Closed
Bug 1345634
Opened 8 years ago
Closed 8 years ago
Windows XP ESR 52 download gives insecure connection warning
Categories
(www.mozilla.org :: Bedrock, defect, P1)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1345416
People
(Reporter: pdol, Unassigned)
Details
Attachments
(1 file)
|
73.56 KB,
image/png
|
Details |
XPInsecureWarning.png
STR:
1. Visit https://www.mozilla.org/en-US/firefox/organizations/all/
2. Click on Windows XP download link (any)
Expected Results:
- I can download Firefox ESR 52 for Windows XP
Actual Results:
- I am presented with an Insecure Connection warning (see attachment)
|
Reporter | |
Comment 1•8 years ago
|
||
pmac: I figured you'd know who to direct this to.
Flags: needinfo?(pmac)
|
|
Reporter | |
Updated•8 years ago
|
Priority: -- → P1
|
|
||
Comment 2•8 years ago
|
||
Looks like the download links are pointing to the staging site allizom.org.
|
|
||
Comment 3•8 years ago
|
||
Also, this is download-*sha1*.allizom.org, which sounds like one of those web heads for XP.
|
||
Comment 4•8 years ago
|
||
The SHA-1 support has been disabled on Firefox 52+, this is an expected behaviour I guess.
|
|
||
Comment 5•8 years ago
|
||
Kohei is right. These download links are for Windows XP users, many of whom can't use a sha256 cert for HTTPS. So we set up a separate bouncer instance at download-sha1.allizom.org because we had a good sha1 cert for *.allizom.org and could no longer purchase a new one. Users on IE on Windows XP can still get this download. Users of other OSes who want that version of Firefox should not click the normal windows link and they will be able to successfully download.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(pmac)
Resolution: --- → WONTFIX
|
||
Comment 6•8 years ago
|
||
Seems like we should show (only!) these download-sha1.allizom.org links to users running IE on XP/Vista (and never to users running a modern browser).
|
|
||
Comment 7•8 years ago
|
||
Ah! You're right. I misinterpreted this one. Showing those links on the /organizations/all/ page was a bug that showed up when the new ESR was released and we began showing both ESR releases on the page. We haven't done this for a while, and the SHA1 links are new since we last enabled it. This was fixed in bug 1345416 and those links are no longer on the page. I'll re-categorize this as a dupe. Apologies for being too hasty with the WONTFIX.
Resolution: WONTFIX → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•