[kde] [Bug 462182] New: HTTP access retries immediately and indefinitely when received proxy authentication required (407)

[Luiz Angelo De Luca]

https://bugs.kde.org/show_bug.cgi?id=462182

            Bug ID: 462182
           Summary: HTTP access retries immediately and indefinitely when
                    received proxy authentication required (407)
    Classification: I don't know
           Product: kde
           Version: unspecified
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: major
          Priority: NOR
         Component: general
          Assignee: unassigned-bugs at kde.org
          Reporter: luizluca at gmail.com
  Target Milestone: ---

Some KDE apps/services like geolocation (location.services.mozilla.org) and
discovery does not deal with HTTP Code 407 correctly. They simply retries on
and on the same connection immediately after it gets 407. The frequency is so
high that it generates dozens of gigabytes of logs. It should, at least, wait a
couple of seconds. 

In my site, the proxy authentication uses kerberos, but NTLM and basic are
still valid options. The issue is that the moment the failed sw runs, it might
not be a valid TGT. Normally you can stop the "DoS attack" signing out/in KDE.

It happens with different KDE apps and maybe it is a QT bug (I also saw that
behavior with OpenSUSE welcome app).

STEPS TO REPRODUCE
1. Configure a proxy that requires authentication
2. Configure KDE to use it (without offering the credentials)
3. Use some affected apps.

OBSERVED RESULT
 4. a wave of failed authentications

EXPECTED RESULT
4. some failed authentications but with a much lower frequency

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: OpenSUSE Tumbleweed 20221120
KDE Plasma Version: 5.26.3
KDE Frameworks Version: 5.100.0
Qt Version: 5.15.7

ADDITIONAL INFORMATION

-- 
You are receiving this mail because:
You are the assignee for the bug.