Nightly and Aurora convert http to https automatically




2 years ago
2 years ago


(Reporter: Ray Satiro, Unassigned)


42 Branch

Firefox Tracking Flags

(Not tracked)




2 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:42.0) Gecko/20100101 Firefox/42.0
Build ID: 20150807030210

Steps to reproduce:

Go to in Nightly or Aurora

Actual results:

Nightly converts the link to

This is a bad idea because they clearly aren't expecting that and the certificate provided by doesn't list it as an alternate name, resulting in this error: uses an invalid security certificate. The certificate is only valid for the following names: *, (Error code: ssl_error_bad_cert_domain)

I ran mozregression but I encountered some errors using it. I ran both the gui and command line tool. I was able to narrow it down to good 2015-07-30 and bad 2015-07-31, then I did the inbounds:

 4:24.85 LOG: MainThread Bisector INFO Narrowed inbound regression window from [54e85cce, 57273aac] (4 revisions) to [104b0bbd, 57273aac] (2 revisions) (~1 steps left)
 4:24.85 LOG: MainThread Bisector INFO Oh noes, no (more) inbound revisions :(
 4:24.85 LOG: MainThread Bisector INFO Last good revision: 104b0bbd714f
 4:24.85 LOG: MainThread Bisector INFO First bad revision: 57273aac7996
 4:24.85 LOG: MainThread Bisector INFO Pushlog:

The problem is I had to do this several times and I'm not convinced mozregression was working properly. I know definitely that 2015-08-07 is bad and 2015-07-20 is good.

Expected results:

If a link is http I'd think it should stay that way unless the host wants https. Otherwise you'll run into certificate errors like this quite often I imagine.
Firefox and other browsers support HSTS

Each Firefox build contains a preloaded list of domains where https will be enforced and depending on the Firefox build date you have different sites in this preloaded list.
The list is maintained by google here: 
The whole domain is in the preloaded list and that explains why https is enforced for

See also
Last Resolved: 2 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.