| Summary: | Drag&Drop fails for URL requiring Kerberos authentication | ||
|---|---|---|---|
| Product: | [Plasma] plasmashell | Reporter: | atorlee |
| Component: | desktop:/ IOWorker | Assignee: | Plasma Bugs List <plasma-bugs-null> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | jmozdzen, nate |
| Priority: | NOR | ||
| Version First Reported In: | 5.27.9 | ||
| Target Milestone: | 1.0 | ||
| Platform: | openSUSE | ||
| OS: | Linux | ||
| Latest Commit: | https://invent.kde.org/frameworks/kio/-/commit/a6e17505531790b2be9338aedee4e3a47abd3ce9 | Version Fixed/Implemented In: | |
| Sentry Crash Report: | |||
Any ideas, anyone? Or is there more information needed? @devs: Is this a code area that had been reworked for KDE6, so that testing this scenario with KDE6 instead of KDE5 is expected to show a change in behavior? A test with KDE/Plasma 6 shows similar behaviour: Drag&Drop to Dolphin works, whereas Drag&Drop to desktop (plasmashell) leads to an endlessly spinning activity indicator. Difference to plasma 5: with plasma 6 Drag&Drop to desktop does not work even after Drag&Drop to Dolphin. (In reply to atorlee from comment #3) > A test with KDE/Plasma 6 shows similar behaviour: Drag&Drop to Dolphin > works, whereas Drag&Drop to desktop (plasmashell) leads to an endlessly > spinning activity indicator. Difference to plasma 5: with plasma 6 Drag&Drop > to desktop does not work even after Drag&Drop to Dolphin. Forgot to mention: we ran our tests with Plasma 6.2.1. A possibly relevant merge request was started @ https://invent.kde.org/frameworks/kio/-/merge_requests/2065 Git commit a6e17505531790b2be9338aedee4e3a47abd3ce9 by Méven Car, on behalf of Kai Uwe Broulik. Committed on 27/11/2025 at 12:23. Pushed by meven into branch 'master'. http: Use operation with known verb, if applicable In Qt, HeadOperation (created using head()) does not behave identical to a CustomOperation with verb "HEAD". While a proper HeadOperation knows when not to expect any content, a custom request with verb "HEAD" can get stuck waiting for content indefinitely. This can for example happen when the server requests authentication. Custom operations are also never cached. See https://codereview.qt-project.org/c/qt/qtbase/+/666393 but this is only in dev, so it makes sense to address this downstream for now. This work was sponsored by the government of Schleswig-Holstein, under the assistence of Dataport. M +25 -2 autotests/http/authtest.cpp M +3 -1 autotests/http/httpserver.py M +26 -1 src/kioworkers/http/http.cpp https://invent.kde.org/frameworks/kio/-/commit/a6e17505531790b2be9338aedee4e3a47abd3ce9 |
SUMMARY Drag&Drop to desktop (plasmashell) does not work for URL requiring Kerberos authentication (activity indicator spinning endlessly). Drag&Drop to Dolphin of the same URL works (file successfully downloaded to Dolphin). Drag&Drop to desktop (plasmashell) does work for the same URL, when Drag&Drop to Dolphin was done first. STEPS TO REPRODUCE 1. Open application offering Drag&Drop of file URL, where http server requires Kerberos authentication 2. Drag file URL from application to desktop 3. Activity indicator is spinning endlessly 4. restart plasmashell 5. Drag file URL from application to Dolphin (works: file is downloaded to Dolphin) 6. Drag file URL from application to desktop (works: file is downloaded to desktop) OBSERVED RESULT initial Drag&Drop from application to desktop never finishes EXPECTED RESULT initial Drag&Drop from application to desktop downloads file to desktop SOFTWARE/OS VERSIONS Operating System: SLED 15.5 KDE Plasma Version: 5.27.9 KDE Frameworks Version: 5.103.0 Qt Version: 5.15.8 Kernel Version: 5.14.21-150500.55.68-default (64-bit) Graphics Platform: offscreen Processors: 8 × AMD Ryzen 3 PRO 5450U with Radeon Graphics Memory: 14.9 GiB