Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: google chrome and new security update 64.0.3282.119



Permlink Replies: 8 - Last Post: Jan 31, 2018 9:29 AM Last Post By: Joel Zimmer
Joel Zimmer

Posts: 68
Registered: 9/24/01
google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 26, 2018 6:19 AM
So Google Chrome has released the security update 64.0.3282.119 and now my users occasionally get a 401.1 Unauthroized error using basic Authentication running under IIS.

Even though they have logged in with their AD account under IIS it starts throughing the following

Detailed Error Information:
Module BasicAuthenticationModule
Notification AuthenticateRequest
Handler ISAPI-dll
Error Code 0x8007052e
Requested URL https://intapp.somewhere.com:443/isapp/asdfUv1FuE7uQbcMXAzrmi0G/$/callback?callback=IWCBTYPE.DoOnAsyncChange
Logon Method Not yet determined
Logon User Not yet determined

Any ideas on this one?
Joel Zimmer

Posts: 68
Registered: 9/24/01
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 27, 2018 3:28 PM   in response to: Joel Zimmer in response to: Joel Zimmer
This appears to be caused when an ajax call is made.
Eitan Arbel

Posts: 508
Registered: 2/24/13
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 28, 2018 4:36 PM   in response to: Joel Zimmer in response to: Joel Zimmer
i didn't use IIS or SSL yet, so this is just a thought in the air... :

1. if you use SSL(https), then maybe update the library ?
2. see if Microsoft have a security update for IIS or maybe even for Window, to match Chrome's security "issue" ?
Joel Zimmer

Posts: 68
Registered: 9/24/01
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 30, 2018 6:13 AM   in response to: Joel Zimmer in response to: Joel Zimmer
Joel Zimmer wrote:
This appears to be caused when an ajax call is made.

And you are doing servercontroller.authbeforenewsession = true;
Alexandre Machado

Posts: 1,754
Registered: 8/10/13
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 30, 2018 12:53 PM   in response to: Joel Zimmer in response to: Joel Zimmer
Joel Zimmer wrote:
So Google Chrome has released the security update 64.0.3282.119 and now my users occasionally get a 401.1 Unauthroized error using basic Authentication running under IIS.

Even though they have logged in with their AD account under IIS it starts throughing the following

Detailed Error Information:
Module BasicAuthenticationModule
Notification AuthenticateRequest
Handler ISAPI-dll
Error Code 0x8007052e
Requested URL https://intapp.somewhere.com:443/isapp/asdfUv1FuE7uQbcMXAzrmi0G/$/callback?callback=IWCBTYPE.DoOnAsyncChange
Logon Method Not yet determined
Logon User Not yet determined

Any ideas on this one?

I'll check what actually changed with this security update and see If I can find something relevant. I'll keep you posted.
Joel Zimmer

Posts: 68
Registered: 9/24/01
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 30, 2018 12:58 PM   in response to: Alexandre Machado in response to: Alexandre Machado
Alexandre Machado wrote:
Joel Zimmer wrote:
So Google Chrome has released the security update 64.0.3282.119 and now my users occasionally get a 401.1 Unauthroized error using basic Authentication running under IIS.

Even though they have logged in with their AD account under IIS it starts throughing the following

Detailed Error Information:
Module BasicAuthenticationModule
Notification AuthenticateRequest
Handler ISAPI-dll
Error Code 0x8007052e
Requested URL https://intapp.somewhere.com:443/isapp/asdfUv1FuE7uQbcMXAzrmi0G/$/callback?callback=IWCBTYPE.DoOnAsyncChange
Logon Method Not yet determined
Logon User Not yet determined

Any ideas on this one?

I'll check what actually changed with this security update and see If I can find something relevant. I'll keep you posted.

If it helps, I can reproduce the issue every time just by calling the dbcombobox.OnAsyncChange event.
Alexandre Machado

Posts: 1,754
Registered: 8/10/13
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 30, 2018 11:19 PM   in response to: Joel Zimmer in response to: Joel Zimmer
If it helps, I can reproduce the issue every time just by calling the dbcombobox.OnAsyncChange event.

Thanks for the info. I'm about to run some tests with it. I'll probably have more information soon.
Alexandre Machado

Posts: 1,754
Registered: 8/10/13
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 30, 2018 11:59 PM   in response to: Joel Zimmer in response to: Joel Zimmer
If it helps, I can reproduce the issue every time just by calling the dbcombobox.OnAsyncChange event.

I've run some tests and couldn't recreate this issue yet... I have basic authentication set, running in IIS with 64.0.3282.119 x64.
Are you running it locally or remote? If you are running remotely, do you have any proxy servers in the middle? Did you try other browsers?
Joel Zimmer

Posts: 68
Registered: 9/24/01
Re: google chrome and new security update 64.0.3282.119
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jan 31, 2018 9:29 AM   in response to: Alexandre Machado in response to: Alexandre Machado
Alexandre Machado wrote:
If it helps, I can reproduce the issue every time just by calling the dbcombobox.OnAsyncChange event.

I've run some tests and couldn't recreate this issue yet... I have basic authentication set, running in IIS with 64.0.3282.119 x64.
Are you running it locally or remote? If you are running remotely, do you have any proxy servers in the middle? Did you try other browsers?

I am running it remotely under ssl with a self signed cert. I am using the AuthBeforeNewSession := true;

There are no proxy servers

I have tested it under IE 11 and Firefox and it works without any issues.
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02