Current time: 06-20-2019, 11:06 PM Hello There, Guest! (LoginRegister)
WebPagetest Forums / WebPagetest / Bugs/Issues v / Basic auth is sent to subsequent domains as well

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Basic auth is sent to subsequent domains as well
09-05-2018, 07:01 PM
Post: #1
michaeldr Offline
Junior Member
**
 		Posts: 2
Joined: Sep 2018
Reputation: 0
Basic auth is sent to subsequent domains as well
If I enable basic auth for running a test on https://foo.com and foo.com page contains, for example, a js file loaded from https://cdn.bar.com/bundle.js then the basic auth Authorization header is being sent to that domain as well.

Do you think this is a desired behaviour ?
Find all posts by this user
Quote this message in a reply
09-06-2018, 04:56 AM
Post: #2
pmeenan Offline
Patrick Meenan
*******
 		Posts: 5,321
Joined: Apr 2009
Reputation: 151
RE: Basic auth is sent to subsequent domains as well
Desired or not, it is the expected behavior. The auth header is added to all requests and there isn't support for only adding it to requests for certain origins.
Visit this user's website Find all posts by this user
Quote this message in a reply
09-17-2018, 03:40 AM (This post was last modified: 09-17-2018 03:41 AM by michaeldr.)
Post: #3
michaeldr Offline
Junior Member
**
 		Posts: 2
Joined: Sep 2018
Reputation: 0
RE: Basic auth is sent to subsequent domains as well
(09-06-2018 04:56 AM)pmeenan Wrote:  Desired or not, it is the expected behavior. The auth header is added to all requests and there isn't support for only adding it to requests for certain origins.

Expected where ? As far as I know, this is not how the browser works.
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | WebPagetest | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication