git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>
To: git@vger.kernel.org
Subject: Handle HTTP error 511 Network Authentication Required (standard secure proxy authentification/captive portal detection)
Date: Sun, 19 Feb 2012 22:03:37 +0100	[thread overview]
Message-ID: <4b8f33ba4c870528a82ab85d6dad68bd.squirrel@arekh.dyndns.org> (raw)

Since
http://code.google.com/p/chromium/issues/detail?id=7338 and
https://bugzilla.mozilla.org/show_bug.cgi?id=479880

there is no clean way for a proxy or captive portal to get a web client to
display an authentication dialog when user credentials expire while he is
browsing on an https url.

(to be sure, the previous methods were insecure and hackish but they existed
because nothing better was available)

The IETF finally set up to fix this problem and defined a standard HTTP error
that lets access control equipments tell the web client authentication or
re-authentication is needed and where the authentication form is located.

http://tools.ietf.org/id/draft-nottingham-http-new-status-04.txt

→ <http://www.rfc-editor.org/queue2.html#draft-nottingham-http-new-status> (the
spec is approved and in the queue for publication as RFC)

Please add error 511 handling in git, so git users that try to access external
git repositories over http can authenticate on the corporate proxy

             reply	other threads:[~2012-02-19 21:11 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-02-19 21:03 Nicolas Mailhot [this message]
2012-02-20  1:06 ` Handle HTTP error 511 Network Authentication Required (standard secure proxy authentification/captive portal detection) Jeff King
2012-02-20  5:38   ` Nicolas Mailhot
2012-02-20 13:56     ` Jeff King
2012-02-20 15:34       ` Nicolas Mailhot
2012-02-20 15:44         ` Jeff King
2012-02-20 18:27           ` Nicolas Mailhot
2012-02-20 19:15             ` Jeff King
2012-02-20 19:24               ` Nicolas Mailhot
2012-02-20 19:30                 ` Jeff King
2012-02-20 19:51                   ` Nicolas Mailhot
2012-02-20 19:06           ` Daniel Stenberg
2012-02-20 19:09             ` Jeff King
2012-02-20 20:16             ` Junio C Hamano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4b8f33ba4c870528a82ab85d6dad68bd.squirrel@arekh.dyndns.org \
    --to=nicolas.mailhot@laposte.net \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).