latest version breaks sites using mod_auth_krb/SPNEGO
Opened this issue · 1 comments
GoogleCodeExporter commented
What steps will reproduce the problem?
1. kinit
2. browse URL of whitelisted https site that uses mod_auth_krb
3. get gobbledygook
4. disable scriptsafe
5. browse same url
6. get expected page
What is the expected output? What do you see instead?
Expected output is that I get authenticated access to web page. What happens
is that I get a page full of seemingly random characters; it may be encrypted
data, but it is certainly not what is supposed to happen.
What version of the product are you using? On what operating system?
ScriptSafe 1.0.6.18, Chrome Version 35.0.1916.114, OSX 10.8.5
Please provide any additional information below.
This worked fine when I last used it a few days ago. The sites that I have
problems with work fine with ScripSafe turned off, and work fine with other
browsers.
Also, I notice that the changelog on the chrome store says nothing about
version 1.0.6.18; the last version it shows is 1.0.6.17. The url provided for
the full changelog (http://andryou.com/projects/scriptsafe-changelog/) gives me
a page that says "not here"
Original issue reported on code.google.com by abe.sin...@gmail.com
on 20 May 2014 at 7:42
GoogleCodeExporter commented
Confirmed - the latest update causes weird issues with SPNEGO-authenticated
sites. Disabling ScriptSafe allows the pages to load correctly, enabling it
blocks some content from loading. This even though the pages are in Trusted
domains.
Original comment by camillo....@gmail.com
on 25 Jun 2014 at 10:06