본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Firefox removes the authentication header from request

more options

am seeing an issue in firefox on unix with accessing a web page which uses basic http authentication mechanism. It pops up for user id and password for basic authentication. When I enter the credentials and click submit the response received is 401 Unauthorized. Same webpage and authentication works in chrome browser on same system (so assuming no firewall issues). The Firefox and chrome is configured in a console where we test it. And both are requesting for the same host. I believe there is some configurations issue in Mozilla firefox that might be affecting it. Attaching the request and response for both.

Firefox version that has a problem : Mozila Firefox 78.4.0esr


Request and response in Chrome

Request

   GET /content/ HTTP/1.1

Host: 3.87.81.51 Connection: keep-alive Cache-Control: max-age=0 Authorization: Digest username="admin", realm="Power Xpert", nonce="16981e9013fd33c215fb54cfe5c8246b", uri="/content/", response="527760ce114bf839a9df342ba27ca352", qop=auth, nc=00000002, cnonce="572ab111183b3236" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9

Response -

HTTP/1.1 200 OK Content-Type: text/html ETag: "1471035255" Last-Modified: Mon, 23 Jun 2014 19:17:18 GMT Content-Length: 7452 Date: Wed, 09 Jun 2021 21:52:49 GMT Server: lighttpd/1.4.28-devel-59460


Request and response in Firefox

Request : GET /content/ HTTP/1.1 Host: 3.87.81.51 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en_us,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1

Response:

HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm="Power Xpert", nonce="3743c840c84a56d1e56be155dc3284c1", qop="auth" Content-Type: text/html Content-Length: 351 Date: Wed, 09 Jun 2021 21:57:57 GMT Server: lighttpd/1.4.28-devel-59460

The difference is :

Below Authentication header is missing in firefox.

Authorization: Digest username="admin", realm="Power Xpert", nonce="16981e9013fd33c215fb54cfe5c8246b", uri="/content/", response="527760ce114bf839a9df342ba27ca352", qop=auth, nc=00000002, cnonce="572ab111183b3236"

Some setting in firefox is making this. I am not sure which one. Please help on this. Thanks in advance.

am seeing an issue in firefox on unix with accessing a web page which uses basic http authentication mechanism. It pops up for user id and password for basic authentication. When I enter the credentials and click submit the response received is 401 Unauthorized. Same webpage and authentication works in chrome browser on same system (so assuming no firewall issues). The Firefox and chrome is configured in a console where we test it. And both are requesting for the same host. I believe there is some configurations issue in Mozilla firefox that might be affecting it. Attaching the request and response for both. Firefox version that has a problem : Mozila Firefox 78.4.0esr '''Request and response in Chrome''' ''Request GET /content/ HTTP/1.1 Host: 3.87.81.51 Connection: keep-alive Cache-Control: max-age=0 Authorization: Digest username="admin", realm="Power Xpert", nonce="16981e9013fd33c215fb54cfe5c8246b", uri="/content/", response="527760ce114bf839a9df342ba27ca352", qop=auth, nc=00000002, cnonce="572ab111183b3236" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Response - HTTP/1.1 200 OK Content-Type: text/html ETag: "1471035255" Last-Modified: Mon, 23 Jun 2014 19:17:18 GMT Content-Length: 7452 Date: Wed, 09 Jun 2021 21:52:49 GMT Server: lighttpd/1.4.28-devel-59460'' '''Request and response in Firefox''' ''Request : GET /content/ HTTP/1.1 Host: 3.87.81.51 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en_us,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Response: HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm="Power Xpert", nonce="3743c840c84a56d1e56be155dc3284c1", qop="auth" Content-Type: text/html Content-Length: 351 Date: Wed, 09 Jun 2021 21:57:57 GMT Server: lighttpd/1.4.28-devel-59460'' The difference is : Below Authentication header is missing in firefox. ''Authorization: Digest username="admin", realm="Power Xpert", nonce="16981e9013fd33c215fb54cfe5c8246b", uri="/content/", response="527760ce114bf839a9df342ba27ca352", qop=auth, nc=00000002, cnonce="572ab111183b3236"'' Some setting in firefox is making this. I am not sure which one. Please help on this. Thanks in advance.

모든 댓글 (5)

more options

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites

What do the security warning codes mean

more options

HI @FredMcD. I did check on all those security and firewall stuff. Still having the same issue. Is there anyway I can debug it . Like firefox logs or something

more options

Are you sure you're comparing apples to apples? The request/response look like the first request/response for Firefox -- plain request and WWW-Authenticate response -- and the second request/response -- Authorization header with the nonce from the previous WWW-Authenticate response -- for Chrome.

more options

There is an article on logging, but the logs are so verbose that I personally have trouble finding things in them!

https://firefox-source-docs.mozilla.org/networking/http/logging.html

more options

Thank you jscher2000 Both are the same request, accessing the same url. The Authorization header is missing in firefox even we fill the basic authentication form. I will try to check the logging if that helps.