some website link are read as file in local pc not as a website

UNCONFIRMED
Unassigned

Status

()

Product:
Core
Component:
Networking: HTTP
Importance:
P3
normal
Status:
UNCONFIRMED
Reported:
2 years ago
Modified:
4 months ago

People

(Reporter: libya121libya, Unassigned)

Tracking

Version:
51 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [necko-backlog])

Attachments

(1 attachment)

file not found.jpg
110.70 KB, image/jpeg
Details
(Reporter)

Description

2 years ago 
Created attachment 8843940 [details]
file not found.jpg

User Agent: Mozilla/5.0 (Windows NT 10.0; rv:51.0) Gecko/20100101 Firefox/51.0
Build ID: 20170125094131

Steps to reproduce:

open http://parse-api-vpc-2122016640.us-east-1.elb.amazonaws.com/ and you will see that fire fox read the website as a local file and he can't found it 

if you try add modam3r to link like this http://modam3rparse-api-vpc-2122016640.us-east-1.elb.amazonaws.com/ now you will see "Server not found"


Actual results:

in normal if try visit a website and it not exist or stop working will see response that tell you server not found or something like that but in this case when i pen-test a twitter company used firefox and visit http://parse-api-vpc-2122016640.us-east-1.elb.amazonaws.com it show something different " file not found " will that should not be a good response cuz this not file it website .
now if try visit http://modam3rparse-api-vpc-2122016640.us-east-1.elb.amazonaws.com/  you will see a normal response tell this site not found 



Expected results:

it should not show a Unacceptable response that can make a user hard to understand over your browser 
this test on chrome, edge all of theme show error server not found only your browser show file not found

Comment 1

2 years ago 
The website says:
HTTP/1.1 410 Gone
Content-Type: application/octet-stream
Date: Mon, 06 Mar 2017 13:11:00 GMT
Server: nginx/1.6.0
Content-Length: 57
Connection: keep-alive


Google Chrome shown an error page with ERR_INVALID_RESPONSE.

Microsoft Edge is received the 410 error but show an error message "Parse.com has shutdown - https://parseplatform.github.io/" from the site through unknown source.


"Server not found" is domain name as not found from DNS server.
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
 (Reporter)

Updated

2 years ago
Group: core-security

Comment 2

2 years ago 
I agree the error message looks confusing but I don't see any evidence of a security problem.
Group: core-security
 (Reporter)

Comment 3

2 years ago 
 hi Benjamin ,
when firefox read a site like this it look there are something should fix her , even this a security problem or design issues
Flags: needinfo?(libya121libya)
Whiteboard: [necko-backlog]
 (Reporter)

Updated

4 months ago
Flags: needinfo?(libya121libya)
You need to log in before you can comment on or make changes to this bug.