Accept-Encoding: "br" only sent for https requests

RESOLVED WONTFIX

Status

()

Core
Networking: HTTP
RESOLVED WONTFIX
2 years ago
2 years ago

People

(Reporter: \, Unassigned)

Tracking

44 Branch
Points:
---

Firefox Tracking Flags

(firefox44 affected)

Details

In FF Nightly 44.0a1 (2015-10-27), when I open https://github.com/, I see the request header: `Accept-Encoding: gzip, deflate, br`. When I visit http://localhost I see: `Accept-Encoding: gzip, deflate`.  How come brotli is not enabled for both?
this is intentional. intermediaries have been shown to break in the presence of non traditional encodings in the past and we're not bringing new features to http contexts anymore.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
btw if you're saying that localhost should be considered a secure context - not making a general query about http://example - that's probably true. We don't have a firefox wide defintion of secure context yet (which would probably include localhost http://) - when we do brotli should be available on it.. for now we're using https://
So I just created a self signed cert.  This also doesn't work for https://localhost.  I had to add a security exception, which I told FF not to remember.

Is it the case that Firefox does not consider self signed certs a "secure context?"
the brotli code is only looking at the scheme - it is unaware of whether or not there was a certificate exception (self signed is fine).
oops, yep nvm.  With the self signed cert, I tried FF 41, not 44.  My bad.
You need to log in before you can comment on or make changes to this bug.