Closed Bug 1233982 Opened 9 years ago Closed 9 years ago

Entering URL into Address Bar Initiates Connection

Categories

(Firefox :: Address Bar, defect, P1)

Product:
Firefox
Component:
Address Bar
Version:
43 Branch
Platform:
x86_64
macOS
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 46
Tracking Flags:
Tracking Status
firefox43 --- wontfix
firefox44 + fixed
firefox45 + fixed
firefox46 --- fixed

People

(Reporter: bugzilla.mozilla.org, Assigned: mak)

References

Details

(Keywords: privacy, regression, Whiteboard: [fxsearch][unifiedcomplete])

Attachments

(1 file)

MozReview Request: Bug 1233982 - Do not fetch autofill icons from the network. r=adw
58 bytes, text/x-review-board-request
adw
: review+
ritu
: approval-mozilla-aurora+
ritu
: approval-mozilla-beta+
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:43.0) Gecko/20100101 Firefox/43.0 Build ID: 20151216175450 Steps to reproduce: 1. Disable all forms of preloading/prefetching. 2. Disable search engine suggestions in the address bar. 3. Enter an address (shortcut name or URL) into the address bar. Actual results: The first search hit (in the address book or history) initiates a connection to the URL of the hit. Expected results: No connection should be initiated until I confirm the address entered into the address bar. This was the behavior up to and including FF42. With FF43, the incorrect behavior is observed.
Keywords: privacy
OS: Unspecified → Mac OS X
Hardware: Unspecified → x86_64
Component: Untriaged → Location Bar
please post an about:support log. Did you check if that also happens in Safe Mode? Add-ons could be doing that. The urlbar won't fetch anything remotely if search suggestions are really disabled.
Yes, I can confirm it happens in Safe mode. Looking more closely, I think what is happening is that the Location Bar selects the first search hit as soon as I press the letter and then confirms it, causing the URL to fetch. The sequence seems to be: 1. Click into location bar. 2. Press any key. 3. First hit appears. FF immediately initiates a connection. 4. The page is *not* rendered. All of the suggested hit is selected except for the first letter. More hits are shown below the first. I'm not sure what you mean by saying "if search suggestions are really disabled". I did not see any connections with FF <= 42. I am seeing them with FF 43 and I did not change any settings. But if the settings changed between FF 42 and FF 43, it is possible that search suggestions are not really disabled (anymore). Here are the settings I believe to be relevant: browser.search.suggest.enabled;false browser.urlbar.suggest.searches;false
{ "application": { "name": "Firefox", "version": "43.0.1", "buildID": "20151216175450", "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:43.0) Gecko/20100101 Firefox/43.0", "safeMode": true, "updateChannel": "release", "supportURL": "https://support.mozilla.org/1/firefox/43.0.1/Darwin/en-US/", "numTotalWindows": 1, "numRemoteWindows": 0, "remoteAutoStart": false }, "modifiedPreferences": { "accessibility.typeaheadfind.flashBar": 0, "browser.cache.disk.filesystem_reported": 1, "browser.cache.disk.smart_size_cached_value": 358400, "browser.cache.frecency_experiment": 2, "browser.cache.disk.smart_size.first_run": false, "browser.cache.disk.smart_size.use_old_max": false, "browser.cache.disk.capacity": 358400, "browser.download.importedFromSqlite": true, "browser.download.manager.closeWhenDone": true, "browser.download.manager.retention": 0, "browser.newtab.url": "about:blank", "browser.places.smartBookmarksVersion": 7, "browser.search.suggest.enabled": false, "browser.search.update": false, "browser.search.useDBForOrder": true, "browser.sessionstore.upgradeBackup.latestBuildID": "20151216175450", "browser.sessionstore.restore_on_demand": false, "browser.startup.homepage_override.mstone": "43.0.1", "browser.startup.homepage": "doenges.com/blog/", "browser.startup.homepage_override.buildID": "20151216175450", "browser.tabs.onTop": true, "browser.urlbar.userMadeSearchSuggestionsChoice": true, "dom.apps.reset-permissions": true, "dom.w3c_touch_events.expose": false, "dom.mozApps.used": true, "extensions.lastAppVersion": "43.0.1", "font.internaluseonly.changed": true, "gfx.blacklist.direct2d": 3, "gfx.crash-guard.glcontext.deviceID": "0x0126", "gfx.crash-guard.glcontext.appVersion": "43.0.1", "gfx.crash-guard.status.glcontext": 2, "media.gmp-gmpopenh264.lastUpdate": 1447877825, "media.gmp-gmpopenh264.version": "1.5.1", "media.gmp-manager.lastCheck": 1450814059, "media.gmp-gmpopenh264.abi": "x86_64-gcc3-u-i386-x86_64", "media.gmp-manager.buildID": "20151216175450", "network.prefetch-next": false, "network.dns.disablePrefetch": true, "network.cookie.prefsMigrated": true, "network.cookie.lifetimePolicy": 