to revert r54505, this was a dependent change. cbentzel agrees to reland.] When authenticating to an HTTP proxy to establish a secure tunnel (via CONNECT), the uri should be the hostname of the server and the destination port, such as "www.example.com:443". When authenticating to an HTTP proxy for a non-secure content, the uri should be the path at the server, i.e. "/index.html". If the site we are trying to connect to previously advertised "Alternate-Protocol: 443:spdy-npn/1" a request to "http://www.example.com" will be attempted on a secure port. However, the URL passed into the digest authenticator was an unsecure one, and it decided to have a uri in the form "/index.html" rather than the correct "www.example.com:443". This causes persistent failure with the password and many password prompts. BUG=49865, 50822 TEST=Run with --use-spdy=npn, force connection through a digest authenticating proxy, and browse a site which advertises Alternate-Protocol through http URLs. Review URL: http://codereview.chromium.org/3028021 TBR=cbentzel@chromium.org Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=54614

Patch Set 1 #

Created: 10 years, 4 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+13 lines, -200 lines)			Patch
M	net/http/http_auth_handler_mock.h	View	4 chunks	+2 lines, -13 lines	0 comments	Download
M	net/http/http_auth_handler_mock.cc	View	4 chunks	+1 line, -15 lines	0 comments	Download
M	net/http/http_network_transaction.cc	View	3 chunks	+10 lines, -29 lines	0 comments	Download
M	net/http/http_network_transaction_unittest.cc	View	1 chunk	+0 lines, -142 lines	0 comments	Download
M	net/socket/socket_test_util.cc	View	1 chunk	+0 lines, -1 line	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

LGTM

Expand Messages | Collapse Messages