RESOLVED INVALID 18682
Page not asking for authentication due to malformed WWW-Authenticate header 
https://bugs.webkit.org/show_bug.cgi?id=18682
Summary Page not asking for authentication due to malformed WWW-Authenticate header
Rob Das
Reported 2008-04-22 14:08:23 PDT
Not showing authentication, Firefox works for the page...
Attachments
Add attachment proposed patch, testcase, etc.
Mark Rowe (bdash)
Comment 1 2008-04-22 14:41:41 PDT
The headers the server returns are as follows: HTTP/1.1 401 Authorization Required Date: Tue, 22 Apr 2008 21:39:47 GMT Server: Apache/1.3.33 (Debian GNU/Linux) mod_perl/1.29 PHP/4.3.10-22 X-Powered-By: PHP/4.3.10-22 Set-Cookie: PHPSESSID=98f6cd1bf4b7ead42eeac5db5073533f; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache WWW-Authenticate: Basic realm=188044978 SECOND level: Enter your password. Transfer-Encoding: chunked Content-Type: text/html Of particular relevance is the WWW-Authenticate header, the value of which does not appear to follow the format outlined in the HTTP authentication specification (RFC 2617). In particular, the value of the "realm" key is expected to be a quoted string.
Mark Rowe (bdash)
Comment 2 2008-04-22 15:35:24 PDT
Parsing of WWW-Authenticate headers is handled by the network library that WebKit uses, which is CFNetwork on the Mac. The server really should not be sending malformed WWW-Authenticate headers in the first place, but it would be nice if CFNetwork would handle them more gracefully.
Mark Rowe (bdash)
Comment 3 2008-04-22 15:35:59 PDT
<rdar://problem/5881924>
Mark Rowe (bdash)
Comment 4 2008-04-22 15:36:51 PDT
Closing as INVALID to indicate that the problem is outside of WebKit.
Note You need to log in before you can comment on or make changes to this bug.