Closed Bug 1148885 Opened 10 years ago Closed 10 years ago

Opportunistic Encryption does not work with HTTP/2 proxy

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: tatsuhiro.t, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36 Steps to reproduce: Access OE (Opportunistic Encryption) enabled web site (e.g., http://nghttp2.org) using HTTP/2 secure proxy Actual results: http://nghttp2.org enabled OE with header field 'h2="nghttp2.org:443"', but Firefox Nightly ignores this and continues to use http/1.1. Meanwhile, if we don't use HTTP/2 secure proxy, Firefox Nightly correctly switches to h2. Expected results: Firefox Nightly should access to alternative service described in Alt-Svc header field and use h2 even if the request was issued via HTTP/2 secure proxy.
Please note that https://nghttp2.org enabled HSTS, so once browser accesses the site with https URI, it locks to https URI. I cleared history and caches and use private browsing to access http URI.
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
so the alt-svc maps are setup for the origin - not for the proxy. This is working as intended. As discussed in the IETF WG - it might make sense to extend PAC so it can have access to a list of alternates and do proxy selection with it - but that's a different effort.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.