HTTP error 500 if proxy and NTLM authentication are used

camueller 2018-05-03 06:36:16 UTC #1

I'm testing a web app loading a script from a remote url via https during initialization. This works if I don't have to use a proxy. If I'm using a proxy (running at localhost:3128) a http error 500 is returned from testcafe:

The proxy is configured in the browser and obviously used by testcafe. I did not specifiy the proxy in testcafe itself via API or command line.

If I use the request URL (pointing to the testcafe proxy at port 1338) manually right after the http 500 error I get http 302 redirecting to some error page:

chrisIAG 2018-05-03 06:56:28 UTC #2

this is the same error I get inside my companies network. Developers have been able to replicate the error yet

MarinaRukavitsyna 2018-05-03 12:07:32 UTC #3

Hello @camueller
TestCafe does not set up proxy, browser and OS settings automatically. You need to define them manually as described in the following help topic:

--proxy: command-line-interface

camueller 2018-05-03 13:58:01 UTC #4

I'm passing the proxy to testcafe using "myUsername:myPassword@wwwproxy:8080". However this still results in http error 500 caused by "Failed to authorize to the proxy at ...". Chrome itself is able to authenticate to the proxy without problems.

MarinaRukavitsyna 2018-05-07 08:29:50 UTC #5

@camueller
I noticed a data mismatch in your posts:

a proxy running at localhost:3128

and

wwwproxy:8080

Please make sure that you entered a correct port, login and password.

camueller 2018-05-07 10:42:59 UTC #7

I used a local proxy for some tests and accessed the company proxy directly for some other tests.

camueller 2018-05-07 10:59:13 UTC #8

The proxy in Testcafe seems to support only HTTP Basic Authorization but not NTLM required by the company proxy.
Therefore I'm using an intermediate proxy capable of NTLM (cntlm). Credentials are set by the intermediate proxy - Testcafe does not have to authorize at the intermediate proxy.
I analyzed the traffic between Testcafe and intermediate proxy (failing with HTTP 407 triggered by the company proxy) and compared it with traffic between curl and the intermediate proxy (succeeding):

While curl sets

Proxy-Connection: keep-alive

Testcafe sets

Connection: close

If I force curl to use the same Connection setting as Testcafe it fails as well with HTTP 407.

camueller 2018-05-07 14:13:13 UTC #9

Are you using "request" library? If so, there is a similar problem: https://github.com/request/request/issues/2766

MarinaRukavitsyna 2018-05-08 10:37:10 UTC #10

@camueller
Yes, at present TestCafe supports only basic authorization for proxy, but not NTLM. I have added a new request to GitHub:

Are you using "request" library?

No, we do not use the "request" library. We process users' requests ourselves.

augustine.uzokwe 2018-05-13 15:43:28 UTC #11

i have similar issue in my company network as well and i tried to describe the issue here https://testcafe-discuss.devexpress.com/t/bad-request-error-when-i-submit-i-form/1209

camueller 2018-05-16 06:31:18 UTC #12

Using a modified version of CNTLM (refer to https://github.com/request/request/issues/2766) as intermediate proxy enables Testcafe to access resources via a proxy requireing NTLM authentication. At least until Testcase supports NTLM itself: https://github.com/DevExpress/testcafe/issues/2377