New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP Digest intermittent log-in pop-up #16
Comments
It seems I can fix it by keeping a cache of all used nonces, but that seems like an enormous memory leak to me. If I change e.g. the elements of the this.nonces[] array to be "arrays of co.nc" instead of just the "last" nonce count then I don't get the problem even when the browser passes out-of-order nonces. |
Thanks for reporting I will reproduce issue and let you know. Gevorg. |
I have fixed the issue, by adding STALE option. Fix is committed to git and published to npm with 1.2.2 version. Gevorg. |
Thanks. Will test it immediately! |
It works perfectly :-) The occasional 401 I now see doesn't cause browsers to pop up a dialog box. Sweet! |
I'm not 100% sure but sometimes, with server and client on the same machine, I get log-in dialog boxes. I traced the problem (possibly) to out-of-order nonces when requests were fired by the browser in quick succession (simply an HTML page with elements).
I can trigger the problem by having a web page and associated images (3 images is enough to trigger it) that are digest protected, and using a browser to access the web page.
If I add latency of 100ms or so between the new requests (using javascript), then all requests work fine.
I'm not sure if this is really the case (out-of-order nonces) since I've seen seeminlgy in-order nonces (from the browser's point of view) fail. When I add a console.log of req.header.authorization, I see that when the nc are in-order, everything is good, and that when the nc are out-of-order, I get the 401 login prompt.
The text was updated successfully, but these errors were encountered: