HTTP Basic 认证失败返回的 WWW-Authenticate 更正为 Proxy-Authenticate #89
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
使用其它 HTTP 代理服务器(如 squid)时,若开启 HTTP Basic 用户认证,则浏览器如 Chrome 在不指定用户名密码的情况下使用代理服务器访问网页时,会弹出一个认证窗口,要求用户输入。但是现在 goproxy 作为代理服务器时,则直接返回 Unauthorized。在配合一些可以自动输入代理用户名密码的浏览器插件(如 SwitchyOmega)时,这些插件无法正常工作。
在进行了一定的调查以后,发现 goproxy 在 HTTP Basic 认证失败后返回给客户端的是状态码 407 和 HTTP 头 WWW-Authenticate。在查看过 Mozilla 的 HTTP 头说明文档后可以发现,WWW-Authenticate 通常是和状态码 401 一起使用的,代表直接访问网页时要求认证。而在 HTTP 代理服务器中应该使用的是状态码 407 和 Proxy-Authenticate。
在将 WWW-Authenticate 更改为 Proxy-Authenticate 后,浏览器使用 goproxy 和其它代理服务器时的行为一致了,浏览器代理插件也正常工作了。
我顺便改了下返回给客户端的状态码描述信息,401 是 Unauthorized,而 407 是 Proxy Authentication Required。
我将这部分代码提交了,希望能合并到 goproxy 的主线上,谢谢!
以下是参考的 Mozilla 的文档:
WWW-Authenticate
Proxy-Authenticate