If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Add telemetry for secure transport (HTTP->HTTPS) upgrades

NEW
Unassigned

Status

()

Core
DOM: Security
P3
normal
9 months ago
9 months ago

People

(Reporter: kmckinley, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [domsecurity-backlog1])

(Reporter)

Description

9 months ago
Right now, telemetry for upgrading HTTP->HTTPS is gathered in multiple places, or potentially not gathered at all. For example, https://dxr.mozilla.org/mozilla-central/source/netwerk/base/nsNetUtil.cpp#2206, an 's' character is added to the scheme with no telemetry.

First, find all places where HTTP is upgraded to HTTPS. This could be HSTS or Upgrade-Insecure-Requests, for example.

What to measure:
% of requests upgraded
% of requests upgraded by UIR/HSTS/other
(In reply to Kate McKinley [:kmckinley] from comment #0)
> Right now, telemetry for upgrading HTTP->HTTPS is gathered in multiple
> places, or potentially not gathered at all. For example,
> https://dxr.mozilla.org/mozilla-central/source/netwerk/base/nsNetUtil.
> cpp#2206, an 's' character is added to the scheme with no telemetry.

FWIW, Telemetry for this case is added right underneath:
https://dxr.mozilla.org/mozilla-central/source/netwerk/base/nsNetUtil.cpp#2221
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
You need to log in before you can comment on or make changes to this bug.