New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 607172 link

Starred by 2 users

Issue metadata

Status: WontFix
Owner:
Closed: Sep 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 2
Type: Bug



Sign in to add a comment

SPNEGO with Fetch doesn't work.

Reported by asaf...@gmail.com, Apr 27 2016

Issue description

UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.86 Safari/537.36

Steps to reproduce the problem:
1. fetch('http://my.domain.co:3000/api/protected')

What is the expected behavior?
Request should be sent with the 'authorization' header.

What went wrong?
Result is:

VM6764:1 GET http://my.domain.co:3000/api/protected 401 (Unauthorized)

Did this work before? N/A 

Chrome version: 50.0.2661.86  Channel: stable
OS Version: OS X 10.10.5
Flash Version: Shockwave Flash 21.0 r0

Please note, the same request using XMLHttpRequest works just fine.

Example:

var oReq = new XMLHttpRequest();
oReq.open('get', 'http://my.domain.co:3000/api/protected')
oReq.send()

response:
undefined

(Checking the network tab the request has the 'Authorization' token as expected)
 

Comment 1 by rsesek@chromium.org, Apr 27 2016

Components: Blink>Network>FetchAPI
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
This is not a security issue so removing from the queue.
Cc: yhirano@chromium.org
Labels: Needs-Feedback
Sorry for the delay. I can't load the page you provided. Can you make it work again?
Cc: rnimmagadda@chromium.org
Labels: -Needs-Feedback OS-Linux OS-Windows
Status: Untriaged (was: Unconfirmed)
Able to repro this issue on Windows 7, MAC (10.11.6) & Ubuntu Trusty (14.04) for Google Chrome Stable Version - 52.0.2743.116

This is a Non-Regression issue existing from M30 - # 30.0.1549.0
607172.mov
568 KB Download
>#3

It looks Chrome simply cannot access to the server in the movie. The reporter said the server returned 401 but I think it's not reproduced in the movie.


Owner: ricea@chromium.org
Status: Unconfirmed (was: Untriaged)
Reverting the status to Unconfirmed. I agree that the address in the original report is a fake one.

ricea, could you please try to reproduce this when you have time?

Comment 6 by ricea@chromium.org, Apr 19 2017

Labels: Needs-Feedback
I don't think we currently have enough information to do anything here.

If someone who can reproduce this issue could provide a trace as described in https://dev.chromium.org/for-testers/providing-network-details then we might be able to make progress.

Adding back Needs-Feedback label.

Comment 7 by ricea@chromium.org, Sep 7 2017

Status: WontFix (was: Unconfirmed)
We cannot reproduce without further information. Closing the issue.

Sign in to add a comment