Hi,
adding a custom `Authentication` request header is the right way to do
this. Not sure what you mean by "I want nsIHttpChannel to do all the
auth stuff" when it doesn't know it has to authenticate to the site. We
need a 401 response to produce and cache `Authentication` request
headers based on name+password credentials. If you were in C++ it would
not even be enough to precache the name/password using [1], because we
will not look it up until a 401.
-hb-
[1]
https://searchfox.org/mozilla-central/rev/250f5cc9fb8bdcbb6b23d2a06acfd48addb2f99b/netwerk/protocol/http/nsIHttpAuthManager.idl#99
On 2019-09-10 15:15, john.bieling--- via dev-platform wrote:
nsIHttpChannel is usually doing an unauthenticated request to a remote URL to
get the WWW-Authentication header from the 401 response and then pick one of
the allowed methods to authenticate.
I am running into an issue, where the server is not returning a 401 but
actually returns a result for anonymous access (even though the URL points to a
/user/xy/ resource).
What is the strategy to enforce authentication? I do not want to manually add a
Basic Auth header, as I want nsIHttpChannel to do all the auth stuff.
What can I do?
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform