We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why doesn't FF doesn't present user/password dialog in response to 401?

  • 2 replies
  • 1 has this problem
  • 34 views
  • Last reply by pcm42

more options

We have an embedded web server which requires authentication for some pages (eg; firmware upload). We can't afford the footprint of SSL. We have been using Digest Authentication. This works for Opera and Chrome.

Wireshark capture available upon request

We have an embedded web server which requires authentication for some pages (eg; firmware upload). We can't afford the footprint of SSL. We have been using Digest Authentication. This works for Opera and Chrome. Wireshark capture available upon request

Chosen solution

Issue resolved.

After a server sends a 401 response, it closes the socket. The browser should prompt for the user/password, open a new socket, reissues the request with the new Authorization gathered from the prompt added to the header.

When my server was closing the socket (following the 401), I was using RST (no socket timeouts). Works fine for IE11, Safari, Chrome, Opera 57. Just failed for FF.

I modified my server to use a normal socket close. The user/password dialog now works as expected, and FF reissues the request as expected.

Thanks!

Read this answer in context 👍 0

All Replies (2)

more options

Hi,

there is a bugzilla that has been reopened and a solution that is brought


https://bugzilla.mozilla.org/show_bug.cgi?id=472823

I share the number for you to watch

more options

Chosen Solution

Issue resolved.

After a server sends a 401 response, it closes the socket. The browser should prompt for the user/password, open a new socket, reissues the request with the new Authorization gathered from the prompt added to the header.

When my server was closing the socket (following the 401), I was using RST (no socket timeouts). Works fine for IE11, Safari, Chrome, Opera 57. Just failed for FF.

I modified my server to use a normal socket close. The user/password dialog now works as expected, and FF reissues the request as expected.

Thanks!