Closed
Bug 1198394
Opened 9 years ago
Closed 9 years ago
Enable interception of secure upgraded channels in non-e10s mode
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla44
People
(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)
References
Details
Attachments
(2 files)
1.89 KB,
patch
|
mcmanus
:
review+
|
Details | Diff | Splinter Review |
8.95 KB,
patch
|
jdm
:
review+
|
Details | Diff | Splinter Review |
Those connections fall through nsHttpChannel::HandleAsyncRedirectChannelToHttps() which does an internal redirect which disables interception, so we currently do not intercept the HSTS upgraded channel. Josh, can you please double check?
Flags: needinfo?(josh)
Comment 1•9 years ago
|
||
Note, I'm in the process of changing some redirect stuff over in bug 1184607. Not sure if that effects this or not, but just FYI.
Updated•9 years ago
|
Assignee: nobody → josh
Flags: needinfo?(josh)
Assignee | ||
Updated•9 years ago
|
Assignee: josh → ehsan
Comment 2•9 years ago
|
||
Note: the fetch spec says that the request should be upgraded, and the upgraded request should have the regular interception steps applied to it.
Updated•9 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 3•9 years ago
|
||
Resummarizing this bug to make it only cover the simple non-e10s case. Filed bug 1214305 as a follow-up for e10s support.
Summary: We probably don't intercept HSTS upgraded channels → Enable interception of secure upgraded channels in non-e10s mode
Updated•9 years ago
|
tracking-e10s:
--- → -
Assignee | ||
Comment 4•9 years ago
|
||
Attachment #8673303 -
Flags: review?(mcmanus)
Assignee | ||
Comment 5•9 years ago
|
||
Attachment #8673304 -
Flags: review?(josh)
Updated•9 years ago
|
Attachment #8673303 -
Flags: review?(mcmanus) → review+
Assignee | ||
Comment 6•9 years ago
|
||
Josh: ping?
Comment 7•9 years ago
|
||
Comment on attachment 8673304 [details] [diff] [review] Part 2: Add a test for interception of HSTS upgraded connections Review of attachment 8673304 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/workers/test/serviceworkers/fetch/hsts/hsts_test.js @@ +1,3 @@ > +self.addEventListener("fetch", function(event) { > + if (event.request.url.indexOf("index.html") >= 0) { > + event.respondWith(fetch("realindex.html")); We should explicitly fail the case with "http://" to verify that the upgrade is occurring before the interception.
Attachment #8673304 -
Flags: review?(josh) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/d60204230fb8 https://hg.mozilla.org/integration/mozilla-inbound/rev/2202e541c7b5
Comment 9•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/d60204230fb8 https://hg.mozilla.org/mozilla-central/rev/2202e541c7b5
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox44:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla44
Comment 10•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/d60204230fb8 https://hg.mozilla.org/mozilla-central/rev/2202e541c7b5
You need to log in
before you can comment on or make changes to this bug.
Description
•