we developed an own Firefox add-on to provide additional functionality to our employees.
Our setup is an Apache web server which provides our internal CMS. The CMS needs authentication via the htaccess.
As soon as the user was logged in tot he CMS successfully on a separate tab also our add-on started to work and loaded the content from the CMS server.
However, since Firefox version 85.0.1 or 85.0.2 – I am currently not sure anymore - our add-on suddently receives 401 authentication required instead of just getting the content.
We tried different things to solve the issue. We already:
- Made an options request before the actual get request and set withCredentials = true
- We added Header set Access-Control-Allow-Credentials "true“ tot he Apache vhost configuration
However, unfortunately, nothing worked. Sometimes, the add-on loads the content for unknown reasons but then again it returns with 401.
I setup a completely new Firefox within the Windows Sandbox and installed the add-on there. At the first time the add-on worked properly even after closing and restarting Firefox and re-authenticate into the CMS several times but after a while the add-on in the Windows Sandbox also refused to work and started to return a 401 error.
We do not have any clue why this happens and what we also could do to solve the issue. Is there any change in the newer Firefox versions which would explain this behaviour?
What would be the propper way to pass the authentication details which were provided by the user in a tab to the add-on?
Thank you very much in advance!