In the application we use in our company, we have some HTTP home made server that accepts blank passwords (because auth is done with a database and in our dev environment and some clients we have blank passwords).
I could not find in thr RFC if blank password is forbidden or not, but what I'm sure is that Chrome, IE, Edge... all accept blank password.
I didn't browse all the source code, but in debug version, under Windows with VS2013, I get an assert when I pass a blank password to the callback of CefRequestHandler::GetAuthCredentials() and the application exits.
I found this in the CEF source code:
- Code: Select all
// Verify param: password; type: string_byref_const
DCHECK(!password.empty());
if (password.empty())
return;
This is the assert I get.
Could the CEF be modified to accept blank passwords like Chrome or most of the most known browsers?
Thanks!