Chrome does not send FTP credentials if Chrome is proxy-aware (explicit)

book

Article ID: 168389

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

If credentials for FTP sites are part of the FTP URL GET request (for example, ftp://username:[email protected]), Google Chrome does not send the FTP credentials when Chrome is proxy-aware (explicit) .
When Chrome is configured for explicit proxy and is trying to access an FTP URL that contains the username and password in the URL request, the browser truncates the request. It removes the username and password and then makes the request out to the proxy. 
 
The same behavior has not been observed in a transparent inline deployment; in that deployment, the browser is not proxy-aware.
 

Cause

Chrome determines that the session is being intercepted by the man-in-the-middle (the proxy) and does not provide any credentials for security reasons.

 

Resolution

For additional information regarding the behavior of Google Chrome, refer to https://support.google.com/chrome/.

Workaround

Have users access the FTP site without the username and the password in the request URL, for example, ftp://someftpsite.com. Because the credentials are not supplied in the URL, the FTP server will then prompt users to enter their credentials.