On Tue, 06 Oct 2009 23:25:35 +0200, Henrik Nordstrom
<henrik_at_henriknordstrom.net> wrote:
> ons 2009-10-07 klockan 10:06 +1300 skrev Amos Jeffries:
>
>> Firefox-3.x wil happyily popup the ftp:// auth dialog if the proxy-auth
>> header is sent.
>> There were a few bugs which got fixed in the 3.1 re-writes and made
squid
>> start to send it properly. It's broken in 3.0, not sure if its the same
>> in
>> 2.x but would assume so. The fixes done rely on C++ objects so wont be
>> easy
>> to port.
>
> In what ways is 3.0 broken?
>
> The visible changes I see is that 3.1 only prompts if required by the
> FTP server, and that the realm for some reason is changed to also
> include the requested server name. 401 basic auth realms are implicit
> unique to each servername. (digest auth is a little fuzzier as it may
> apply to more domains/servers)
3.0 uses a generic fail() mechanism to send results back. That mechanism
seems not to add the Proxy-Auth reply header at all. 3.0 also was only
parsing the URL and config file. Popup re-sends contain the auth in headers
not URL.
3.1 changed that to an explicit error page+headers generation, and also
includes a slightly corrected login parse (you helped get that right). Also
altered the login parser to notice the Proxy-Auth request header when sent.
FYI: the patches in 3.1 are (in order, since the heavily overlap):
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9584.patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9627.patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9694.patch
Amos
Received on Wed Oct 07 2009 - 00:10:03 MDT
This archive was generated by hypermail 2.2.0 : Wed Oct 07 2009 - 12:00:03 MDT