Bug 211774
| Summary: | Flaky failures fetching modules with HTTP authentication: blocked ... asking for credentials because it is a cross-origin request | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | philipp.steinberg |
| Component: | Page Loading | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | achristensen, ap, beidson, rwlbuis, webkit-bug-importer, youennf, ysuzuki |
| Priority: | P2 | Keywords: | InRadar |
| Version: | Safari 13 | ||
| Hardware: | All | ||
| OS: | Unspecified | ||
philipp.steinberg
Hi,
we have website hosted with AWS and have some problems with a lambda@edge base authentification gatekeeper.
We used the following code to protect one of our sites with basic authentification
https://gist.github.com/lmakarov/e5984ec16a76548ff2b278c06027f1a4
The code is triggered before website calls, so that you have to authentificate before seeing the page.
This works fine with all browsers expect the webkit based. ( we tested with safari on a macbook and a iphone and the epiphany browser)
They bring throw the following errors "blocked asking for credentials because it is a cross-origin request"
I have no idea why the browser is detecting the call as a cross-origin because every resource is on the same domain.
I created a test website to reproduce the error.
url: https://testlambda.w2g.siemens.com/
user: test
password: secret
Best regards
Philipp
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Alexey Proskuryakov
This looks like an issue with module loading.
<script src="runtime-es2015.c5fa8325f89fc516600b.js" type="module">
I can get the page to load sometimes, especially when Cmd-clicking to load in a background tab.
This flakiness can't be right.
Radar WebKit Bug Importer
<rdar://problem/63208848>
philipp.steinberg
Hi I noticed that the issue seems to be solved and no longer appear.
For that reason I removed the test website and close the bug