Page MenuHomePhabricator

VisualEditor gives 401 when behind basic auth
Open, Needs TriagePublic

Description

When you run a MediaWiki installation behind basic authentication, VisualEditor reports this error:

Error contacting the Parsoid/RESTBase server (HTTP 401)

This happens because VE does not pass the basic auth credentials with the internal request to rest.php. A workaround is to edit .htaccess to allow requests from 127.0.0.1 to bypass the basic auth, but that's a bad idea on shared hosting because it means that other users can access your wiki contents. Not all shared hosting providers even support such allows in .htaccess.

My suggestion is to forward authentication headers to the internal request, or add an option for that, so that VisualEditor can work with basic auth without needing workarounds at the level of the web server.

Event Timeline

There is a similar feature for forwarding cookies, to be used when MediaWiki's authentication is required view pages: https://www.mediawiki.org/wiki/Extension:VisualEditor#Forwarding_cookies_to_Parsoid.

I'm not really familiar with how that works, but probably something similar can be done for the HTTP basic auth headers.

Alternatively, maybe it's already possible to do this if you hard-code the HTTP username and password into the URL configured in $wgVirtualRestConfig['modules']['parsoid']['url']?

Alternatively, maybe it's already possible to do this if you hard-code the HTTP username and password into the URL configured in $wgVirtualRestConfig['modules']['parsoid']['url']?

Yeah, probably. And if that doesn't work, it could probably be made to work.