Comment #16 on issue 8325 by w...@chromium.org: NTLM authentication to a proxy doesn't work if Privoxy sits in between http://code.google.com/p/chromium/issues/detail?id=8325
igitur: thanks a lot. Could you repeat what I asked you to do in comment 2 (but use build 11686)? I expect that chrome_debug.log should not contain any "Can't perform ntlm auth to the proxy http://localhost:8118/ over a non-keep-alive connection" message this time. Please remove the old chrome_debug.log before starting this experiment. So Privoxy sends these response headers: Connection: close Proxy-Connection: Keep-Alive The "Connection: close" header is injected by Privoxy, and that's what's causing this bug. Only the Connection header is in the HTTP RFC (2616); the Proxy-Connection header isn't in the HTTP RFC. This is why we consider Connection as authoritative when both Connection and Proxy-Connection are present. My experimental change in build 11686 does the opposite and considers Proxy-Connection as authoritative when both Connection and Proxy-Connection are present. Clearly we'd like to stay compliant to the HTTP RFC if we can. So, could you configure Privoxy to not inject the "Connection: close" header when your company proxy sends the 407 response that contains the NTLM authentication challenge? This is the proper way to resolve this issue. Do you know how to report a bug to Privoxy? We should talk to their developers about not injecting "Connection: close" in the middle of NTLM authentication. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---