1, "network.predictor.cleaned-up": true, "network.cookie.cookieBehavior": 1, "network.auth.allow-subresource-auth": 2, "network.http.speculative-parallel-limit": 0, "places.database.lastMaintenance": 1449938015, "places.history.expiration.transient_current_max_pages": 104858, "plugin.state.java": 0, "plugin.importedState": true, "plugin.disable_full_page_plugin_for_types": "application/pdf", "plugin.state.wacomtabletplugin": 0, "plugin.state.wacomnetscape": 0, "plugin.state.adobepdfviewernpapi": 0, "print.print_paper_size_unit": 0, "print.print_paper_width": " 8.50", "print.print_to_file": false, "print.print_footerright": "", "print.print_footerleft": "", "print.print_headerright": "", "print.print_margin_top": "0.5", "print.print_footercenter": "&PT", "print.print_command": "", "print.print_unwriteable_margin_top": 12, "print.print_resolution_name": "", "print.print_paper_height": " 11.00", "print.print_scaling": " 1.00", "print.print_unwriteable_margin_right": 12, "print.print_reversed": false, "print.print_paper_data": 0, "print.print_unwriteable_margin_left": 12, "print.print_plex_name": "", "print.print_orientation": 0, "print.print_unwriteable_margin_bottom": 12, "print.print_paper_name": "", "print.print_margin_left": "0.5", "print.print_oddpages": true, "print.print_bgcolor": true, "print.print_bgimages": true, "print.print_downloadfonts": false, "print.print_duplex": 0, "print.print_evenpages": true, "print.print_colorspace": "", "print.print_shrink_to_fit": true, "print.print_margin_right": "0.5", "print.print_headerleft": "", "print.print_margin_bottom": "0.5", "print.print_in_color": true, "print.print_paper_size_type": 1, "print.print_page_delay": 50, "print.print_resolution": 0, "privacy.clearOnShutdown.formdata": false, "privacy.sanitize.timeSpan": 0, "privacy.sanitize.migrateClearSavedPwdsOnExit": true, "privacy.clearOnShutdown.offlineApps": true, "privacy.sanitize.sanitizeOnShutdown": true, "privacy.clearOnShutdown.passwords": false, "privacy.donottrackheader.enabled": true, "privacy.sanitize.migrateFx3Prefs": true, "security.disable_button.openDeviceManager": false, "security.disable_button.openCertManager": false, "security.warn_viewing_mixed": false, "storage.vacuum.last.index": 1, "storage.vacuum.last.places.sqlite": 1449610454 }, "lockedPreferences": {}, "graphics": { "numTotalWindows": 1, "numAcceleratedWindows": 0, "windowLayerManagerType": "Basic", "windowLayerManagerRemote": false, "supportsHardwareH264": "No; ", "numAcceleratedWindowsMessage": [ "" ], "adapterDescription": "", "adapterVendorID": "0x8086", "adapterDeviceID": "0x0126", "adapterRAM": "", "adapterDrivers": "", "driverVersion": "", "driverDate": "", "webglRendererMessage": [ "" ], "info": { "AzureCanvasBackend": "skia", "AzureSkiaAccelerated": 0, "AzureFallbackCanvasBackend": "none", "AzureContentBackend": "quartz" } }, "javaScript": { "incrementalGCEnabled": true }, "accessibility": { "isActive": false, "forceDisabled": 0 }, "libraryVersions": { "NSPR": { "minVersion": "4.10.10", "version": "4.10.10" }, "NSS": { "minVersion": "3.20.1 Basic ECC", "version": "3.20.1 Basic ECC" }, "NSSUTIL": { "minVersion": "3.20.1", "version": "3.20.1" }, "NSSSSL": { "minVersion": "3.20.1 Basic ECC", "version": "3.20.1 Basic ECC" }, "NSSSMIME": { "minVersion": "3.20.1 Basic ECC", "version": "3.20.1 Basic ECC" } }, "userJS": { "exists": false }, "crashes": { "submitted": [], "pending": 0 }, "extensions": [ { "name": "1Password", "version": "4.5.1", "isActive": false, "id": "onepassword4@agilebits.com" }, { "name": "Adobe Acrobat - Create PDF", "version": "1.2", "isActive": false, "id": "web2pdfextension@web2pdf.adobedotcom" }, { "name": "Ghostery", "version": "5.4.9", "isActive": false, "id": "firefox@ghostery.com" }, { "name": "HeaderTool", "version": "0.6.1.1-signed", "isActive": false, "id": "pavesilo@gmail.com" }, { "name": "Hide Tab Bar With One Tab", "version": "1.5.1-signed", "isActive": false, "id": "{e5bbc237-c99b-4ced-a061-0be27703295f}" }, { "name": "HttpFox", "version": "0.8.14.1-signed", "isActive": false, "id": "{4093c4de-454a-4329-8aff-c6b0b123c386}" }, { "name": "HTTPS-Everywhere", "version": "5.1.2", "isActive": false, "id": "https-everywhere-eff@eff.org" }, { "name": "Modify Headers", "version": "0.7.1.1.1-signed", "isActive": false, "id": "{b749fc7c-e949-447f-926c-3f4eed6accfe}" }, { "name": "NoScript", "version": "2.7", "isActive": false, "id": "{73a6fe31-595d-460b-a920-fcc0f8843232}" }, { "name": "Self-Destructing Cookies", "version": "0.4.9", "isActive": false, "id": "jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack" }, { "name": "uBlock Origin", "version": "1.4.0", "isActive": false, "id": "uBlock0@raymondhill.net" } ], "experiments": [] }
