From 3a149a2869be428837c6b128af72aa6e01da9541 Mon Sep 17 00:00:00 2001
From: "darin%netscape.com" <darin%netscape.com>
Date: Mon, 14 Apr 2003 21:35:27 +0000
Subject: [PATCH] fixes bug 201986 "infinite network loop when auth realm
 changes" r=dougt sr=alecf

---
 netwerk/protocol/http/src/nsHttpChannel.cpp | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/netwerk/protocol/http/src/nsHttpChannel.cpp b/netwerk/protocol/http/src/nsHttpChannel.cpp
index 637fa682df3e..170c791558b3 100644
--- a/netwerk/protocol/http/src/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/src/nsHttpChannel.cpp
@@ -1806,8 +1806,11 @@ nsHttpChannel::GetCredentials(const char *challenges,
 
     // proxy auth's never in prehost.  only take user:pass from URL if this
     // is the first 401 response (mIdent holds previously attempted identity).
-    if (!proxyAuth && mIdent.IsEmpty())
+    PRBool identFromURI = PR_FALSE;
+    if (!proxyAuth && mIdent.IsEmpty()) {
         GetIdentityFromURI(authFlags, mIdent);
+        identFromURI = !mIdent.IsEmpty(); 
+    }
 
     const char *host;
     PRInt32 port;
@@ -1875,6 +1878,11 @@ nsHttpChannel::GetCredentials(const char *challenges,
                 }
             }
         }
+        else if (!identFromURI) {
+            // hmm... identity invalid, but no auth entry!  the realm probably
+            // changed (see bug 201986).
+            ident->Clear();
+        }
 
         if (!entry && ident->IsEmpty()) {
             // at this point we are forced to interact with the user to get their