401 response seen in inspect mode for few JS, CSS and HTML GET requests in Firefox 62.0.2
Hi Community Experts,
We noticed an issue in FireFox 62.0.2 inspect mode. Following is the problem statement:
Our intranet website is enabled with "Windows Integrated Authentication". Any intranet user within the organization's network are allowed to access our website without being prompted by a login page. There is no issue with this setup. While checking webserver log files, we noticed several JS, CSS and HTML GET requests were ended with 401 response.
We noticed that this issue exist only in Firefox but not in IE or Chrome. On digging further, we also noticed in the inspect node that when a webpage is loading, the dependent JS/CSS files are also being loaded. During that time, a GET request is responded with 401 and immediately the same request is fired by the browser again which succeeded with 200 response. While comparing the request header parameters, we noticed that the 401 responded request header does not have "Authorization" parameter, but the subsequent request has the "Authorization" parameter with a value. Please find the attached snap shots.
Even though this is not breaking anything in the website, we feel this may cause some performance hits in loading the pages. Any pointers will help us to understand, why we are facing this issue only in Firefox and not in any other browser.
Thanks!
Okulungisiwe
All Replies (1)
I think it's normal for the first request to get this response (partial response headers, not cached):
HTTP/1.1 401 Unauthorized WWW-Authenticate: Negotiate WWW-Authenticate: NTLM X-Powered-By: ASP.NET
I assume all browsers need to perform the identical challenge-response to load the page, even if they do not show it in their network panel. Maybe I'm mistaken about that and other browsers have a more intimate handshake with IIS?