User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0

Steps to reproduce:

I am trying to provide different proxy basic authentication credentials through proxy.onRequest for different requests, so I cant really use onAuthRequired.

Actual results:

If I return the onRequest Listener like this:
return {type:"http", host:currentProxy.host, port:currentProxy.port};
It works, but it doesn't provide the credentials so I am stuck on the authorization page. But if i return this:
return {type:"http", host:currentProxy.host, port:currentProxy.port, proxyAuthorizationHeader:"Basic "+btoa(currentProxy.username+":"+currentProxy.password)};
It just doesn't proxy the request.

Expected results:

Pass the Value to the Proxy-Authorization header

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Thanks for this report.
Do you see error messages in the browser console? (Ctrl-Shift-J)

Could you also gather some HTTP logs for us? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Use the following modules: timestamp,sync,rotate:200,nsHttp:5,cache2:5,nsSocketTransport:5,nsHostResolver:5,cookie:5,proxy:5

Because this bug's Severity is normal and has not been changed, and this bug's priority is -- (none,) indicating it has has not been previously triaged, the bug's Severity is being updated to -- (default, untriaged.)

Comment on attachment 9168958 [details]
proxy.onError.png

(In reply to Valentin Gosu [:valentin] (he/him) from comment #2)

Thanks for this report.
Do you see error messages in the browser console? (Ctrl-Shift-J)

Could you also gather some HTTP logs for us? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging
Use the following modules: timestamp,sync,rotate:200,nsHttp:5,cache2:5,nsSocketTransport:5,nsHostResolver:5,cookie:5,proxy:5

I also encountered this when I tried to use browser.proxy api. If the browser.proxy.onRequest returns a proxyInfo like below:
{type: 'http', host: '127.0.0.1', port: '12345', proxyAuthorizationHeader:"Basic "+btoa(usr+":"+pwd)}

then browser.proxy.onError will reurn a message ProxyInfoData: ProxyAuthorizationHeader requires type \"https\", and requests are sent directly without proxy.

Now I'm using webRequest.onAuthRequired to bypass this, which needs 2 additional permission webRequest & webRequestBlocking...
(firefox version: 78.10esr, 80.0b5

(In reply to ksusix from comment #5)

then browser.proxy.onError will reurn a message ProxyInfoData: ProxyAuthorizationHeader requires type \"https\", and requests are sent directly without proxy.

I think this just means you should use a https proxy instead of a http one.

(In reply to Valentin Gosu [:valentin] (he/him) from comment #7)

I think this just means you should use a https proxy instead of a http one.

Thanks for the reply, Valentin.
I'm just kind of confused because the documentation of ProxyInfo.ProxyAuthorizationHeader in MDN(link) didn't mention this limitation, and it's using HTTP proxy as an example..

Hey, I have been trying to do a workaround. My aim is to proxy different requests from different tabs differently. If I use onAuthRequired, the browser always saves the authorization credentials for a certain amount of time, whereas I want to submit unique credentials for every Request. I have not found a solution to trigger onAuthRequired on every request, so this workaround doesn't work for me.

I get this message on the debugger console:

Proxy error: ProxyInfoData: ProxyAuthorizationHeader requires type "https"

Searching in Firefox source code leads to this https://hg.mozilla.org/mozilla-central/file/0e6db6c31531004febb037f974d186f671fc6d3b/toolkit/components/extensions/ProxyChannelFilter.jsm#l182.

OK, I understand that mozilla developers are trying to keep me safe by slapping me on the wrist here for trying to use an "http" proxy, but guess what, I don't like being told what to do, I am grown up and I can take care of myself. So please, kindly remove that restriction. There are various reasons to use a Proxy-Authorization header with plain HTTP CONNECT, and none of these are security related, I hope I don't have to write an essay to convince you. You're being paranoid, I hope you aren't thinking to stop me from putting a username/password on a SOCKS request because it's also transmitted in plain text!