Bug 462182

Summary: HTTP access retries immediately and indefinitely when received proxy authentication required (407)
Product: [Frameworks and Libraries] frameworks-kio Reporter: Luiz Angelo De Luca <luizluca>
Component: HTTPAssignee: KIO Bugs <kio-bugs-null>
Status: REPORTED ---    
Severity: major CC: kdelibs-bugs-null, nate
Priority: NOR    
Version First Reported In: 5.100.0   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Luiz Angelo De Luca 2022-11-23 22:08:53 UTC 
Some KDE apps/services like geolocation (location.services.mozilla.org) and discovery does not deal with HTTP Code 407 correctly. They simply retries on and on the same connection immediately after it gets 407. The frequency is so high that it generates dozens of gigabytes of logs. It should, at least, wait a couple of seconds. 

In my site, the proxy authentication uses kerberos, but NTLM and basic are still valid options. The issue is that the moment the failed sw runs, it might not be a valid TGT. Normally you can stop the "DoS attack" signing out/in KDE.

It happens with different KDE apps and maybe it is a QT bug (I also saw that behavior with OpenSUSE welcome app).

STEPS TO REPRODUCE
1. Configure a proxy that requires authentication
2. Configure KDE to use it (without offering the credentials)
3. Use some affected apps.

OBSERVED RESULT
 4. a wave of failed authentications

EXPECTED RESULT
4. some failed authentications but with a much lower frequency

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: OpenSUSE Tumbleweed 20221120
KDE Plasma Version: 5.26.3
KDE Frameworks Version: 5.100.0
Qt Version: 5.15.7

ADDITIONAL INFORMATION