Normally you can login to sites that require HTTP basic authentication by passing the username and password in the URL, e.g.:
http://myusername:myuserpassword#mydomain.com/mypath
On my Linux machine, I could access this website without problems with my Konqueror browser as well as with my Opera browser. But with Firefox it doesn't work? It always displays the "Authentication Required" dialog window?
Any ideas why it would work with the other browsers but not with Firefox?
Peter
I got it now, the problem was that FF makes a distinction between
http://myusername:myuserpassword#mydomain.com/mypath
and
http://myusername:myuserpassword#mydomain.com/mypath/
Notice the "/" at the end of the URL. With the first URL login doesn't work, with the second URL it works now.
Which version of firefox are you using?
I just tried it and I get You are about to log in to the site "example.com" with the username "myusername".
If I click on 'ok', I log on perfectly... This is using Firefox 3.6.3 on Ubuntu 10.04
It does display the "Authentication Required" window if the password is wrong though, which is normal...
Related
When I load http://localhost:3000 in Safari, Safari automatically redirects to https://localhost:3000. How can I disable this functionality?
I went into ~/Library/Cookies/HSTS.plist and removed the localhost entry, then restarted Safari but it just re-added it to that plist file and redirected to https.
Any ideas how to fix this so that on localhost I have to explicitly say http or https?
I was able to solve this based on an answer from Ask Different.
In short, closing Safari, then running the commands below, worked.
sudo killall nsurlstoraged
rm -f ~/Library/Cookies/HSTS.plist
launchctl start /System/Library/LaunchAgents/com.apple.nsurlstoraged.plist
Restarting Safari after running that and trying to go to http://localhost:3000 solved the problem and did not redirect to to https.
Hopefully this helps someone fix this problem.
In Safari 13.0.5, deleting website data for localhost (Safari > Preferences > Privacy > Manage Website Data...) solves the problem.
This also happens if the Content Security Policy "upgrade-insecure-requests" is set. There is an open issue here: https://github.com/github/secure_headers/issues/348
You can try
deleting website data for localhost (Safari > Preferences > Privacy > Manage Website Data...)
After that close browser and try it.
If cannot you can try make different port 80 after back port 80 for localhost
After following the fix by Charlie with no luck, what worked for me was running a private window. and after a restart, everything seemed fine on both private and public tabs.
It's possible to use http://127.0.0.1:3000 instead. Or your local computer name.
For example: http://andis-mac-5.local:3000.
You can determine the local computer name from system preferences - Share - Edit:
First of all lets confirm why it is going to HTTPS.
In Developer Tools is it showing a 301 or 302 redirect?
If so it's your web server saying to go to HTTPS. Fix your web server config.
Or is it a 307 redirect which indicates HSTS?
To be perfectly honest I'm not sure if Safari shows this as a 307 (a fake internal redirect to represent HSTS), so it might just go there without showing this, but Chrome does show this.
If so, then deleting that file and restarting should solve that. However can you confirm if the HTTPS site is returning a strict-transport-security HTTP Header? If so then it will just set that next time you happen to go to HTTPS (including if your page loads and image over HTTPS). Can you remove that header? Or better yet, publish it with a max-age of 0 so it removes it from the HSTS browser cache without having to figure out which file it's in or if Safari have moved it from ~/Library/Cookies/HSTS.plist
For my ASP.NET website, we are passing parameters in URL
e.g.: www.example.com/?parametername=parametervalue&utm_parameter=value2
In my code I'm trying to access this using
context.Request.Querystring["parametername"]
This works fine for firefox(normal and private mode), IE and chrome(only incognito mode).
For normal mode in chrome its not capturing the querystring parameters. Moreover this is happening only to few people while it works for rest of the team even in chrome.
Is there any setting in chrome browser that could have caused this?
Incase any one comes across such a problem you can use the app Fiddler. This helps in capturing and showing all detailed information about the url and its cookies set by web clients.
This helped me in identifying that problem was on my server side and not something that chrome was doing. Hope this helps someone.
this is my first question on SO, so I hope I will formulate it well.
Simply put, I have a firebase-hosted app reachable at http://campanelly.firebaseapp.com
It is still in development stage, so it does not work completely. What does work on most browser EXCEPT IE10 on windows phone is the facebook login. The facebook popup correctly show up, I put username and password, the popup closes, but the FirebaseSimpleLogin object returns an error in the auth callback. I inspected the object with dev tools and it's an unknown error. this is the stacktrace:
Error: FirebaseSimpleLogin: An unknown error occurred.
at Error (native)
at Object.fb.simplelogin.Errors.format (https://cdn.firebase.com/js/simple-login/1.3.2/firebase-simple-login.js:33:294)
at Object.fb.simplelogin.Errors.get (https://cdn.firebase.com/js/simple-login/1.3.2/firebase-simple-login.js:33:429)
at fb.simplelogin.transports.XHR_.formatError_ (https://cdn.firebase.com/js/simple-login/1.3.2/firebase-simple-login.js:94:317)
at XMLHttpRequest.fb.simplelogin.transports.XHR_.open.f.onreadystatechange (https://cdn.firebase.com/js/simple-login/1.3.2/firebase-simple-login.js:92:407)
This problem only shows itself with IE10 on Windows Phone. If you need to reproduce the issue, you can use IE11 Desktop and emulate windows phone and ie10, or Google Canary, which has a device emulation feature.
If you think I left out important details or asked an unclear question, please do tell.
Thanks in advance
P.S. I wanted to contact Firebase support, but on the Contact us page they advice to use SO and put the firebase tag, so, here I am.
Im trying to use the DotNetOpenAuth library for openid authentication.
I have used the default project template that they provide and have successfully run the setup.aspx.
Now the problem is that when i get redirected from myopenid site back to my site, i get a javascript error[object error] in LoginFrame.aspx and the window closes.
Is it because i am working on localhost (cassini server) although i have white listed localhost in the web.config.
I need help to get this working.
Thanks in advance.
If you are using IE, yes it may just be because you're using localhost. IE has a bug where redirects across zones screws up the javascripts. Try a different browser than IE when using localhost to see if that works for you. Once you go live, try IE again and it should work.
I can't figure out if this is a bug in Firefox or an anomaly with the website as it only seems to occur through a specific sequence.
TLDR steps below
If you visit the main page (link below) and then click on the quotes link it will send you to a page called quoteconfig.aspx which checks for javascript and then redirects you if it's enabled otherwise it gives you a warning. After the automatic redirect Firefox shows a SSL warning about "Connection Partially Encrypted" (see the icon on the statusbar). However, if you click the sign in or my account links, which do not perform a javascript redirect, there's no SSL warning. Also, upon refreshing the page or browsing to another page then clicking the quotes links again the SSL warning goes away.
I've run Fiddler and Windows Network Monitor and verified that all links on the page are https://. It works fine on IE 7&8, Safari, Opera, and Chrome.
What else could it be?
steps:
visit the url below using Firefox
(tested on 3.0.5)
click on the quotes link
observe the SSL warning in the
statusbar
site link
It looks like the window.location = "quote.aspx" might be the culprit. On my browser, at least, it is redirecting to the http version of the page, not https. Then the http redirects to the https straight away with a 302.