Closed Bug 1244935 Opened 10 years ago Closed 10 years ago

Weather widget of Meteo France is broken

Categories

(Web Compatibility :: Site Reports, defect)

Product:
Web Compatibility
Component:
Site Reports
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: epinal99-bugzilla2, Unassigned)

References

Details

(Keywords: regression)

Attachments

(3 files)

index.html
247 bytes, text/html
Details
screenshot-widget.png
21.90 KB, image/png
Details
screenshot-widget2.png
34.32 KB, image/png
Details
Attached file index.html
Maybe TE Bug. Weather widget of Meteo France (http://www.meteofrance.com/meteo-widget) is broken. Regression range: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=2cb22c058add&tochange=3094601af679
Keywords: regression
Attached image screenshot-widget.png
A narrower regression window would likely be helpful.
Keywords: regressionwindow-wanted
Pushlog: https://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=2e9984133216&tochange=bf8aff9d15d3 Triggered by: c731517a47e8 Masatoshi Kimura — Bug 1124039 - Enable RC4 only if ClientHelloVersion <= TLS 1.0. r=keeler
Blocks: 1124039
I emailed them.
Keywords: regressionwindow-wanted
Component: Layout → Security: PSM
I had to download the testcase because it didn't work on bmo due to mixed content blocker. Once I put the file locally, it works for me and I do not see any difference from Chrome/IE. Could you attach a screenshot explaining the issue? Or is this already fixed?
Flags: needinfo?(epinal99-bugzilla2)
You can test this codepen too: http://codepen.io/anon/pen/bEjgYK Screenshot is already joined to the bug report. The issue is the JS script loads CSS sheets via HTTPS: https://www.meteofrance.com/mf3-base-theme/css/vignette_portrait.css https://www.meteofrance.com/mf3-base-theme/css/pictos.css with RC4 suites: https://www.ssllabs.com/ssltest/analyze.html?d=www.meteofrance.com&s=160.92.49.14
Flags: needinfo?(epinal99-bugzilla2)
(In reply to Loic from comment #6) > Screenshot is already joined to the bug report. I don't see where is the broken part. Could you attach a screenshot comparing an expected result and actual one? > with RC4 suites: > https://www.ssllabs.com/ssltest/analyze.html?d=www.meteofrance.com&s=160.92.49.14 Looks like the site changed cipher suites. TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 1024 bits FS WEAK 256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 1024 bits FS WEAK 128 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) DH 1024 bits FS WEAK 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 1024 bits FS WEAK 256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) DH 1024 bits FS WEAK 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 1024 bits FS WEAK 128 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits FS WEAK 112 TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) 256 TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) 128 TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) 256 TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) 128 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88) DH 1024 bits FS WEAK 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84) 256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45) DH 1024 bits FS WEAK 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41) 128 In any case, This is a TE bug.
Blocks: RC4-Dependence
No longer blocks: 1124039
Status: NEW → RESOLVED
Closed: 10 years ago
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Resolution: --- → FIXED
Version: 38 Branch → unspecified
Attached image screenshot-widget2.png
Yes, it's fixed, Meteo France just emailed me to say the SSL certificate has been updated this morning.
Product: Tech Evangelism → Web Compatibility
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: