problem with SSL_RSA_WITH_3DES_EDE_CBC_SHA post ajax request




2 years ago
2 years ago


(Reporter: tal.gershman, Unassigned, NeedInfo)


52 Branch

Firefox Tracking Flags

(Not tracked)




2 years ago
User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Steps to reproduce:

I have a tomcat in a remote server. (not localhost)
I am using https protocol with the cihper : SSL_RSA_WITH_3DES_EDE_CBC_SHA
When i am doing a post ajax request( sending data as text) that contains arrays.
I get an error in server.
I also have java 6 and tomcat 6. 


Actual results:

In the server my request parameter map is zero.
If i remove the protocol "https" or it i try it on chrome or IE it works fine.

Expected results:

get all the parameters that are send from the client.


2 years ago
Component: Untriaged → Networking
Product: Firefox → Core

Comment 1

2 years ago
Could you provide a live testcase?
Flags: needinfo?(tal.gershman)

Comment 2

2 years ago
What exactly do you need in the live test case?

I can upload you a test environment that you can access from the browser only, is it enough for you?
Or do you need any server code or tomcat configuration?

Comment 3

2 years ago
I mean just a live demo (URL) on your server to reproduce the issue (like displaying error message when the test is wrong). Is it possible?

Comment 4

2 years ago

User: tuser
Password: FireFox1

Reproudce steps:
1. login with the user and password.

2.Click on Create Goal 

3.Input the following:
Title : "the title"
KPI:"the kpi"
End value: "100"

4.Click "create"

Then you will see the error.


2 years ago
Component: Networking → DOM

Comment 5

2 years ago
I tested a little bit with HTTP/2 disabled or TLS 1.1 instead of 1.2, it doesn't change anything.

Comment 6

2 years ago
Is it an internal comment ? or this is refereed to me ?  Please clarify.
Nothing happened when I clicked "Create Goal".

Comment 8

2 years ago
Did you write in the popup: all the required fields and then click create button?

Comment 9

2 years ago
Well, the "Create goal" button should open a popup where you were supposed to fill up the details as i described above.

If the popup is not opening, could you please specify if there are any client errors ?

Comment 10

2 years ago
(In reply to MySP from comment #6)
> Is it an internal comment ? or this is refereed to me ?  Please clarify.

Just some tests. :) I tested with an old version of the browser, FF33, same issue too when creating the goal ticket.
I could open the popup and reproduce TypeError using the space bar instead of a mouse click.

When I set NSS_SSL_CBC_RANDOM_IV=0, TypeError disapers and I could create a Goal. (but non-working mouse issue remains. probably it is a different problem.)

This app is incompatible with 1/n-1 record splitting.
Last Resolved: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 702111

Comment 13

2 years ago
I can not set NSS_SSL_CBC_RANDOM_IV = 0 in every client user i have.

I saw that this bug only have this workaround solution. I need to find another solution for this.

Does this bug will be fixed in the near future?

Maybe with another cipher that suits preference?
This is not a Firefox bug, but a server one. Therefore we will not fix the "bug". The server should either:
1. handle 1/n-1 split records correctly, or
2. (more preferably) use a more modern cipher.

Comment 15

2 years ago
What ciphers can I use that do support 1/n-1 split record and also compatible with java 6 / tomcat 6.
1/n-1 split record support is nothing specific to ciphers. Your server software is making wrong assumption about reading requests from clients.

Comment 17

2 years ago
This works on IE and Chrome, only Firefox it does not work.

How come this problem doesn't happen in those browser?

I have a server in AWS,tomcat 6 and Java 6.
You need to log in before you can comment on or make changes to this bug.