Skip to content

Fix proxy errors during CSA#6679

Merged
psiinon merged 1 commit intozaproxy:mainfrom
thc202:csa-proxy-error
Aug 21, 2025
Merged

Fix proxy errors during CSA#6679
psiinon merged 1 commit intozaproxy:mainfrom
thc202:csa-proxy-error

Conversation

@thc202
Copy link
Copy Markdown
Member

@thc202 thc202 commented Aug 21, 2025
edited
Loading

The proxy that the browser was using could be closed too early when used by Client Script Based Authentication, which could try refresh the page after authentication to trigger more requests and increase the likelihood of obtaining a verification URL.

Fixes exceptions like:

ERROR User - An error occurred while authenticating:
org.openqa.selenium.WebDriverException: Reached error page: about:neterror?e=proxyConnectFailure&u=…&c=UTF-8&d=Firefox%20is%20configured%20to%20use%20a%20proxy%20server%20that%20is%20refusing%20connections.
Build info: version: '4.35.0', revision: '1c58e5028b'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '…', java.version: '…'
Driver info: org.openqa.selenium.firefox.FirefoxDriver
Command: [d0c87c9e-457f-4d7b-8840-25d531f8f779, get {url=…}]
Capabilities {…}
Session ID: d0c87c9e-457f-4d7b-8840-25d531f8f779
	at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(Unknown Source) ~[?:?]
	at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Unknown Source) ~[?:?]
	at java.base/java.lang.reflect.Constructor.newInstance(Unknown Source) ~[?:?]
	at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167) ~[?:?]
	at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:138) ~[?:?]
	at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:50) ~[?:?]
	at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215) ~[?:?]
	at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216) ~[?:?]
	at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174) ~[?:?]
	at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:557) ~[?:?]
	at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:325) ~[?:?]
	at org.zaproxy.addon.authhelper.ClientScriptBasedAuthenticationMethodType$ClientScriptBasedAuthenticationMethod.authenticate(ClientScriptBasedAuthenticationMethodType.java:512) ~[?:?]
	at org.zaproxy.zap.users.User.authenticate(User.java:271) [zap-D-2025-08-18.jar:D-2025-08-18]

@thc202
Fix proxy errors during CSA
b991ee1 
The proxy that the browser was using could be closed too early when
used by Client Script Based Authentication, which could try refresh the
page after authentication to trigger more requests and increase the
likelihood of obtaining a verification URL.

Signed-off-by: thc202 <thc202@gmail.com>
@psiinon
Copy link
Copy Markdown
Member

psiinon commented Aug 21, 2025

Logo
Checkmarx One – Scan Summary & Details28532e37-692f-4932-aeef-e4d4c6677634

Great job! No new security vulnerabilities introduced in this pull request

@psiinon psiinon merged commit 8a7c26f into zaproxy:main Aug 21, 2025
9 checks passed
@github-actions github-actions Bot locked and limited conversation to collaborators Aug 21, 2025
@thc202 thc202 deleted the csa-proxy-error branch August 21, 2025 11:13
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@psiinon psiinon psiinon approved these changes

@kingthorin kingthorin kingthorin approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@thc202 @psiinon @kingthorin