Use correct origin when prompting for proxy authentication.
Since M49, Chrome has been prompting for proxy authentication
credentials using the target origin instead of the origin of the proxy
server. Even if the proxy origin was displayed correctly, a mischievous
network operator could still spoof the proxy server origin. To mitigate
these problems, this CL:
* Fixes the origin used in the proxy authentication login prompt to use
the origin of the proxy server.
* Indicate if the proxy server connection is insecure.
* Always throw up an interstitial and clear the omnibox when showing a
proxy auth prompt.
* Use the correct origin when saving proxy authentication credentials.
9 files changed