NTLM authorization does not work in FireFox 118.0.1
Hello! I have a problem with latest version of FireFox (118.0.1). I have a website running at https://localhost:7230. And Asp .Net Core backend running at http://localhost:5205/, the authorization is configured to use NTLM.
From the frontend I call: const response = await axios.get("http://localhost:5205/Users/GetUser", {
params: null, withCredentials: true
});
and it works in Chrome and in previous FireFox 117.0.1, but doesn't work in FireFox 118.0.1.
I've checked the request-headers, they are the same except for the version in User-Agent. I guess this has something to do with the security settings. I looked at the patch notes but didn't see anything similar to my problem.
What was changed in the latest version and how can I fix this?
Geändert am von romannt
Alle Antworten (4)
Run mozregression between 117 and 118 to find the breaking change.
I have found the exact commit with the breaking change: Bug 580353 Asynchronous cross origin XMLHttpRequest doesn't expose 401 response when withCredentials is false https://bugzilla.mozilla.org/show_bug.cgi?id=580353
Geändert am von romannt
The content of the Build Info panel from the screenshot in the previous message: app_name: firefox build_date: 2023-08-15 18:14:55.142000 build_file: C:\Users\Magic\.mozilla\mozregression\persist\952cbc6e01a0-pgo--autoland--target.zip build_type: integration build_url: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/Heu8jc2sT5SLqpy_JjxNYw/runs/0/artifacts/public%2Fbuild%2Ftarget.zip changeset: 952cbc6e01a0efabde94b34a5c6dfdc9658f4c06 pushlog_url: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=232191c3ef9861082467fea69f62c9b7fffb3a1c&tochange=952cbc6e01a0efabde94b34a5c6dfdc9658f4c06 repo_name: autoland repo_url: https://hg.mozilla.org/integration/autoland task_id: Heu8jc2sT5SLqpy_JjxNYw
The regressing change has been backed out already so it's a matter of it riding the trains.