1219052 - Proxy: Firefox falls back to direct connection when proxy does not answer

Status: RESOLVED DUPLICATE of bug 1207798

(Core Graveyard :: Security: UI, defect)

Description

[Anon Y. Mous]

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0
Build ID: 20151014143721

Steps to reproduce:

1. Tune Firefox to use any temporary non-working or non-existing proxy eg. localhost:1234 or 0.0.0.0:8080 via network options with manual setting or using PAC, does not matter. Proxy type presumably does not matter too (tried both http and socks). 
2. Open any working URL e.g. google search. When the message about '... proxy which refuses connections' appears, click 'Try Again' button.


Actual results:

The page is loading via direct connection and Firefox will never try using this proxy again, so never warn about non-answering proxy. All traffic runs directly. 
This obviously compromises security for TOR, anti-blocking proxies, or any proxy-based anonymizer users. It breaks the so-called 'black-hole proxy' technology. It makes surfing in non-trusted environments (e.g. wifi hotspots) extremly dangerous. Any restricted configurations like kiosks also could be broken by the issue.



Expected results:

Firefox should keep trying to communicate with specified proxy and show the error message again and again. Optionaly it may suggest user to switch off proxy and use the direct connection (maybe just showing the link to networking options?) with warning about it could be unsecure. 
Firefox should never even try to bypass proxy settings untill such behavoir is distinctly enabled by user or/and admin himself.

Speculation:

This issue can be related with <a href='https://bugzilla.mozilla.org/show_bug.cgi?id=1121800'>bug 1121800</a> which was not a bug at all, but unfortunately was kinda 'fixed'.

Temporary workaround:

Restrict Firefox connectivity by an external firewall. Disable anything but proxy url/port and optional trusted resources.