GNOME Bugzilla – Bug 514486
fails to download from htp auth protected sites
Last modified: 2018-08-03 19:21:09 UTC
Epiphany cannot download files from http auth protected site. The http auth works, the site comes up, clicking download shows the dowload manager, but there the download always is failed. With firefox/wget it works. I am using epiphany 2.20.1 right now, but I saw the problem first maybe two years ago.
Please give some verifiable steps to reproduce. Which URL is failing? Thanks.
Its http-auth protected sites, so naturally I can't give you an example.
As I'm sure you understand, if there really is a bug, we will need some kind of testcase to reproduce it.
I already spend one hour to try to reproduce the use case on my server. No success yet. I will continue and let you know, once I narrowed down the problem case.
Are you sure the problem is with http auth? Might be a referrer check on the server (epiphany doesn't send referrers for downloads, bug 36292). You can get a http log with export NSPR_LOG_FILE=/tmp/log export NSPR_LOG_MODULES=nsHttp:5
Created attachment 104621 [details] log file
Is the log useful to track it down? Do you need anything else?
Maybe a log of firefox doing the same steps, for comparision? Also, which URL is it failing on exactly in the log ?
Created attachment 105243 [details] firefox log for same use-case The uri is: https://core.fluendo.com/beta/download/tarballs/linux/x86_32/gstreamer-0.10.14/gst-fluendo-ac3dec-0.10.8.tar.bz2 I looked over he logs and one difference is that ff disabled caching for the download where epi did not.
The difference that I can see is that ff sends the referrer and ephy does not; just like I suggested in comment 5.
Then it probably should do that. Can some epiphany developer then mark this bug as confirmed?
Another important difference is that Epiphany does not send cookies to the http server when you download a link (using the "Download Link" or "Save Link As..." context menu items) unless the Cookies privacy option in preferences is set to "Always accept", in which case it does send the cookies. I think it should behave in the same way as when the link is followed normally (by a left click).
Confirming by request.
Just to expand on my comment #12, here is the bug I raised in Ubuntu's launchpad: https://bugs.launchpad.net/bugs/241939 --------------------------------------8<-------------------------------------- If Epiphany's cookies privacy option is set to "Only from sites you visit" (the default) and you visit a site that uses cookies, then if you right click on a link (to a resource on the same site) and select either the "Download Link" or the "Save Link As..." option, then the HTTP GET request sent to the server does not include either the "Cookie:" header or the "Referer:" header. Repeating the process with the cookies privacy option set to "Always accept" causes the "Cookie:" header to be sent to the server, but not the "Referer:" header. Depending on the website in question one or both of the "Cookie:" and/or "Referer:" header may be required to download the link correctly. This may be two separate problems. Following a link normally (left click) sends both headers. The problems can be confirmed by using Wireshark to examine the HTTP headers. -------------------------------------->8--------------------------------------
I believe this could work with ephy/webkit, but of course I can't really confirm it.
*** Bug 761874 has been marked as a duplicate of this bug. ***
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/epiphany/issues/121.