HSTS priming violates HTTP standard for non-standard ports

VERIFIED DUPLICATE of bug 1328460

Status

()

Core
Networking: HTTP
--
major
VERIFIED DUPLICATE of bug 1328460
9 months ago
9 months ago

People

(Reporter: heidi, Unassigned)

Tracking

({regression, reproducible})

51 Branch
regression, reproducible
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

9 months ago
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Build ID: 20161208153507

Steps to reproduce:

Firefox 51 is broken for sites that load any content from non-standard ports if HSTS priming is attempted. Loading any page that refers to such content will cause long delays if the server doesn't detect the malformed request early and terminates the connection. Firefox flagrantly violates RFC 2616/7230 with this behavior, which states:

   An implementation is considered conformant if it complies with all of
   the requirements associated with the roles it partakes in HTTP.

   Conformance includes both the syntax and semantics of protocol
   elements.  A sender MUST NOT generate protocol elements that convey a
   meaning that is known by that sender to be false.  A sender MUST NOT
   generate protocol elements that do not match the grammar defined by
   the corresponding ABNF rules.  Within a given message, a sender MUST
   NOT generate protocol elements or syntax alternatives that are only
   allowed to be generated by participants in other roles (i.e., a role
   that the sender does not have for that message).


Actual results:

Firefox attempts to send a TLS request to the plaintext HTTP socket, which the server does not understand, making the connection stall until it times out. The followup request is delayed until this timeout occurs.


Expected results:

Firefox should only send a conformant plaintext request to a HTTP socket, as per the HTTP standard.
(Reporter)

Updated

9 months ago
Severity: normal → blocker
Hardware: Unspecified → All

Updated

9 months ago
Severity: blocker → normal
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
[Tracking Requested - why for this release]: Regression

I can confirm this.
Blocks: 1246540, 1246537
Severity: normal → major
Status: UNCONFIRMED → NEW
status-firefox51: --- → affected
status-firefox52: --- → affected
status-firefox53: --- → affected
status-firefox54: --- → affected
tracking-firefox51: --- → ?
tracking-firefox52: --- → ?
tracking-firefox53: --- → ?
tracking-firefox54: --- → ?
Ever confirmed: true
Keywords: regression
OS: Unspecified → All
Jason, who can we assign to this bug?
Flags: needinfo?(jduell.mcbugs)
Has Regression Range: --- → yes
Has STR: --- → yes
Keywords: reproducible
This is a duplicate of 1328460.
Status: NEW → RESOLVED
Last Resolved: 9 months ago
Resolution: --- → FIXED
Resolution: FIXED → DUPLICATE
Duplicate of bug: 1328460
cleaning + dropping ni
No longer blocks: 1246537, 1246540
Status: RESOLVED → VERIFIED
status-firefox51: affected → ---
status-firefox52: affected → ---
status-firefox53: affected → ---
status-firefox54: affected → ---
tracking-firefox51: ? → ---
tracking-firefox52: ? → ---
tracking-firefox53: ? → ---
tracking-firefox54: ? → ---
Flags: needinfo?(jduell.mcbugs)
You need to log in before you can comment on or make changes to this bug.