[Project_owners] HTTP Auth's opening URL

Michael Vincent mv_van_rantwijk at yahoo.com
Thu Oct 6 21:30:44 EDT 2005


Adam Judson wrote:
> On 06/10/05, Michael Vincent <mv_van_rantwijk at yahoo.com> wrote:
>> Adam Judson wrote:
>>> Running tamperdata I see the 401 response coming back when I access
>>> http://passwordmaker.org:2082
>>>
>>> Maybe watch for this rather than trying to work backwards from the dialog?
>> Well, that won't work for a 407 (proxy).
> 
> I'm not sure checking for 401 AND 407 etc. really increases the size
> of this solution....
> 
> - keep track of the url of the last request with a suspicious response
> - watch for the Auth dialog, and use the URL from the previos step
> 
> Can you watch for the auth header instead?  Or do you need to know
> before the box is
> populated?  just what are you trying to do?

That will still fail when other extensions open that dialog from within 
their XUL/XBL/JS code.

Michael


More information about the Project_owners mailing list