Closed Bug 1370861 Opened 6 years ago Closed 6 years ago

Mixed content for localhost request

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Version:
55 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 903966

People

(Reporter: homakov, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Steps to reproduce:

Need to send a request to 127.0.0.1 from https page for internal system request. 


Actual results:

Requests to localhost are blocked from https:// pages because of Mixed content warnings


Expected results:

There's no need to block localhost as there's no way to MitM local requests. No blocking should happen
This will be fixed with Firefox 55.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Component: Untriaged → Security
Product: Firefox → Core
Resolution: --- → DUPLICATE
Regression? Doesn't work on 56.0a1 (2017-06-16) (64-bit)
var x=new WebSocket('ws://127.0.0.1:3101') 
SecurityError: The operation is insecure.
You need to log in before you can comment on or make changes to this bug.