(In reply to bugzilla.mozilla.org from comment #2) > Here are the settings I believe to be relevant: > > browser.search.suggest.enabled;false > browser.urlbar.suggest.searches;false This is correct. Based on these settings we should really not do any connection... I still need you to check if the address of the initiated connection the same as the first autocomplete entry or if it is instead trying to fetch a favicon? I can reproduce a favicon fetching, if you are seeing the same it would be great.
Flags: needinfo?(bugzilla.mozilla.org)
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P1
Whiteboard: [fxsearch][unifiedcomplete]
It appears that FF is fetching the facicon of the first autocomplete entry match.
Flags: needinfo?(bugzilla.mozilla.org)
ok, thanks for confirming. this is bad enough for privacy, worth fixing soon.
Assignee: nobody → mak77
Status: NEW → ASSIGNED
Keywords: regression
Also note that if the site that FF initiates a connection to requires SSL client certificates, that will pop up a dialog asking the user to select a cert, which is particularly annoying when you're in the middle of typing something. (This has happened to me multiple times.)
Comment on attachment 8707441 [details] MozReview Request: Bug 1233982 - Do not fetch autofill icons from the network. r=adw Review request updated; see interdiff: https://reviewboard.mozilla.org/r/30703/diff/1-2/
Comment on attachment 8707441 [details] MozReview Request: Bug 1233982 - Do not fetch autofill icons from the network. r=adw I can't figure out how to r+ this from ReviewBoard... I checked Ship It and submitted but it keeps telling me there's a review pending... anyway...
Attachment #8707441 - Flags: review?(adw) → review+
[Tracking Requested - why for this release]:
status-firefox44: --- → affected
status-firefox45: --- → affected
tracking-firefox44: --- → ?
tracking-firefox45: --- → ?
It is a privacy hit, plus it's also a perf hit.
https://hg.mozilla.org/mozilla-central/rev/c8a36bbbde08
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox46: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 46
Comment on attachment 8707441 [details] MozReview Request: Bug 1233982 - Do not fetch autofill icons from the network. r=adw Approval Request Comment [Feature/regressing bug #]: Unified Complete [User impact if declined]: We are fetching icons from the network when completing a domain, we should not for 2 reasons: privacy, performance [Describe test coverage new/current, TreeHerder]: unit tests [Risks and why]: low risk, code changes are simple and limited [String/UUID change made/needed]: none
Attachment #8707441 - Flags: approval-mozilla-beta?
Attachment #8707441 - Flags: approval-mozilla-aurora?
Hello, would you be able to verify that this issue is fixed as expected on a latest Nightly build? Thanks!
Flags: needinfo?(bugzilla.mozilla.org)
Comment on attachment 8707441 [details] MozReview Request: Bug 1233982 - Do not fetch autofill icons from the network. r=adw Since this is a privacy issue and a recent regression, I am taking it in 44 RC1. Also happy to see unit tests to ensure we've tested the fix and to catch future regressions.
Attachment #8707441 - Flags: approval-mozilla-beta?
Attachment #8707441 - Flags: approval-mozilla-beta+
Attachment #8707441 - Flags: approval-mozilla-aurora?
Attachment #8707441 - Flags: approval-mozilla-aurora+
Mak, Wes, Carsten: Would you be able to help land this to m-b asap? I am waiting for this patch to land on beta before requesting beta -> release merge. Thanks!
Flags: needinfo?(wkocher)
Flags: needinfo?(mak77)
Flags: needinfo?(cbook)
Rail mentioned that the patch does not apply cleanly.
https://hg.mozilla.org/releases/mozilla-release/rev/0000b160918f
status-firefox44: affectedfixed
Flags: needinfo?(wkocher)
Flags: needinfo?(mak77)
Flags: needinfo?(cbook)
Flags: needinfo?(bugzilla.mozilla.org)
ehr, I posted the treeherder link instead... Here is the right one. https://hg.mozilla.org/releases/mozilla-aurora/rev/fa70a928f111
status-b2g-v2.5: fixed → ---
[bugday-20160323] Status: RESOLVED,FIXED -> VERIFIED Comments: STR: Without user action, connection is not initiating. Component: Name Firefox Version 46.0b9 Build ID 20160322075646 Update Channel beta User Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0 OS Windows 7 SP1 x86_64 Expected Results: User actions confirm the connection establishment. Actual Results: As expected.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: