Chrome does not send FTP credentials if Chrome is proxy-aware (explicit)

Article Id: 168389

Status: Published

Updated On: 13-05-2017 11:40

Legacy Id: TECH245009

Products:

ProxySG Software - SGOS

Issue/Introduction:

If credentials for FTP sites are part of the FTP URL GET request (for example, ftp://username:[email protected]), Google Chrome does not send the FTP credentials when Chrome is proxy-aware (explicit) .
When Chrome is configured for explicit proxy and is trying to access an FTP URL that contains the username and password in the URL request, the browser truncates the request. It removes the username and password and then makes the request out to the proxy.

The same behavior has not been observed in a transparent inline deployment; in that deployment, the browser is not proxy-aware.

Cause:

Chrome determines that the session is being intercepted by the man-in-the-middle (the proxy) and does not provide any credentials for security reasons.

Resolution:

For additional information regarding the behavior of Google Chrome, refer to https://support.google.com/chrome/.

Workaround

Have users access the FTP site without the username and the password in the request URL, for example, ftp://someftpsite.com. Because the credentials are not supplied in the URL, the FTP server will then prompt users to enter their credentials.