Closed Bug 1218924 Opened 9 years ago Closed 9 years ago

Accept-Encoding: "br" only sent for https requests

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Version:
44 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX
Tracking Flags:
Tracking Status
firefox44 --- affected

People

(Reporter: nick, Unassigned)

Details

In FF Nightly 44.0a1 (2015-10-27), when I open https://github.com/, I see the request header: `Accept-Encoding: gzip, deflate, br`. When I visit http://localhost I see: `Accept-Encoding: gzip, deflate`.  How come brotli is not enabled for both?
this is intentional. intermediaries have been shown to break in the presence of non traditional encodings in the past and we're not bringing new features to http contexts anymore.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
btw if you're saying that localhost should be considered a secure context - not making a general query about http://example - that's probably true. We don't have a firefox wide defintion of secure context yet (which would probably include localhost http://) - when we do brotli should be available on it.. for now we're using https://
So I just created a self signed cert.  This also doesn't work for https://localhost.  I had to add a security exception, which I told FF not to remember.

Is it the case that Firefox does not consider self signed certs a "secure context?"
the brotli code is only looking at the scheme - it is unaware of whether or not there was a certificate exception (self signed is fine).
oops, yep nvm.  With the self signed cert, I tried FF 41, not 44.  My bad.
You need to log in before you can comment on or make changes to this bug.