Closed Bug 1441132 Opened 6 years ago Closed 6 years ago

Insecure connection on eurostar.com due to HSTS

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86_64
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1436062
Tracking Flags:
Tracking Status
firefox60 --- affected

People

(Reporter: ato, Unassigned)

References

(
URL
)

Details

(Keywords: site-compat)

Attachments

(1 file)

Screen Shot 2018-02-26 at 12.57.05.png
101.48 KB, image/png
Details 
This is probably more of a web compat issue than security issue, but
in the current Firefox Nightly (2018-02-26) it is not possible to
connect to https://www.eurostar.com due to an HSTS problem.

I haven’t investigated the certificate, but I’m guessing there
is a configuration problem on their side or some new, stricted rule
in Gecko that isn’t yet employed in Blink.

Not seeing a similar error in Safari.
This is caused by the ongoing distrust of Symantec certificates -- you can see that this same issue appears if you use Chrome's Canary branch.

I'm not quite sure how we're tracking these issues, so for now I'm going to mark as a blocker on bug 1434300.
Blocks: 1434300
The answer is that we're duping them over to 1436062.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: