Closed Bug 1345839 Opened 7 years ago Closed 7 years ago

problem with SSL_RSA_WITH_3DES_EDE_CBC_SHA post ajax request

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Version:
52 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 702111

People

(Reporter: tal.gershman, Unassigned, NeedInfo)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Steps to reproduce:

I have a tomcat in a remote server. (not localhost)
I am using https protocol with the cihper : SSL_RSA_WITH_3DES_EDE_CBC_SHA
When i am doing a post ajax request( sending data as text) that contains arrays.
I get an error in server.
I also have java 6 and tomcat 6. 

 


Actual results:

In the server my request parameter map is zero.
If i remove the protocol "https" or it i try it on chrome or IE it works fine.


Expected results:

get all the parameters that are send from the client.
Component: Untriaged → Networking
Product: Firefox → Core
Could you provide a live testcase?
Flags: needinfo?(tal.gershman)
What exactly do you need in the live test case?

I can upload you a test environment that you can access from the browser only, is it enough for you?
  
Or do you need any server code or tomcat configuration?
I mean just a live demo (URL) on your server to reproduce the issue (like displaying error message when the test is wrong). Is it possible?
https://aws6.mysp.com/MSP/pages/login.jsp

User: tuser
Password: FireFox1


Reproudce steps:
1. login with the user and password.

2.Click on Create Goal 

3.Input the following:
Title : "the title"
KPI:"the kpi"
End value: "100"

4.Click "create"

Then you will see the error.
Component: Networking → DOM
I tested a little bit with HTTP/2 disabled or TLS 1.1 instead of 1.2, it doesn't change anything.
Is it an internal comment ? or this is refereed to me ?  Please clarify.
Nothing happened when I clicked "Create Goal".
Did you write in the popup: all the required fields and then click create button?
Well, the "Create goal" button should open a popup where you were supposed to fill up the details as i described above.

If the popup is not opening, could you please specify if there are any client errors ?
(In reply to MySP from comment #6)
> Is it an internal comment ? or this is refereed to me ?  Please clarify.

Just some tests. :) I tested with an old version of the browser, FF33, same issue too when creating the goal ticket.
I could open the popup and reproduce TypeError using the space bar instead of a mouse click.

When I set NSS_SSL_CBC_RANDOM_IV=0, TypeError disapers and I could create a Goal. (but non-working mouse issue remains. probably it is a different problem.)

This app is incompatible with 1/n-1 record splitting.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
I can not set NSS_SSL_CBC_RANDOM_IV = 0 in every client user i have.

I saw that this bug only have this workaround solution. I need to find another solution for this.

Does this bug will be fixed in the near future?

Maybe with another cipher that suits preference?
This is not a Firefox bug, but a server one. Therefore we will not fix the "bug". The server should either:
1. handle 1/n-1 split records correctly, or
2. (more preferably) use a more modern cipher.
What ciphers can I use that do support 1/n-1 split record and also compatible with java 6 / tomcat 6.
1/n-1 split record support is nothing specific to ciphers. Your server software is making wrong assumption about reading requests from clients.
This works on IE and Chrome, only Firefox it does not work.

How come this problem doesn't happen in those browser?

I have a server in AWS,tomcat 6 and Java 6.
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.