Bug 297954 - rekonq/konqueror do not send http basic auth header on synchronous AJAX requests
Summary: rekonq/konqueror do not send http basic auth header on synchronous AJAX requests
Status: RESOLVED FIXED
Alias: None
Product: kdelibs
Classification: Frameworks and Libraries
Component: kdewebkit (show other bugs)
Version: 4.8
Platform: OpenSUSE Linux
: NOR normal (vote)
Target Milestone: ---
Assignee: webkit-devel
URL: http://niner.name/rekonq_ajax_basic_a...
Keywords:
Depends on:
Blocks:
 
Reported: 2012-04-12 09:29 UTC by nine
Modified: 2012-05-11 20:05 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In: 4.8.4


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description nine 2012-04-12 09:29:14 UTC
User-Agent:       Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.34 (KHTML, like Gecko) rekonq Safari/534.34
Build Identifier: 

When setting the third parameter of XMLHttpRequest.send to false to make the request synchronous, rekonq and konqueror with webkit engine do not send the  "Authorization" HTTP header to the server thereby failing to authenticate the request. It does work as expected for the default asynchronous requests.

Reproducible: Always

Steps to Reproduce:
1. go to http://niner.name/rekonq_ajax_basic_auth_bug/
2. login with user name "test" and password "test"
3. press the "sync request" button
Actual Results:  
an alert pops up with a "Fail: 401 Authorization Required" message

Expected Results:  
an alert pops up with a "Win" message like it does when pressing the "async request" button
Comment 1 Dawit Alemayehu 2012-04-19 03:40:06 UTC
This is a known issue. Unfortunately, there is no easy fix for it. Earlier attempt to fix bug# 231932, which would also solve this bug, resulted in the crash reported in bug# 287778. Hopefully, we can figure out how to address this problem without causing new regressions.

(In reply to comment #0)
> User-Agent:       Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.34 (KHTML,
> like Gecko) rekonq Safari/534.34
> Build Identifier: 
> 
> When setting the third parameter of XMLHttpRequest.send to false to make the
> request synchronous, rekonq and konqueror with webkit engine do not send the
> "Authorization" HTTP header to the server thereby failing to authenticate
> the request. It does work as expected for the default asynchronous requests.
> 
> Reproducible: Always
> 
> Steps to Reproduce:
> 1. go to http://niner.name/rekonq_ajax_basic_auth_bug/
> 2. login with user name "test" and password "test"
> 3. press the "sync request" button
> Actual Results:  
> an alert pops up with a "Fail: 401 Authorization Required" message
> 
> Expected Results:  
> an alert pops up with a "Win" message like it does when pressing the "async
> request" button
Comment 2 Dawit Alemayehu 2012-05-11 20:05:18 UTC
Git commit 2cf247f4ebdee44d0620e57f9cd17fa963b36b73 by Dawit Alemayehu.
Committed on 11/05/2012 at 19:35.
Pushed by adawit into branch 'KDE/4.8'.

Revert commit 462a06ea as it causes many regressions. Use KIO::synchronousRun
to fulfill synchrounous XmlHttpRequest instead.

Unofrtunately this means that the fix for the crash reported in bug# 287778
is reverted until we can find a solution for the side effects of using nested
event loops.
Related: bug 299590, bug 299710, bug 287778
FIXED-IN: 4.8.4

M  +63   -37   kio/kio/accessmanager.cpp
M  +1    -0    kio/kio/accessmanager.h
M  +126  -81   kio/kio/accessmanagerreply_p.cpp
M  +22   -8    kio/kio/accessmanagerreply_p.h

http://commits.kde.org/kdelibs/2cf247f4ebdee44d0620e57f9cd17fa963b36b73