When you embed a website which will return 307 to a website which require Windows Authentication, Edge might not prompt for credentials. And we will see “Tracking Prevention blocked access for storage for
Cause
When your proxy hostname is in the list of disconnect-tracking-protection /services.json, Edge will use private mode to access the webpage and then it will suppress WIA in 3rd party contexts.
Reference
Solutions
A few options to resolve this issue:
- Use a customized hostname instead of a hostname which is listed in disconnect-tracking-protection/services.json.
- Disable tracking prevention feature
- Set the prevention feature to Basic
Repro
- Download Fiddler Auto Responder rules from NoCredentialDialogIssue.farx
- Access NoCredentialDialogIssueNormalScenario and we will see the credential dialog.
- Access NoCredentialDialogIssueAbnormalScenario and you will see no credential dialog and we will see error “Tracking Prevention blocked access for storage for
" in F12 Console.
Notes
In this repro, we returned 307 to redirect to a proxy URL. In the abnormal scenario, the proxy URL is proxy.fb.com. And in normal scenario, the proxy URL is proxy.com. fb.com is listed in disconnect-tracking-protection /services.json. Then when we try to access proxy.fb.com, we will see below information in net-export log
t=37 [st=0] COMPUTED_PRIVACY_MODE --> privacy_mode = "disabled"
文档信息
- 本文作者:Robin Chen
- 本文链接:https://crushonme.github.io/2023/09/11/NoCredential-dialog-pops-up-with-Edge-In-Special-Scenario/
- 版权声明:自由转载-非商用-非衍生-保持署名(创意共享4.0许可证)
Document Information
- Author :Robin Chen
- Link : https://crushonme.github.io/2023/09/11/NoCredential-dialog-pops-up-with-Edge-In-Special-Scenario/
- Copyright:Attribution-NonCommercial-NoDerivatives-No additional restrictions(CC BY-NC-ND 4.0)
