'[Bug 275033] Spurious warning from Konqueror (log in with the username "undefined")'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-bugs-dist
Subject:    [Bug 275033] Spurious warning from Konqueror (log in with the username "undefined")
From:       Graeme Hewson <bugs () wormhole ! me ! uk>
Date:       2012-10-10 5:03:23
Message-ID: bug-275033-17878-YS77znGVoz () http ! bugs ! kde ! org/
[Download RAW message or body]

https://bugs.kde.org/show_bug.cgi?id=275033

Graeme Hewson <bugs@wormhole.me.uk> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bugs@wormhole.me.uk

--- Comment #17 from Graeme Hewson <bugs@wormhole.me.uk> ---
Still happening in 4.9.2.

The username is "null", not "undefined". Going to http://www.open.ac.uk/, the
popup says 'You are about to log in to the site "www.open.ac.uk" with the
username "null", but the website does not require authentication. This may be
an attempt to trick you. Is "www.open.ac.uk" the site you want to visit?'

I traced the network with Wireshark, and there is no bogus username/password
being sent. There are two TCP streams:

TCP stream 1:

GET / HTTP/1.1
Host: www.open.ac.uk
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) KHTML/4.9.2 (like Gecko)
Konqueror/4.9
If-None-Match: "b78384-4b18-55cf15c0"
Accept: text/html, text/*;q=0.9, image/jpeg;q=0.9, image/png;q=0.9,
image/*;q=0.9, */*;q=0.8
Accept-Encoding: gzip, deflate, x-gzip, x-deflate
Accept-Charset: utf-8,*;q=0.5
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: MoodleSessionTestol=f8lXBDMPUA;
MoodleSessionol=npv511samvldhgojh92qm32807; OUFULLSIZE=F

HTTP/1.1 304 Not Modified
Date: Wed, 10 Oct 2012 04:50:04 GMT
Server: Apache
nnCoection: close
ETag: "b78384-4b18-55cf15c0"

TCP stream 2:

GET /includes/ip.shtm HTTP/1.1
Host: www.open.ac.uk
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) KHTML/4.9.2 (like Gecko)
Konqueror/4.9
Referer: http://www.open.ac.uk/
Accept: text/html, text/*;q=0.9, image/jpeg;q=0.9, image/png;q=0.9,
image/*;q=0.9, */*;q=0.8
Accept-Encoding: gzip, deflate, x-gzip, x-deflate
Accept-Charset: utf-8,*;q=0.5
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: MoodleSessionTestol=f8lXBDMPUA;
MoodleSessionol=npv511samvldhgojh92qm32807; OUFULLSIZE=F

HTTP/1.1 200 OK
Date: Wed, 10 Oct 2012 04:50:04 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 36
nnCoection: close
Content-Type: text/html

||*137.108.140.184*|*46.64.79.164*||

=== End ===

I notice the server is sending strange "nnCoection: close" headers. Is this
relevant, perhaps? Possible explanation for the headers here (to do with load
balancers):
http://stackoverflow.com/questions/4798461/cneonction-and-nncoection-http-headers

-- 
You are receiving this mail because:
You are watching all bug changes.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic