Skip to content

Basic Auth support for Chrome browser #89

@cypress-zh

Description

@cypress-zh

I started a proxy with command:
proxy.py --basic-auth username:password

I configured chrome proxy as below(Mac OSX):
type: Web Proxy(Http)
Host: my_host_server
Port: 8899(I use the default port)
Chekced Proxy Server Requires Password and fill in
Username: username
Passowrd: password

the snapshot as below:
image

I'm sure the firewall was disabled.

but still can NOT get traffic proxyed, the log of proxy server didnot show anything, just a Starting:

[root@myProxyServer ~]# /opt/rh/rh-python36/root/usr/bin/proxy.py --basic-auth username:password
2019-09-25 02:31:02,691 - INFO - run:633 - Starting server on port 8899

am I missed something? can somebody help me out of configuration? Thanks in advance:)

Activity

abhinavsingh

abhinavsingh commented on Sep 25, 2019

@abhinavsingh
Owner

What version of Chrome are you using?

I am using Chrome Version 77.0.3865.90 Mac. I just tried setting my system proxy settings to same as yours. For me Chrome popped up a basic auth dialog box, which disappeared as I was typing in the username / password, followed by another pop-up to access the system keychain. Hitting refresh, presented the popup dialog again (in-spite of username / password details in system preferences), this time I was fast and Chrome worked fine after I was able to enter username / password in pop-up dialog box. Chrome basic auth support is certainly broken.

I also tried Firefox which has it's own proxy configuration dialog. Firefox worked without any issues, presented me a basic auth dialog (Firefox doesn't accept username / password in proxy config) and then the site.

I can guarantee that Basic authentication support certainly works :) You can also verify the same using Curl on command line:

$ curl -v -x username:password@localhost:8899 http://httpbin.org/get
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8899 (#0)
* Proxy auth using Basic with user 'username'
> GET http://httpbin.org/get HTTP/1.1
> Host: httpbin.org
> Proxy-Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
> User-Agent: curl/7.54.0
> Accept: */*
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 200 OK
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Origin: *
< Content-Type: application/json
< Date: Wed, 25 Sep 2019 04:11:50 GMT
< Referrer-Policy: no-referrer-when-downgrade
< Server: nginx
< X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
< Content-Length: 202
< Connection: keep-alive
< 
{
  "args": {}, 
  "headers": {
    "Accept": "*/*", 
    "Host": "httpbin.org", 
    "User-Agent": "curl/7.54.0"
  }, 
  "origin": "1.2.3.4, 5.6.7.8", 
  "url": "https://httpbin.org/get"
}
* Connection #0 to host localhost left intact
changed the title [-]chrome proxy configuration [/-] [+]Basic Auth with Chrome browser[/+] on Sep 25, 2019
changed the title [-]Basic Auth with Chrome browser[/-] [+]Basic Auth support for Chrome browser[/+] on Sep 25, 2019
cypress-zh

cypress-zh commented on Sep 25, 2019

@cypress-zh
Author

I am using Chrome: Version 77.0.3865.90 (Official Build) (64-bit), I tried the curl command and it shows:

 ~ curl -v -x username:password@server_host:8899 http://httpbin.org/get
*   Trying server_host...
* TCP_NODELAY set
* Connection failed
* connect to server_host port 8899 failed: Connection refused
* Failed to connect to server_host port 8899: Connection refused
* Closing connection 0
curl: (7) Failed to connect to server_host port 8899: Connection refused

@abhinavsingh

abhinavsingh

abhinavsingh commented on Sep 25, 2019

@abhinavsingh
Owner

Looks like you are accessing proxy.py remotely. Are you listening on all interfaces? e.g. --hostname 0.0.0.0 (IPv4) or --hostname :: (IPv6)

abhinavsingh

abhinavsingh commented on Sep 25, 2019

@abhinavsingh
Owner

I am assuming passing right flags made it work for you. Closing this now, feel free to re-open if necessary.

cypress-zh

cypress-zh commented on Sep 26, 2019

@cypress-zh
Author

@abhinavsingh Thanks for ur response.
I tried ur suggestion, changed to listen to all interfaces, and it seems it was doing the connection, see log below, and a new problem ProxyAuthenticationFailed came, I'm sure that I have input the right username and password as what I set simplest in server side:

2019-09-26 01:54:10,980 - ERROR - _process_rlist:554 - 
Traceback (most recent call last):
  File "/opt/rh/rh-python36/root/usr/bin/proxy.py", line 552, in _process_rlist
    self._process_request(data)
  File "/opt/rh/rh-python36/root/usr/bin/proxy.py", line 471, in _process_request
    raise ProxyAuthenticationFailed()
ProxyAuthenticationFailed
abhinavsingh

abhinavsingh commented on Sep 26, 2019

@abhinavsingh
Owner
cypress-zh

cypress-zh commented on Sep 26, 2019

@cypress-zh
Author

No, it's happening using chrome surfing internet, my server side commands is:

proxy.py --basic-auth my_username:123456 --hostname 0.0.0.0

and there's no command on client side(Chrome).

abhinavsingh

abhinavsingh commented on Sep 26, 2019

@abhinavsingh
Owner
cypress-zh

cypress-zh commented on Sep 26, 2019

@cypress-zh
Author

I tried curl, and it works perfectly. 😝Chome browser still can NOT pass authentication. Thanks for ur help I'll recheck my configuration.:)

vikranth094

vikranth094 commented on Feb 25, 2022

@vikranth094

Issue is due to check for auth header length is not equal to 2 in /proxy/proxy.py/proxy/http/proxy/auth.py , chrome browser might have extra headers ,Please change the code in /proxy/proxy.py/proxy/http/proxy/auth.py as a fix,.
if len(parts) != 2 at line 34

After removal of this check, browser auth worked

abhinavsingh

abhinavsingh commented on Feb 26, 2022

@abhinavsingh
Owner

@vikranth094 Thank you. Can you also share what exactly does browser end up sending? We can use the same as a test scenario too. You can anonymize any hashes etc. I am curious what exactly is being sent by browser.

vikranth094

vikranth094 commented on Feb 27, 2022

@vikranth094

I am not sure about browser, I was working with my android proxy client which had request format String.format(Locale.ENGLISH, "CONNECT %s:%d HTTP/1.0\r\nProxy-Connection: keep-alive\r\nProxy-Authorization: Basic %sUser-Agent: %s\r\nX-App-Install-ID: %s\r\n\r\n", m_DestAddress.getHostName(), m_DestAddress.getPort(), Constant.auth, ProxyConfig.Instance.getUserAgent(), ProxyConfig.AppInstallID);

abhinavsingh

abhinavsingh commented on Feb 27, 2022

@abhinavsingh
Owner

Thank you for this piece of information. We'll address it and add necessary tests using your provided example. I'll try to also repro on an android device. Best.

vikranth094

vikranth094 commented on Feb 27, 2022

@vikranth094

Thanks Bro, Really cool project

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    QuestionQuestions related to proxy server

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @abhinavsingh@vikranth094@cypress-zh

        Issue actions

          Basic Auth support for Chrome browser · Issue #89 · abhinavsingh/proxy.py