Strict Transport Security redirect doesn't work in private browsing

RESOLVED WORKSFORME

Status

()

Core
Security
RESOLVED WORKSFORME
3 years ago
3 years ago

People

(Reporter: costa, Unassigned)

Tracking

34 Branch
x86_64
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0
Build ID: 20141127111021

Steps to reproduce:

Set up my website to add Strict-Transport-Security

res.setHeader('Strict-Transport-Security', 'max-age=8640000; includeSubDomains');

Visited my site, and then on subsequent visits it forwarded to https://...


Actual results:

But, in a private window, the redirect doesn't work no matter how many times I visit the site.


Expected results:

My guess is that this feature should work in private browsing mode, but I'm not certain of that.

Updated

3 years ago
Component: Untriaged → Security
Product: Firefox → Core
Do you have a publicly-accessible url we can reproduce the issue on? That would help us fix this faster. Thanks!
Flags: needinfo?(costa)
(Reporter)

Comment 2

3 years ago
Hmmm... it appears to be working just fine now. Perhaps the issue was with my host... nope, works on mybluemix.net too.

Sorry I wasn't more helpful, thanks so much to whomever and however that got resolved : )
Flags: needinfo?(costa)
No worries - feel free to re-open this if you encounter the problem again :)
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.