New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 746773 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 731618
Owner: ----
Closed: Jul 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Dropped support for embedded credentials in subresource requests breaks basic auth relative links

Reported by sdr...@gmail.com, Jul 20 2017

Issue description

Chrome Version       : 59.0.3071.115
URLs (if applicable) :
Other browsers tested:
  Add OK or FAIL, along with the version, after other browsers where you
have tested this issue:
     Safari: 
    Firefox: OK
         IE: OK

What steps will reproduce the problem?
(1) Open any page behind basic authentication (eg: admin panels), which includes relatively linked resources (eg /admin  -> /static/admin.css )

What is the expected result?
Site renders, and all embedded resources are downloaded with it correctly

What happens instead?
"Subresource requests whose URLs contain embedded credentials (e.g. `https://user:pass@host/`) are blocked. See https://www.chromestatus.com/feature/5669008342777856 for more details."  <- error message in console; the admin.css is blocked

Please provide any additional information below. Attach a screenshot if
possible.

I understand the intention behind https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/lx-U_JR2BF0  . We have no problem with removing support for _hardcoded credentials_. Removing support to use relative links in basic auth admin panels, however, breaks all of our admin panels. We can't switch to absolute URLs, as the subdomain (eg "staging.example.com" , "www.example.com") selects between dev / staging / live environment.

This is critical for our company, and if breaking change remains as-is, we must switch to Firefox.

 

Comment 1 by mkwst@chromium.org, Jul 20 2017

Mergedinto: 731618
Status: Duplicate (was: Unconfirmed)
Yup. This is a bug in 59 that's fixed in dev channel. Duping against issue 731618.

Sign in to add a comment