diff options
Diffstat (limited to 'net/http/http_auth_handler_ntlm_win.cc')
| -rw-r--r-- | net/http/http_auth_handler_ntlm_win.cc | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/net/http/http_auth_handler_ntlm_win.cc b/net/http/http_auth_handler_ntlm_win.cc index fba9c1b..c096aaf 100644 --- a/net/http/http_auth_handler_ntlm_win.cc +++ b/net/http/http_auth_handler_ntlm_win.cc @@ -34,6 +34,31 @@ bool HttpAuthHandlerNTLM::IsFinalRound() { return auth_sspi_.IsFinalRound(); } +bool HttpAuthHandlerNTLM::AllowDefaultCredentials() { + // NOTE: Temporarily disabled. SSO is a potential security risk with NTLM. + // TODO(cbentzel): Add a pointer to Firefox documentation about risk. + + // TODO(cbentzel): Add a blanket command line flag to enable/disable? + // TODO(cbentzel): Add a whitelist regexp command line flag? + // TODO(cbentzel): Resolve the origin_ (helpful if doing already) and see if + // it is in private IP space? + // TODO(cbentzel): Compare origin_ to this machine's hostname and allow if + // it matches at least two or three layers deep? + return false; +} + +int HttpAuthHandlerNTLM::GenerateDefaultAuthToken( + const HttpRequestInfo* request, + const ProxyInfo* proxy, + std::string* auth_token) { + return auth_sspi_.GenerateAuthToken( + NULL, // username + NULL, // password + origin_, + request, + proxy, + auth_token); +} } // namespace net |