Closed Bug 1228578 Opened 9 years ago Closed 9 years ago

Change to security model prevents proxies to inform users when they refuse to forward connections

Categories

(Core :: Networking: HTTP, defect)

defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 493699

People

(Reporter: thomas.mangin, Unassigned)

References

()

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7 Steps to reproduce: We are asking our customer to configure an HTTP/HTTPS proxies to surf the web. For policy reason the connection can be refused ( for example kids attempting to access pornographic content ). With HTTPS, the browser get a CONNECT command which includes the name of the remote host. A few months (years) back, browsers where able to return a 302 message (or 403/450) and have the browser display a page explaining the reason for refusing the connection, the is no the case anymore. Actual results: Currently the only thing the proxy can do is to close the TCP connection with the client which presents the "unable to connect" page which is not user friendly. Expected results: The proxy should be able to ask the browser to display some form of message. It could be a fixed page ( access denied ) or let the proxy return some other page / content to the browser. As clearly, the end-user should not be tricked in thinking they are on the expected site, some form of large warning could be associated with any dynamic page displayed. For security reason, this feature could also be a disabled by default. This problem was also discussed on the chromium list: https://groups.google.com/a/chromium.org/forum/#!topic/chromium-bugs/Pj7AP4fF6a4 https://code.google.com/p/chromium/issues/detail?id=125457
Summary: Change to security model prevent proxies to inform users when they refuse to forward connections → Change to security model prevents proxies to inform users when they refuse to forward connections
Also see bug 637619.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Component: Untriaged → Networking: HTTP
OS: Unspecified → All
Product: Firefox → Core
Hardware: Unspecified → All
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.