Disable auth confirmation prompts by default.
This commit is contained in:
parent
68b5a6fbfe
commit
61a86e2c51
|
@ -2013,6 +2013,12 @@ pref("network.auth.subresource-http-auth-allow", 2);
|
||||||
// does not have any effect.
|
// does not have any effect.
|
||||||
pref("network.auth.subresource-http-img-XO-auth", false);
|
pref("network.auth.subresource-http-img-XO-auth", false);
|
||||||
|
|
||||||
|
// Whether or not to show anti-spoof confirmation prompts when navigating to a
|
||||||
|
// URL with user info.
|
||||||
|
// true - display extra confirmation prompt ("You are about to log in to...")
|
||||||
|
// false - do not display extra confirmation prompt (default)
|
||||||
|
pref("network.auth.confirmAuth.enabled", false);
|
||||||
|
|
||||||
// This preference controls whether to allow sending default credentials (SSO) to
|
// This preference controls whether to allow sending default credentials (SSO) to
|
||||||
// NTLM/Negotiate servers allowed in the "trusted uri" list when navigating them
|
// NTLM/Negotiate servers allowed in the "trusted uri" list when navigating them
|
||||||
// in a Private Browsing window.
|
// in a Private Browsing window.
|
||||||
|
|
|
@ -96,6 +96,7 @@ uint32_t nsHttpChannelAuthProvider::sAuthAllowPref =
|
||||||
SUBRESOURCE_AUTH_DIALOG_ALLOW_ALL;
|
SUBRESOURCE_AUTH_DIALOG_ALLOW_ALL;
|
||||||
|
|
||||||
bool nsHttpChannelAuthProvider::sImgCrossOriginAuthAllowPref = false;
|
bool nsHttpChannelAuthProvider::sImgCrossOriginAuthAllowPref = false;
|
||||||
|
bool nsHttpChannelAuthProvider::sConfirmAuthPref = false;
|
||||||
|
|
||||||
void
|
void
|
||||||
nsHttpChannelAuthProvider::InitializePrefs()
|
nsHttpChannelAuthProvider::InitializePrefs()
|
||||||
|
@ -107,6 +108,9 @@ nsHttpChannelAuthProvider::InitializePrefs()
|
||||||
mozilla::Preferences::AddBoolVarCache(&sImgCrossOriginAuthAllowPref,
|
mozilla::Preferences::AddBoolVarCache(&sImgCrossOriginAuthAllowPref,
|
||||||
"network.auth.subresource-http-img-XO-auth",
|
"network.auth.subresource-http-img-XO-auth",
|
||||||
false);
|
false);
|
||||||
|
mozilla::Preferences::AddBoolVarCache(&sConfirmAuthPref,
|
||||||
|
"network.auth.confirmAuth.enabled",
|
||||||
|
false);
|
||||||
}
|
}
|
||||||
|
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
|
@ -1450,10 +1454,15 @@ nsHttpChannelAuthProvider::ConfirmAuth(const nsString &bundleKey,
|
||||||
bool doYesNoPrompt)
|
bool doYesNoPrompt)
|
||||||
{
|
{
|
||||||
// skip prompting the user if
|
// skip prompting the user if
|
||||||
// 1) we've already prompted the user
|
// 1) prompts are disabled by preference
|
||||||
// 2) we're not a toplevel channel
|
// 2) we've already prompted the user
|
||||||
// 3) the userpass length is less than the "phishy" threshold
|
// 3) we're not a toplevel channel
|
||||||
|
// 4) the userpass length is less than the "phishy" threshold
|
||||||
|
|
||||||
|
if (!sConfirmAuthPref) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
uint32_t loadFlags;
|
uint32_t loadFlags;
|
||||||
nsresult rv = mAuthChannel->GetLoadFlags(&loadFlags);
|
nsresult rv = mAuthChannel->GetLoadFlags(&loadFlags);
|
||||||
if (NS_FAILED(rv))
|
if (NS_FAILED(rv))
|
||||||
|
|
|
@ -185,6 +185,9 @@ private:
|
||||||
static uint32_t sAuthAllowPref;
|
static uint32_t sAuthAllowPref;
|
||||||
static bool sImgCrossOriginAuthAllowPref;
|
static bool sImgCrossOriginAuthAllowPref;
|
||||||
nsCOMPtr<nsICancelable> mGenerateCredentialsCancelable;
|
nsCOMPtr<nsICancelable> mGenerateCredentialsCancelable;
|
||||||
|
|
||||||
|
// Variable holding the preference for anti-spoof auth confirmation prompts.
|
||||||
|
static bool sConfirmAuthPref;
|
||||||
};
|
};
|
||||||
|
|
||||||
} // namespace net
|
} // namespace net
|
||||||
|
|
Loading…
Reference in New Issue
Block a user