Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

NTLM authorization does not work in FireFox 118.0.1

  • 4 replies
  • 4 have this problem
  • 2 views
  • Last reply by zeroknight

more options

Hello! I have a problem with latest version of FireFox (118.0.1). I have a website running at https://localhost:7230. And Asp .Net Core backend running at http://localhost:5205/, the authorization is configured to use NTLM.

From the frontend I call: const response = await axios.get("http://localhost:5205/Users/GetUser", {

   params: null,
   withCredentials: true

});

and it works in Chrome and in previous FireFox 117.0.1, but doesn't work in FireFox 118.0.1.

I've checked the request-headers, they are the same except for the version in User-Agent. I guess this has something to do with the security settings. I looked at the patch notes but didn't see anything similar to my problem.

What was changed in the latest version and how can I fix this?

Hello! I have a problem with latest version of FireFox (118.0.1). I have a website running at https://localhost:7230. And Asp .Net Core backend running at http://localhost:5205/, the authorization is configured to use NTLM. From the frontend I call: const response = await axios.get("http://localhost:5205/Users/GetUser", { params: null, withCredentials: true }); and it works in Chrome and in previous FireFox 117.0.1, but doesn't work in FireFox 118.0.1. I've checked the request-headers, they are the same except for the version in User-Agent. I guess this has something to do with the security settings. I looked at the patch notes but didn't see anything similar to my problem. What was changed in the latest version and how can I fix this?
Attached screenshots

Modified by romannt

All Replies (4)

more options

Run mozregression between 117 and 118 to find the breaking change.

more options

I have found the exact commit with the breaking change: Bug 580353 Asynchronous cross origin XMLHttpRequest doesn't expose 401 response when withCredentials is false https://bugzilla.mozilla.org/show_bug.cgi?id=580353

Modified by romannt

more options

The content of the Build Info panel from the screenshot in the previous message: app_name: firefox build_date: 2023-08-15 18:14:55.142000 build_file: C:\Users\Magic\.mozilla\mozregression\persist\952cbc6e01a0-pgo--autoland--target.zip build_type: integration build_url: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/Heu8jc2sT5SLqpy_JjxNYw/runs/0/artifacts/public%2Fbuild%2Ftarget.zip changeset: 952cbc6e01a0efabde94b34a5c6dfdc9658f4c06 pushlog_url: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=232191c3ef9861082467fea69f62c9b7fffb3a1c&tochange=952cbc6e01a0efabde94b34a5c6dfdc9658f4c06 repo_name: autoland repo_url: https://hg.mozilla.org/integration/autoland task_id: Heu8jc2sT5SLqpy_JjxNYw

more options

The regressing change has been backed out already so it's a matter of it riding the trains.