fix: default enable_negotiate_port to false #18251
Conversation
|
/trop backport-to 4-2-x |
|
@felixrieseberg is not authorized to run PR backports. |
|
/trop run backport-to 4-2-x |
|
This PR has not been merged yet, and cannot be backported. |
|
Release Notes Persisted
|
|
I was unable to backport this PR to "4-2-x" cleanly; |
|
I have automatically backported this PR to "5-0-x", please check out #18284 |
|
I have automatically backported this PR to "6-0-x", please check out #18285 |
|
A maintainer has manually backported this PR to "4-2-x", please check out #18287 |
1 similar comment
|
A maintainer has manually backported this PR to "4-2-x", please check out #18287 |
* fix: default enable_negotiate_port to false (#18251) * chore: command_line is not a pointer
Description of Change
The default value of this was switched from false to true in this CL, which we inherited as part of the M69 upgrade. I'm unsure, but I think this might be responsible for #17111 and similar Kerberos-related issues. In any case, it makes sense to keep the default the same as before (and the same as Chrome, which forces this option to false, despite the interface defaulting it to true).
See https://chromium.googlesource.com/chromium/src/+/69.0.3497.128/net/http/http_auth_handler_negotiate.cc#142 for some context about what this feature does.
Checklist
npm testpassesRelease Notes
Notes: Fixed a regression in Kerberos SPN generation. In the M69 upgrade, the default for the
enable_negotiate_portoption was inadvertently changed from false to true; this restores the former behavior and aligns with Chromium.