of RAM Graphics Processor: AMD Radeon Graphics ADDITIONAL INFORMATION kio debug log of initial Drag&Drop from application to plasmashell: --- cut here --- Arrived mimeData (QUrl("https://www.customer.com/someapp/webdav/672/Dummy.txt")) ("text/plain", "_NETSCAPE_URL", "text/uri-list", "chromium/x-renderer-taint", "chromium/x-web-custom-data") at 1465 , 1637 kf.kio.workers.http: kf.kio.workers.http: Hostname is now: "www.customer.com" ( "www.customer.com" ) kf.kio.workers.http: QUrl("https://www.customer.com/someapp/webdav/672/Dummy.txt") kf.kio.workers.http: QUrl("https://www.customer.com/someapp/webdav/672/Dummy.txt") kf.kio.workers.http: Window Id = "" kf.kio.workers.http: ssl_was_in_use = "" kf.kio.workers.http: kf.kio.workers.http: kf.kio.workers.http: kf.kio.workers.http: kf.kio.workers.http: Proxy URLs: () kf.kio.workers.http: TCP_NODELAY: QVariant(int, 0) kf.kio.workers.http: ============ Sending Header: kf.kio.workers.http: "HEAD /someapp/webdav/672/Dummy.txt HTTP/1.1" kf.kio.workers.http: "Host: www.customer.com" kf.kio.workers.http: "Connection: keep-alive" kf.kio.workers.http: "User-Agent: Mozilla/5.0 (X11; Linux x86_64) KIO/5.103 plasmashell/5.27.9" kf.kio.workers.http: "Accept: text/html, text/*;q=0.9, image/jpeg;q=0.9, image/png;q=0.9, image/*;q=0.9, */*;q=0.8" kf.kio.workers.http: "Accept-Encoding: gzip, deflate, x-gzip, x-deflate" kf.kio.workers.http: "Accept-Charset: utf-8,*;q=0.5" kf.kio.workers.http: "Accept-Language: de-DE,de;q=0.9,de-Latn-DE;q=0.8,en;q=0.7" kf.kio.workers.http: sent it! kf.kio.workers.http: kf.kio.workers.http: ============ Received Status Response: kf.kio.workers.http: "HTTP/1.1 401" kf.kio.workers.http: QUrl("https://www.customer.com/someapp/webdav/672/Dummy.txt") response code: 401 previous response code: 0 kf.kio.workers.http: wasAuthError= false isAuthError= true sameAuthError= false kf.kio.workers.http: -- full response: "HTTP/1.1 401 \r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nSet-Cookie: JSESSIONID-xxxxxxxxxxxxxxxxxx; Path=/someapp; HttpOnly\r\nWWW-Authenticate: Negotiate\r\nConnection: Keep-Alive, keep-alive\r\nRefresh: 0; url=https://www.customer.com:443/someapp\r\nTransfer-Encoding: chunked\r\nDate: Sun, 25 Aug 2024 18:40:37 GMT\r\nKeep-Alive: timeout=20\r\nServer: Apache\r\nStrict-Transport-Security: max-age=31536000" kf.kio.workers.http: Trying authentication scheme: "Negotiate" kf.kio.workers.http: isError= false needCredentials= false forceKeepAlive= false forceDisconnect= false kf.kio.workers.http: Previous Response: 0 kf.kio.workers.http: Current Response: 401 kf.kio.workers.http: keepAlive = true kf.kio.workers.http: kf.kio.workers.http: keep alive ( 20 ) kf.kio.workers.http: "" kf.kio.workers.http: kf.kio.workers.http: --- cut here --- kio debug log of initial Drag&Drop from application to Dolphin looks the same (401), followed by: --- cut here --- kf.kio.workers.http: ============ Sending Header: kf.kio.workers.http: "GET /someapp/webdav/672/Dummy.txt HTTP/1.1" kf.kio.workers.http: "Host: www.customer.com" kf.kio.workers.http: "Connection: keep-alive" kf.kio.workers.http: "User-Agent: Mozilla/5.0 (X11; Linux x86_64) KIO/5.103 dolphin/22.12.3" kf.kio.workers.http: "Accept: text/html, text/*;q=0.9, image/jpeg;q=0.9, image/png;q=0.9, image/*;q=0.9, */*;q=0.8" kf.kio.workers.http: "Accept-Charset: utf-8,*;q=0.5" kf.kio.workers.http: "Accept-Language: de-DE,de;q=0.9,de-Latn-DE;q=0.8,en;q=0.7" kf.kio.workers.http: "Cookie: JSESSIONID-xxxxxxxxxxxxxxxxxx" kf.kio.workers.http: "Authorization: Negotiate xxx-redacted-xxx" kf.kio.workers.http: sent it! kf.kio.workers.http: kf.kio.workers.http: ============ Received Status Response: kf.kio.workers.http: "HTTP/1.1 200" --- cut here --- Once Dolphin has negotiated Kerberos credentials with the server, Drag&Drop to desktop works as well.