Closed
Bug 1244935
Opened 8 years ago
Closed 8 years ago
Weather widget of Meteo France is broken
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: epinal99-bugzilla2, Unassigned)
References
Details
(Keywords: regression)
Attachments
(3 files)
Maybe TE Bug. Weather widget of Meteo France (http://www.meteofrance.com/meteo-widget) is broken. Regression range: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=2cb22c058add&tochange=3094601af679
Keywords: regression
A narrower regression window would likely be helpful.
Keywords: regressionwindow-wanted
Comment 3•8 years ago
|
||
Pushlog: https://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=2e9984133216&tochange=bf8aff9d15d3 Triggered by: c731517a47e8 Masatoshi Kimura — Bug 1124039 - Enable RC4 only if ClientHelloVersion <= TLS 1.0. r=keeler
Blocks: 1124039
Component: Layout → Security: PSM
Comment 5•8 years ago
|
||
I had to download the testcase because it didn't work on bmo due to mixed content blocker. Once I put the file locally, it works for me and I do not see any difference from Chrome/IE. Could you attach a screenshot explaining the issue? Or is this already fixed?
Flags: needinfo?(epinal99-bugzilla2)
You can test this codepen too: http://codepen.io/anon/pen/bEjgYK Screenshot is already joined to the bug report. The issue is the JS script loads CSS sheets via HTTPS: https://www.meteofrance.com/mf3-base-theme/css/vignette_portrait.css https://www.meteofrance.com/mf3-base-theme/css/pictos.css with RC4 suites: https://www.ssllabs.com/ssltest/analyze.html?d=www.meteofrance.com&s=160.92.49.14
Flags: needinfo?(epinal99-bugzilla2)
Comment 7•8 years ago
|
||
(In reply to Loic from comment #6) > Screenshot is already joined to the bug report. I don't see where is the broken part. Could you attach a screenshot comparing an expected result and actual one? > with RC4 suites: > https://www.ssllabs.com/ssltest/analyze.html?d=www.meteofrance.com&s=160.92.49.14 Looks like the site changed cipher suites. TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 1024 bits FS WEAK 256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 1024 bits FS WEAK 128 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) DH 1024 bits FS WEAK 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 1024 bits FS WEAK 256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) DH 1024 bits FS WEAK 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 1024 bits FS WEAK 128 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits FS WEAK 112 TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) 256 TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) 128 TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) 256 TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) 128 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88) DH 1024 bits FS WEAK 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84) 256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45) DH 1024 bits FS WEAK 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41) 128 In any case, This is a TE bug.
Status: NEW → RESOLVED
Closed: 8 years ago
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Resolution: --- → FIXED
Version: 38 Branch → unspecified
Yes, it's fixed, Meteo France just emailed me to say the SSL certificate has been updated this morning.
Assignee | ||
Updated•5 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•