Closed
Bug 1109053
Opened 9 years ago
Closed 2 years ago
p.fleetonlinesolutions.com supports Export suites, is POODLE vulnerable
Categories
(Web Compatibility :: Site Reports, defect, P5)
Web Compatibility
Site Reports
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: gustavo, Assigned: adamopenweb, NeedInfo)
References
()
Details
(Keywords: webcompat:site-wait, Whiteboard: [sitewait])
Attachments
(3 files)
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0 Build ID: 20141013200257 Steps to reproduce: 1.Go to: https://p.fleetonlinesolutions.com/ 2.Login with your creds 3.Verify that the site doesn't render properly (content misformated) Actual results: The site doesn't render properly - the content is misformated. Tables and menus are unusable. Expected results: The site should render properly.
Reporter | ||
Comment 1•9 years ago
|
||
I used the excellent mozregression tool and got this result: 16:36.38 LOG: MainThread Bisector INFO Last good revision: 40a228f74389 (2013-04-05) 16:36.38 LOG: MainThread Bisector INFO First bad revision: 768af8d8fad4 (2013-04-06) 16:36.38 LOG: MainThread Bisector INFO Pushlog: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=40a228f74389&tochange=768af8d8fad4
Reporter | ||
Comment 2•9 years ago
|
||
Bad rendering on recent versions of Firefox.
Reporter | ||
Comment 3•9 years ago
|
||
OK rendering on old versions of Firefox.
Reporter | ||
Comment 4•9 years ago
|
||
I found during the bissection that in some versions Firefox would popup this message: "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party. Are you sure you want to continue sending this information?" so I wonder if this is security related. I'm attaching an archive with the html/css/js content.
Reporter | ||
Comment 5•9 years ago
|
||
I got it: https://bugzilla.mozilla.org/show_bug.cgi?id=834836 security.mixed_content.block_active_content was set to true by default -> therefore this web portal stopped working.
Reporter | ||
Comment 6•9 years ago
|
||
I will report this to the website owner. The information on this bug will help other users of the same portal technology.
Comment 7•9 years ago
|
||
bugday-20141216 : Secure Connection Failed Error occurs for https://p.fleetonlinesolutions.com/ on firefox.
Flags: needinfo?(pratyasmitamishra)
Reporter | ||
Comment 8•9 years ago
|
||
@pratyasmitamishra@gmail.com That website has yet another problem which is the ssl version that is considered to be unsafe and no longer accepted by default from Firefox 34 on! So, to even reach the login screen one must set security.tls.version.min -> 0
Updated•9 years ago
|
Component: Untriaged → Security: PSM
Product: Firefox → Core
That site has a huge list of things wrong with it: https://www.ssllabs.com/ssltest/analyze.html?d=p.fleetonlinesolutions.com (one of which is it only uses SSL 3.0, which is not secure)
Blocks: POODLEBITE
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Version: 33 Branch → unspecified
Comment 10•9 years ago
|
||
Morphing this bug to be specific to https://p.fleetonlinesolutions.com, because so far all comments have been specific to this site. Regardless, the site now supports TLS 1.0 (but still has other issues).
No longer blocks: POODLEBITE
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Linux → All
Hardware: x86_64 → All
Summary: Goodyear Portal based on SAP Netweaver doesn't render → p.fleetonlinesolutions.com supports Export suites, is POODLE vulnerable
Comment 11•8 years ago
|
||
https://www.ssllabs.com/ssltest/analyze.html?d=p.fleetonlinesolutions.com Still a lot of issues. The markup of this page is… interesting. :) SAP Netweaver Portal It's a portal system which has its templates pre-2000 I guess EPCF: Component com.sap.portal.runtime.logon.certlogon, phlpeidpcfdmhelnjkcfbdfgneobpldk /irj/portalapps/com.sap.portal.design.portaldesigndata/themes/portal/FOS_com_goodyear/prtl_std/prtl_std_nn7.css?7.2.11.0.2 The why I was looking at that is we will be able to find contact information AND on our chances to get it fixed. If not we can close it as WONTFIX. At least the domain really belongs to Goodyear. There is an email address for the domain name dns_admin@goodyear.com There is a contact form https://corporate.goodyear.com/en-US/about/contact-goodyear-corporate.html for customer assistance. I will switch to contactready feel free to contact them and change the keyword to sitewait when done.
Whiteboard: [contactready]
Assignee | ||
Comment 12•8 years ago
|
||
I completed the contact form and provided information about this bug report. I'm not very optimistic that this will get fixed, but it's worth trying.
Assignee: nobody → astevenson
Status: NEW → ASSIGNED
Whiteboard: [contactready] → [sitewait]
Updated•6 years ago
|
Priority: -- → P5
Updated•5 years ago
|
Product: Tech Evangelism → Web Compatibility
Comment 13•5 years ago
|
||
See bug 1547409. Moving webcompat whiteboard tags to keywords.
Keywords: webcompat:site-wait
Comment 14•2 years ago
|
||
I still get "Secure connection failed" on Firefox when accessing the site. On Chrome the site is unreachable.
https://prnt.sc/jFnJ6VH5E1Ba
Tested with:
Browser / Version: Firefox Nightly 101.0a1 (2022-04-05), Chrome 100.0.4844.84
Operating System: Windows 10 Pro
Closing the issue.
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•