|Summary:||[BlackBerry] WWW-Authenticate header on 200 response pops up authentication dialog|
|Product:||WebKit||Reporter:||Liam Quinn <lquinn>|
|Component:||WebKit BlackBerry||Assignee:||Nobody <webkit-unassigned>|
|Severity:||Normal||CC:||ap, staikos, tonikitoo, webkit.review.bot|
|Version:||528+ (Nightly build)|
Description Liam Quinn 2012-05-04 10:52:52 PDT
If a Web site includes a WWW-Authenticate header on a 200 response, BlackBerry pops up an authentication dialog. Other browsers (Firefox/Chrome/Opera) ignore the WWW-Authenticate header on anything other than a 401 response. This was reported by a user visiting http://www.onstar.com, which oddly provides WWW-Authenticate headers on its 301 and 200 responses.
Comment 2 Rob Buis 2012-05-04 14:41:51 PDT
Comment on attachment 140326 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=140326&action=review > Source/WebCore/ChangeLog:11 > + Reviewed by NOBODY (OOPS!). This ChangeLog is not of the correct format. The Reviewed by line should be at the line where "Patch by" is, and I am not sure "Patch by" is needed since you are stated as author in the first line. > ChangeLog:11 > + Reviewed by NOBODY (OOPS!). Ditto.
Comment 4 Alexey Proskuryakov 2012-05-04 15:42:31 PDT
Why is this a manual test? On at least some platforms, DumpRenderTree/WebKitTestRunner dumps authentication delegate calls, and should be able to test automatically. Also, the test doesn't look platform specific.
Comment 5 George Staikos 2012-05-07 07:24:36 PDT
Comment on attachment 140331 [details] Patch Ok for me. May want to add an automated testcase later if there is a way. I'm not familiar enough to know if we have a way to automatically test this one.
Comment 6 George Staikos 2012-05-07 07:26:16 PDT
(In reply to comment #4) > Why is this a manual test? On at least some platforms, DumpRenderTree/WebKitTestRunner dumps authentication delegate calls, and should be able to test automatically. > > Also, the test doesn't look platform specific. Oops I missed this comment. So we could add a new test that is platform-independent and automated. I think we'll need some help from someone who has done this before. The fix, however, is platform-specific and seems correct.
Comment 7 WebKit Review Bot 2012-05-07 07:31:48 PDT
Comment on attachment 140331 [details] Patch Clearing flags on attachment: 140331 Committed r116308: <http://trac.webkit.org/changeset/116308>
Comment 8 WebKit Review Bot 2012-05-07 07:32:00 PDT
All reviewed patches have been landed. Closing bug.