Spletno mesto bo delovalo z omejenimi zmožnostmi, medtem ko na njem izvajamo vzdrževalna dela za vas. Če članki ne rešijo vaše težave in želite zastaviti vprašanje, naša skupnost za podporo čaka na vas na @FirefoxSupport na Twitterju in na /r/firefox na Redditu.

Iskanje po podpori

Izogibajte se prevarantski tehnični podpori. Nikoli vam ne bomo naročili, da pokličete telefonsko številko ali nam pošljete osebne podatke. Sumljivo dejavnost prijavite z gumbom »Prijavi zlorabo«.

Več o tem

Firefox 76 doesn't always resend the POST request body after Kerberos authentication

more options

I develop for an intranet application at work. It is based on ASP.NET Webforms. The production servers have IIS 7 with persistent authentication disabled (Persist-Auth: false), which means that the browser should re-authenticate on every request. For a POST request (full PostBack) with a large enough body, Firefox does not resend the request body anymore as of Firefox 76 (worked with previous versions). I have verified this in Fiddler. Other browsers do not have this issue. This breaks the website because the ViewState is not being sent.

Expected compliant behavior (Chrome does it like this):

  1. Browser sends the request (without authorization header)
  2. Server responds with 401
  3. Browser resends the same complete request, with authorization header
  4. Server responds with 200 + content

Incorrect behaviour in Firefox 76:

  1. Browser sends the request (without authorization header)
  2. Server responds with 401
  3. Browser resends the request with an empty body, with authorization header
  4. Server waits for the body but does not receive it, and the request gets cancelled after 2 minutes. Eventually, the browser displays a 401 Not Authorized error, but with Fiddler running I can see a 408 error with the text: "The request body did not contain the specified number of bytes. Got 0, expected xxx."

Just for fun, this is the non-compliant behavior in IE11 that actually works, unlike Firefox:

  1. Browser sends the request with the authorization header from the previous GET request
  2. Server responds with 200 + content
I develop for an intranet application at work. It is based on ASP.NET Webforms. The production servers have IIS 7 with persistent authentication disabled (Persist-Auth: false), which means that the browser should re-authenticate on every request. For a POST request (full PostBack) with a large enough body, Firefox does not resend the request body anymore as of Firefox 76 (worked with previous versions). I have verified this in Fiddler. Other browsers do not have this issue. This breaks the website because the ViewState is not being sent. Expected compliant behavior (Chrome does it like this): # Browser sends the request (without authorization header) # Server responds with 401 # Browser resends the same complete request, with authorization header # Server responds with 200 + content Incorrect behaviour in Firefox 76: # Browser sends the request (without authorization header) # Server responds with 401 # Browser resends the request with an empty body, with authorization header # Server waits for the body but does not receive it, and the request gets cancelled after 2 minutes. Eventually, the browser displays a 401 Not Authorized error, but with Fiddler running I can see a 408 error with the text: "The request body did not contain the specified number of bytes. Got 0, expected xxx." Just for fun, this is the non-compliant behavior in IE11 that actually works, unlike Firefox: # Browser sends the request with the authorization header from the previous GET request # Server responds with 200 + content

Spremenil OronDF343

Vsi odgovori (1)

more options

Hi OronDF343

This is not a web developer forum; this forum is focused on user questions.

I would file a bug in bugzilla: https://bugzilla.mozilla.org/home or ask a question in stack overflow and tag it firefox https://stackoverflow.com/questions/tagged/firefox


Cheers! ..Roland