Closed
Bug 1344695
Opened 8 years ago
Closed 3 months ago
some website link are read as file in local pc not as a website
Categories
(Core :: Networking: HTTP, defect, P3)
Tracking
()
VERIFIED
WORKSFORME
People
(Reporter: libya121libya, Unassigned)
Details
(Whiteboard: [necko-backlog])
Attachments
(1 file)
|
110.70 KB,
image/jpeg
|
Details |
file not found.jpg
User Agent: Mozilla/5.0 (Windows NT 10.0; rv:51.0) Gecko/20100101 Firefox/51.0
Build ID: 20170125094131
Steps to reproduce:
open http://parse-api-vpc-2122016640.us-east-1.elb.amazonaws.com/ and you will see that fire fox read the website as a local file and he can't found it
if you try add modam3r to link like this http://modam3rparse-api-vpc-2122016640.us-east-1.elb.amazonaws.com/ now you will see "Server not found"
Actual results:
in normal if try visit a website and it not exist or stop working will see response that tell you server not found or something like that but in this case when i pen-test a twitter company used firefox and visit http://parse-api-vpc-2122016640.us-east-1.elb.amazonaws.com it show something different " file not found " will that should not be a good response cuz this not file it website .
now if try visit http://modam3rparse-api-vpc-2122016640.us-east-1.elb.amazonaws.com/ you will see a normal response tell this site not found
Expected results:
it should not show a Unacceptable response that can make a user hard to understand over your browser
this test on chrome, edge all of theme show error server not found only your browser show file not found
The website says:
HTTP/1.1 410 Gone
Content-Type: application/octet-stream
Date: Mon, 06 Mar 2017 13:11:00 GMT
Server: nginx/1.6.0
Content-Length: 57
Connection: keep-alive
Google Chrome shown an error page with ERR_INVALID_RESPONSE.
Microsoft Edge is received the 410 error but show an error message "Parse.com has shutdown - https://parseplatform.github.io/" from the site through unknown source.
"Server not found" is domain name as not found from DNS server.
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
|
||
Comment 2•8 years ago
|
||
I agree the error message looks confusing but I don't see any evidence of a security problem.
Group: core-security
hi Benjamin ,
when firefox read a site like this it look there are something should fix her , even this a security problem or design issues
Flags: needinfo?(libya121libya)
|
||
Updated•8 years ago
|
Whiteboard: [necko-backlog]
|
||
Comment 4•8 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
|
|
||
Comment 5•8 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
|
||
Updated•3 years ago
|
Severity: normal → S3
|
||
Comment 10•3 months ago
|
||
The original test site seems to also return "Server not found" because it's truly gone, but another site that returns a 410 does not show the "File not found" error.
Status: UNCONFIRMED → RESOLVED
Closed: 3 months ago
Resolution: --- → WORKSFORME
|
||
Comment 11•3 months ago
|
||
the case of comment 1 looks good in latest version.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•