Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upAuthentication request for all page resources behind nginx auth_basic #12095
Comments
|
How did you get the Servo version number? Is that the full output of |
|
Sorry I just used the nightly build (haven't tried building myself) and went with what the UI told me.
|
|
OK, version number is all good them; just wanted to confirm our nightlies were getting the git revision embedded. |
|
Our http auth cache is keyed on the precise URL; we might need to change that to the origin instead. |
|
same issue here with |
|
Let's change Code: |
|
Please make a comment here if you intend to work on this issue. Thank you! |
|
I'd like to try to tackle this issue |
|
@marinintim Please do! Ask questions if anything is unclear. |
|
I'm trying to tackle test infrastructure. @jdm, should I put new tests under tests/wpt/web-platform-tests/http/basic_auth.html? |
|
Sure! |
|
Sorry, didn't have the time to actually do something yet about this issue, and compiling is not an easy challenge on my underpowered machine. I hope to tackle it somewhere around this weekend. |
|
Thanks for letting us know! |
|
@marinintim Any progress, or should someone else take a shot at this? |
|
Unassigning due to inactivity. This issue is open for grabs! |
|
Seems pretty straight forward, I'd like to tackle this issue and get my feet wet with this code base. |
|
@gilbertw1 Please do! Ask questions if anything is unclear. |
|
@jdm: I've got this a fix for this issue completed, and I've tested + verified it against a remove server I setup running nginx. However, I am having a tough time figuring out where to get started on creating the reference test and the corresponding python handler. Could you point me to an existing test that uses a python handler (along with the handler location)? Thanks! |
|
The python handlers are invoked by any URL that references them, like in this test. That corresponds to this handler. |
|
Just submitted a PR for this issue, may have err'ed a little on the side of over explaining. Thanks for your help! |
Update basic auth cache to key off of origin instead of url This pull request's primary purpose is to store basic auth credentials based on the url origin instead of the entire url. This fixes an issue where servo continuously prompts the user for credentials any time a basic auth secured resource is requested even though the user has already entered auth credentials for a different resource from the same origin. The test associated with this PR hides image redirects behind a python handler that requires basic authentication. The reference page loads two images by directly specifying the image to load, while the test page loads the two images using the basic auth redirect handler with only the first image tag providing auth credentials. I'd like to point a few specific items for review: * url::Origin does not derive ```Hash```, so I am using ```ascii_serialization``` as the cache key. This seems like a stable enough representation. * I've updated the http loader to store credentials not only on Success responses, but Redirect responses as well. I stumbled on this because nginx was redirecting 'test' -> 'test/' in my testing, and other browsers were storing the credentials on the redirect response vs. prompting for credentials a second time. * In the test I'm using a timeout to load the second image (without authentication), otherwise the order that the images were loaded was unpredictable. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors related to these changes - [x] These changes fix #12095 (github issue number if applicable). <!-- Either: --> - [x] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/13281) <!-- Reviewable:end -->
When accessing a personal page set up w/ basic nginx authentication, the username and password prompts were displayed for all referenced site contents. This resulted in a barrage of prompts that don't stop despite providing the correct credentials for any given one.
It's also a little distracting to have separate prompts for username and password but understandably this isn't in scope for the issue at hand.
Servo 0.0.1
OSX 10.11.5 (15F34)