New issue
Advanced search Search tips

Issue 836824 link

Starred by 3 users

Issue metadata

Status: Duplicate
Merged: issue 840176
Owner:
Closed: May 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

HTTP Basic Auth on Embedded Script Causes Redirect after Authing

Reported by bradley....@gmail.com, Apr 25 2018

Issue description

UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Steps to reproduce the problem:
1. Open the attached auth-bug.html file
2. Enter credentials into the auth dialog (postman / password)

What is the expected behavior?
The auth-html.html page's contents should be displayed.

What went wrong?
The browser redirects to the included script that prompted the auth dialog (https://postman-echo.com/basic-auth)

Did this work before? Yes 65

Does this work in other browsers? Yes

Chrome version: 66.0.3359.117  Channel: stable
OS Version: OS X 10.13.3
Flash Version: 

Once you've authed once, returning to the page loads it as expected. So to reproduce the error multiple times you should use incognito mode.

We're running into this bug because our staging server's script files are served through our CDN with basic auth. On first pageload we're getting redirected to the script.js file instead of seeing the page we're trying to load.

This worked as expected prior to v66.
 
auth-bug.html
354 bytes View Download
Labels: Needs-Bisect Needs-Triage-M66
Cc: phanindra.mandapaka@chromium.org
Labels: -Needs-Bisect hasbisect-per-revision ReleaseBlock-Stable Target-67 Triaged-ET Target-66 M-66 FoundIn-66 FoundIn-67 FoundIn-68 RegressedIn-66 Target-68 OS-Linux OS-Windows
Owner: chengx@chromium.org
Status: Assigned (was: Unconfirmed)
Able to reproduce the issue on reported version 66.0.3359.117 & on latest chrome 68.0.3406.0 using Ubuntu 14.04, Windows 10 and Mac OS 10.13. 

Below is the Bisect Info:
================
Good build: 66.0.3357.0
Bad build: 66.0.3358.0

You are probably looking for a change made after 539864 (known good), but no later than 539865 (first known bad).

CHANGELOG URL:
https://chromium.googlesource.com/chromium/src/+log/5ad48177e1359d9ba6410f1ece0f4f238f41da84..589d075450daa42c4f5b52f13100d3baa6ebc4b2

suspect: https://chromium.googlesource.com/chromium/src/+/589d075450daa42c4f5b52f13100d3baa6ebc4b2

@chengx: Please confirm the issue and help in re-assigning if it is not related to your change.

Note: adding RB-Stable as this seems to be recent regression please remove if not applicable.

Thanks!

Comment 3 by chengx@chromium.org, Apr 26 2018

Owner: ----
Status: Available (was: Assigned)
My change is to revert a crashpad update, which cannot the cause for sure.

Comment 4 by gov...@chromium.org, Apr 26 2018

Labels: M-67
*** Bulk Edit ***
M67 Stable promotion is coming soon. Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and request a merge into the release branch ASAP. 

If fix is already merged to M67 and nothing else is pending, pls mark the bug as fixed. Thank you.
*** Bulk Edit ***
M67 Stable promotion is coming VERY soon. Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and request a merge into the release branch ASAP. 

If fix is already merged to M67 and nothing else is pending, pls mark the bug as fixed. Thank you.

Comment 7 by gov...@chromium.org, May 10 2018

*** Bulk Edit ***
M67 Stable promotion is coming VERY soon. Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and request a merge into the release branch ASAP. 

If fix is already merged to M67 and nothing else is pending, pls mark the bug as fixed. Thank you.

Comment 8 by gov...@chromium.org, May 14 2018

Labels: -M-67 M-68
As this is regressed in M66 stable and we're very close to M67 stable promotion,  we are not considering this as M67 Stable blocker. Moving to M-68. Pls let us know ASAP if there is any concern here. Thank you.

Comment 9 by gov...@chromium.org, May 15 2018

Labels: -Target-67
Cc: ligim...@chromium.org ajha@chromium.org
Labels: -hasbisect-per-revision Needs-Bisect
Status: Unconfirmed (was: Available)
Please retriage.
Labels: -Pri-2 -Needs-Bisect -M-68 -FoundIn-67 -FoundIn-68 -Target-68 hasbisect-per-revision Pri-1
Owner: juncai@chromium.org
Status: Assigned (was: Unconfirmed)
Re bisected to identify the CL that broke this, manual good and bad same as C#2 and bellow is the perrevision bisect result:

CHANGELOG URL:
https://chromium.googlesource.com/chromium/src/+log/ead4271f098dd2038ec8514f1bf9b59f83b0774b..bc561f417634ce7326816b5167476003386e947b

Suspect: https://chromium.googlesource.com/chromium/src/+/bc561f417634ce7326816b5167476003386e947b

Reviewed-on: https://chromium-review.googlesource.com/938960

@juncai: Please confirm the issue and help in re-assigning if it is not related to your change.


Note:The issue looks already fixed in canary 68.0.3432.0 and latest M-67(67.0.3396.48) 

Thanks!
Labels: M-68 Target-68
Labels: Target-67 M-67
Adding back M-67 per comment #11 just in case if there is a safe merge to take it in. 
Labels: -ReleaseBlock-Stable
Mergedinto: 840176
Status: Duplicate (was: Assigned)
This issue is a duplicate of  issue 840176 , and was fixed on master branch and merged to M67.

Sign in to add a comment