My favorites | Sign in
Project Home Downloads Wiki Issues Code Search
New issue   Search
  Advanced search   Search tips   Subscriptions
Issue 16709: Obey proxy auth parameters from gconf or env vars
26 people starred this issue and may be notified of changes. Back to list
Project Member Reported by, Jul 14, 2009
What steps will reproduce the problem?

What is the expected output? What do you see instead?

Please use labels and text to provide additional information.
ProxyConfig currently does not support proxy authentication parameters
(username and password). The gconf /system/http_proxy/*auth* settings are
therefore ignored, as well as equivalent parameters from env vars (in URL

Chrome does support proxy authentication, but it wil need to prompt for the
proxy password (which it can remember).

Ideally, Chrome should use the password provided in settings without having
to prompt the user.
Jul 14, 2009
(No comment was entered for this change.)
Jul 15, 2009
The following revision refers to this bug: 

r20725 | | 2009-07-15 06:16:54 -0700 (Wed, 15 Jul 2009) | 9 lines
Changed paths:

Fix the log error message about proxy authentication in
ProxyConfigServiceLinux: the proxy auth parameters are still not
supported, but proxy auth is supported.

Also see

Review URL:

Jul 16, 2009
(No comment was entered for this change.)
Status: Assigned
Labels: Mstone-LinuxBeta
Aug 24, 2009
Any thoughts on how hard this would be to fix?
Labels: -Pri-3 Pri-2
Aug 31, 2009
> Any thoughts on how hard this would be to fix?

The main part would be plumbing the username/password down through proxy layer and 
into HTTP layer.

Probably easy to do this by treating this similarly to an URL. However, special attention needs to be paid to the 
case when the environment variable contains invalid identity. In this case we don't 
want to get stuck in the loop where for each request we end up prompting an auth 
dialog (because we first apply the proxy settings identity which clears authcache 
with a bad identity).

I am not convinced we actually want to implement this though, do we have any evidence 
that people rely on this feature? (Mac and Windows for example have no equivalent to 
this in their proxy settings).
Aug 31, 2009
Oh, the above post was me (was signed into a different account).
Sep 1, 2009
Rearranging bugs to eliminate LinuxBeta label.
Labels: -Mstone-LinuxBeta ReleaseBlock-Beta Mstone-4
Sep 1, 2009
I would be a user of this feature.

Firefox, gnome-terminal and pidgin all use it.  Having Chromium not use the feature too 
makes it inconstant.
Sep 2, 2009
Demoting bugs that wouldn't block a beta release.
Labels: -ReleaseBlock-Beta
Sep 24, 2009
(No comment was entered for this change.)
Labels: -type-feature Type-Feature
Sep 27, 2009
Like there is command-line parameter --proxy-server=SERVER:PORT

Can you please add the parameter like --proxy-user-and-password=USERNAME:PASSWORD which 
to be passed automatically without any dialogs?
Oct 13, 2009
Moving this out of mstone-4 and into mstone-5 after talking to the Linux 
Labels: -mstone-4 mstone-5
Dec 17, 2009
Replacing labels:
   Area-BrowserBackend by Area-Internals

Labels: -Area-BrowserBackend Area-Internals
Jan 26, 2010
Even FF-3.5.7 doesn't cut it for me here.
I would surely want to see this implemented in Chromium!!
Jan 27, 2010
XFCE doesn't apparently take gconf proxy settings, so folks in XFCE have to kludge in 
envvars or commandline settings.  Being able to do this in some sort of about:config 
way or with an Options option would be far superior.  Having those settings read/write 
system-dependent proxy configuration would be doublepluswin.
Mar 25, 2010
(No comment was entered for this change.)
Owner: ---
Mar 26, 2010
(No comment was entered for this change.)
Status: Assigned
Mar 29, 2010
(No comment was entered for this change.)
Labels: Internals-Network
Mar 30, 2010
Bumping this off mstone5.
Status: Available
Owner: ---
Labels: -mstone-5 Mstone-6
May 19, 2010
Not sure if it warrants a new Mac-specific issue, but it would be great to have a Safari-like behavior, where the 
proxy settings are read from the System Preferences' Network pane. For folks who want something else for their 
browser, that could be achieved through commandline arguments and/or a setting in "Under the Hood". Just my 
5 Rands.
May 19, 2010
abubious: Chrome already reads proxy settings from the System Preferences'
Network pane on the Mac.  If it's not working, please file a bug report.
(Search for "OS:mac proxy" first to see if there is an existing bug that
covers your issue.)
May 24, 2010
Hey Lei,

Wanna try a network patch :)?  Feel free to punt it back to me.
Status: Assigned
May 24, 2010
Sure, I'll take it.
Labels: -Size-Medium
May 24, 2010
thestig: thanks for your help.  Please ask cbentzel and
ahendrickson to review your changelists and cc eroman.
Jul 12, 2010
What's the status on this?
Jul 12, 2010
Work in process.
Status: Started
Jul 19, 2010
Change back to mstone-6 if this gets in today.
Labels: -Mstone-6 Mstone-7
Sep 23, 2010
Sorry I never finished this. Punting for now. 
Status: Available
Owner: ---
Labels: -Mstone-7 Mstone-8
Oct 18, 2010
(No comment was entered for this change.)
Labels: -Mstone-8 Mstone-X
Apr 6, 2011
(No comment was entered for this change.)
Labels: Internals-Network-Auth
Jul 6, 2011
szym is going to look at this as a starter bug. 
Status: Assigned
Dec 12, 2011
+1 for comment 11 (the --proxy-user-and-password=USERNAME:PASSWORD commandline option)
There are times when we want to use a proxy, as a one-off, that is password-protected. Another use case is having two chromium shortcut icons, one to use the internet directly, the other to use a password-protected proxy.
Dec 13, 2011
A --proxy-user-and-password=USERNAME:PASSWORD is a security risk. Anybody connected to the machine can see the user name and password by inspecting the process list.

I don't know whether szym is still working on this.

As a workaround for the mean time: The Web Request API can be used to deliver a password without a password prompt. You can write an extension that sets the proxy (with the Proxy Settings API) and delivers the password (with the Web Request API). You could load this extension conditionally with --load-extension.
Dec 13, 2011
Re: comment #33
Password on the commandline is a classic unix potential security risk, and it is good to point it out and think about it. However it is not automatically a security problem, and if you think about typical situations where proxies (and Chromium) are used, it is not going to be a risk for most people. E.g. single-user machines (often behind a firewall). In an office or school, everyone may in fact share the same proxy username/password, and will have it taped to their monitor if the browser does not make their life easy!
Aug 8, 2012
(No comment was entered for this change.)
Status: Available
Owner: ---
Nov 20, 2012
Bugs that have been moved 5 or more times. Removing Mstone label.
Labels: -Mstone-X MstoneRemoved
Nov 20, 2012
Bugs that have been moved 5 or more times. Removing Mstone label.
Nov 20, 2012
Bugs that have been moved 5 or more times. Removing Mstone label.
Mar 10, 2013
(No comment was entered for this change.)
Labels: -Internals-Network -Area-Internals -Internals-Network-Auth Cr-Internals-Network-Auth Cr-Internals Cr-Internals-Network
Sign in to add a comment

Powered by Google Project Hosting