User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0 Build ID: 20161208153507 Steps to reproduce: Firefox 51 is broken for sites that load any content from non-standard ports if HSTS priming is attempted. Loading any page that refers to such content will cause long delays if the server doesn't detect the malformed request early and terminates the connection. Firefox flagrantly violates RFC 2616/7230 with this behavior, which states: An implementation is considered conformant if it complies with all of the requirements associated with the roles it partakes in HTTP. Conformance includes both the syntax and semantics of protocol elements. A sender MUST NOT generate protocol elements that convey a meaning that is known by that sender to be false. A sender MUST NOT generate protocol elements that do not match the grammar defined by the corresponding ABNF rules. Within a given message, a sender MUST NOT generate protocol elements or syntax alternatives that are only allowed to be generated by participants in other roles (i.e., a role that the sender does not have for that message). Actual results: Firefox attempts to send a TLS request to the plaintext HTTP socket, which the server does not understand, making the connection stall until it times out. The followup request is delayed until this timeout occurs. Expected results: Firefox should only send a conformant plaintext request to a HTTP socket, as per the HTTP standard.
[Tracking Requested - why for this release]: Regression I can confirm this.
Jason, who can we assign to this bug?
9 months ago
This is a duplicate of 1328460.
cleaning + dropping ni