[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #28791 [Applications/Tor Browser]: Tor Browser 8 cannot download images protected by basic auth
#28791: Tor Browser 8 cannot download images protected by basic auth
-------------------------------------+-------------------------------------
Reporter: pf.team | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Component: Applications/Tor
| Browser
Version: | Severity: Normal
Keywords: TorBrowser files | Actual Points:
download auth |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+-------------------------------------
TB seems to ignore authentication credentials when trying to download
images from .onion sites protected by basic http authorization. The
"Authorization: Basic" header is missing, and the site returns 401
Authorization Required.
To reproduce this error:
1) Setup an nginx server with some test dummy config and some
login:password pair generated by openssl passwd in htpasswd:
root /var/www/html;
server_name _;
location / {
auth_basic "closed site";
auth_basic_user_file htpasswd;
}
2) Put a test .png or .jpg file into /var/www/html
3) Try to access the file at http://<domain-name>.onion/test.png
4) Enter login and password when prompted - check that the file displays
properly.
5) Now try to download the file (Ctrl+S) and get a 401 error.
If the server doesn't provide a text response for the 401 error, TB will
simply create an empty file.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28791>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs