How do I write Firefox add-on that automatically enters proxy passwords?

Question

Suppose someone worked for a company that put up an HTTP proxy preventing internet access without password authentication (NTLM, I think). Also suppose that this password rotated on a daily basis, which added very little security, but mostly served to annoy the employees. How would one get started writing a Firefox add-on that automatically entered these rotating passwords?

To clarify: This add-on would not just submit the password; the add-on would programmatically generate it with some knowledge of the password rotation scheme.

Answer 1

This is built into Firefox. Open up about:config, search for 'ntlm'

The setting you're looking for is called network.automatic-ntlm-auth.trusted-uris and accepts a comma-space delimited list of your proxy server uris.

This will make FireFox automatically send hashed copies of your windows password to the proxy, which is disabled by default for obvious reasons. IE can do this automatically because it can use security zones to figure out whether a proxy server is trusted or not.

Blog post discussing this

Answer 2

It's your lucky day - no need for an add-on!

How to configure Firefox for automatic NTLM authentication

1. In Firefox, type about:config into the address bar and hit enter. You should see a huge list of configuration properties.
2. Find the setting named network.negotiate-auth.delegation-uris (the easiest way to do this is to type that into the filter box at top).
3. Double-click this line, and enter the names of all servers for which network authentication is desired, separated by commas. Then press ‘OK’ to confirm.
4. Find the setting network.negotiate-auth.trusted-uris, and set it to the same value used in #3.
5. Find the setting network.ntlm.send-lm-response, and set it to true.
6. Skip steps 7 and 8 if you aren't using a proxy.
7. Open the options dialog (Tools->Options menu), and on the Advanced page, Network tab, press the Connection Settings button to get the proxy configuration dialog:
8. Make sure the correct proxy server is configured, and that the same list of servers is listed in the No Proxy for: entryfield as were set in step #3.
9. Done.