Closed Bug 1508781 Opened 6 years ago Closed 5 years ago

Please set up DNS for product-details.mozilla.org

Categories

(Cloud Services :: Operations: Miscellaneous, task)

Product:
Cloud Services
Component:
Operations: Miscellaneous
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rail, Assigned: rail)

References

Details

Filing to track this for the future. Assigning to myself for now.

Looks like we are ready to go! \o/

  • Jeremy, can you provide the CNAME info we would need to change

  • Eric, would it be you or someone else changing the DNS entries?

Flags: needinfo?(oremj)
Flags: needinfo?(eziegenhorn)

I can flip the DNS cname for you when you're read, sure.

Flags: needinfo?(eziegenhorn)

product-details.mozilla.org should CNAME to productdetails-prod.prod.mozaws.net.

Just a note in case we need to roll back, this is the current record:

✗ dig +noall +answer product-details.mozilla.org
product-details.mozilla.org. 56	IN	CNAME	product-details.public.mdc1.mozilla.com.
product-details.public.mdc1.mozilla.com. 778 IN	A 63.245.208.218
Flags: needinfo?(oremj)

Eric, can you go ahead and flip the DNS please.

Flags: needinfo?(eziegenhorn)
Blocks: 1538115

DNS flipped!

Status: NEW → RESOLVED
Closed: 5 years ago
Flags: needinfo?(eziegenhorn)
Resolution: --- → FIXED

Thank you very much!

https://mozilla.github.io/releasehealth/ is broken since this change, product-details is no longer accessible via javascript:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://product-details.mozilla.org/1.0/firefox_versions.json. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Here are the headers pre-migration:

< server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
< cache-control: max-age=900
< content-type: application/json
< strict-transport-security: max-age=63072000; includeSubDomains
< date: Thu, 04 Apr 2019 14:41:24 GMT
< x-xss-protection: 1; mode=block
< accept-ranges: bytes
< access-control-allow-origin: *
< etag: "208-585b54b5c83e1"
< x-content-type-options: nosniff
< last-modified: Thu, 04 Apr 2019 14:36:23 GMT
< x-frame-options: SAMEORIGIN
< content-length: 520

Post migration:

< content-type: application/json
< content-length: 618
< date: Thu, 04 Apr 2019 14:42:05 GMT
< cache-control: max-age=300
< last-modified: Wed, 03 Apr 2019 15:49:49 GMT
< etag: "f2921f7d2a89f1abfc09d87f49e651f5"
< server: AmazonS3
< strict-transport-security: max-age=31536000
< x-cache: Miss from cloudfront
< via: 1.1 aa850772e2b90ee3a4b9eabaa98dbc07.cloudfront.net (CloudFront)
< x-amz-cf-id: M1ODblMidDPMvTag15Vg2u559tsv5c8b2-32MKHzMk7N4D7xQQmCfw==

Shall I also add x-content-type-options, x-frame-options and x-xss-protection?

Status: RESOLVED → REOPENED
Flags: needinfo?(rail)
Resolution: FIXED → ---

I believe x-frame-options and x-xss-protection are security-related. As you can see the Observatory score https://observatory.mozilla.org/analyze/product-details.mozilla.org dropped to a D, so we should probably add those back.

I've added those headers:

< content-type: application/json
< content-length: 618
< date: Thu, 04 Apr 2019 15:02:01 GMT
< cache-control: max-age=300
< last-modified: Thu, 04 Apr 2019 15:00:04 GMT
< etag: "f2921f7d2a89f1abfc09d87f49e651f5"
< server: AmazonS3
< access-control-allow-origin: *
< x-content-type-options: nosniff
< strict-transport-security: max-age=31536000
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< x-cache: Miss from cloudfront
< via: 1.1 3a9dca02f1ba6ecd49fee9a3ca7fcb81.cloudfront.net (CloudFront)
< x-amz-cf-id: 9INSCq1UH1DeViXdhiFrot-OV0CzOsZvhsYwAF76Vc24Uopf3lb8Lg==
Status: REOPENED → RESOLVED
Closed: 5 years ago5 years ago
Flags: needinfo?(rail)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.