Fix for viewer-private/issues/489 - HTTP Basic Auth dialog should not be present

[callumlinden]

Description

When visiting a site that is protected by HTTP Basic Auth, previous Viewer versions would delegate collection of username and password to the Viewer UI - both in 2D in a dialog and in 3D on a prim.

This behavior changed as of Viewer 7.2.2 after the inclusion of CEF v139 where a dialog (appears to be running in a separate process - task bar gets a new icon for each instance for example) is presented. You can still use it to enter the username and password for the site but it's (a) ugly and more importantly (b) a griefing vector - bad actors can create prims that spam URLs requiring basic auth and each will force this username/password dialog to be displayed.

This fix reverts that so that the Viewer is now responsible for presenting UI to deal with credential entry and behaves the same way it has done in the past.

Testing

Please test both in 2D (Media Floater at login page for example) and 3D (create a prim with one face set to a media texture) and visit these URLS:

• https://httpbin.org/basic-auth/user/passwd (up at time of writing but often 503s. Username: user, password: passwd)
• https://authenticationtest.com/ (select Basic HTTP/NTLM Authentication. Username: user, password: pass)
• https://jigsaw.w3.org/HTTP/Basic/ (Username: guest, password: guest)

Try both entering the correct and incorrect credentials (feedback will indicate success/failure).

Note that in 2D, you have enter the credentials twice. This has always been the case.

Details captured in https://github.com/secondlife/viewer-private/issues/489

[brad-linden]

👍