impossible to debug when script delivered with ntlm
39 views
Skip to first unread message
mikewse
Oct 6, 2010, 6:32:00 PM10/6/10
to Firebug
When script files are delivered to Firefox using NTLM authentication,
Firebug gets confused and repeats the first 4096 bytes of the script
three times at the start of the script in the Script and Net panes.
This shifts linenumbers so it's no longer possible to put breakpoints
in the right locations or to step through code.
I was going to add a bug report, but I can't provide a test case as
the site I'm working on is internal (which I guess most NTLM sites
will be). Any suggestions?
Best regards
Mike Wilson
Firebug gets confused and repeats the first 4096 bytes of the script
three times at the start of the script in the Script and Net panes.
This shifts linenumbers so it's no longer possible to put breakpoints
in the right locations or to step through code.
I was going to add a bug report, but I can't provide a test case as
the site I'm working on is internal (which I guess most NTLM sites
will be). Any suggestions?
Best regards
Mike Wilson
John J Barton
Oct 6, 2010, 11:28:12 PM10/6/10
to Firebug
jjb
>
> Best regards
> Mike Wilson
mikewse
Oct 7, 2010, 3:30:40 AM10/7/10
to Firebug
On Oct 7, 5:28 am, John J Barton <johnjbar...@johnjbarton.com> wrote:
> Yes, please help me understand what a NTLM is.
In short, NTLM is a Microsoft authentication protocol that is used in
> Yes, please help me understand what a NTLM is.
their products for single sign-on, so that the "Windows" login may be
used for transparently logging in to web sites. NTLM is used
extensively in large corporations for intranet sites and similar, and
is widely implemented in web browsers from other vendors, including
Firefox.
Overview: http://en.wikipedia.org/wiki/NTLM
Gory reverse-engineering details: http://davenport.sourceforge.net/ntlm.html
Fetching a resource over NTLM means doing three requests:
GET /index.html
HTTP/1.1 401 Unauthorized ("I want NTLM" in header)
GET /index.html (NTLM Type1 message in header)
HTTP/1.1 401 Unauthorized (NTLM Type2 message in header)
GET /index.html (NTLM Type3 message in header)
HTTP/1.1 200 OK (resource fetched)
so seeing the first block of the script being repeated three times
doesn't seem like a coincident. I guess the two body-less 401
responses incorrectly lead to writing copies of the first 4KB to the
internal resource buffer. (Note that Firefox view source gets it right
so this a Firebug problem)
The following Firebug issues describe other dimensions of this
problem:
http://code.google.com/p/fbug/issues/detail?id=1902
http://code.google.com/p/fbug/issues/detail?id=1927
Just let me know if there's anything else I can do to help
Mike
Honza (Jan Odvarko)
Oct 7, 2010, 10:26:38 AM10/7/10
to Firebug
Could this be related to the following issue
http://code.google.com/p/fbug/issues/detail?id=2434
Honza
> problem:http://code.google.com/p/fbug/issues/detail?id=1902http://code.google.com/p/fbug/issues/detail?id=1927
http://code.google.com/p/fbug/issues/detail?id=2434
Honza
mikewse
Oct 7, 2010, 12:24:15 PM10/7/10
to Firebug
On Oct 7, 4:26 pm, "Honza (Jan Odvarko)" <odva...@gmail.com> wrote:
> Could this be related to the following issuehttp://code.google.com/p/fbug/issues/detail?id=2434
I have no knowledge about if the code paths are shared for redirects
> Could this be related to the following issuehttp://code.google.com/p/fbug/issues/detail?id=2434
and authentication requests so I couldn't say. On the surface they
look different as Firebug shows the individual redirect requests, but
hides the authentication requests once they are replaced by the next
request in the authentication sequence.
I think I am seeing another pattern in my original example; scripts
served with a Content-Length don't exhibit the problem while ones
using chunked encoding does. Does that make sense?
It would be preferrable to solve this at the network level, but if not
possible, could the Script tab fetch its script source from a
mechanism similar to Firefox's View Source? (which does work correctly)
mikewse
Oct 8, 2010, 7:14:35 AM10/8/10
to Firebug
Should I add this as a bug ticket even though I can't provide a test
environment, or should we continue to discuss the bug here?
Best regards
Mike
environment, or should we continue to discuss the bug here?
Best regards
Mike
John J Barton
Oct 9, 2010, 12:33:26 PM10/9/10
to Firebug
On Oct 8, 4:14 am, mikewse <mike...@gmail.com> wrote:
> Should I add this as a bug ticket even though I can't provide a test
> environment, or should we continue to discuss the bug here?
http://getfirebug.com/wiki/index.php/FAQ#Using_the_Tracing_Version_of_Firebug
The first place I would look is in tabCache and sourceCache with CACHE
tracing.
jjb
Mike Wilson
Oct 9, 2010, 7:56:09 PM10/9/10
to fir...@googlegroups.com
Thanks John,
Getting into Firebug's code base was easier than I thought, so I have
now found and solved the bug. I've attached a patch against branch 1.7
to a new ticket:
http://code.google.com/p/fbug/issues/detail?id=3526
Getting into Firebug's code base was easier than I thought, so I have
now found and solved the bug. I've attached a patch against branch 1.7
to a new ticket:
http://code.google.com/p/fbug/issues/detail?id=3526
Best regards
Mike
Reply all
Reply to author
Forward
0 new messages