Please set up DNS for product-details.mozilla.org
Categories
(Cloud Services :: Operations: Miscellaneous, task)
Tracking
(Not tracked)
People
(Reporter: rail, Assigned: rail)
References
Details
Filing to track this for the future. Assigning to myself for now.
Assignee | ||
Comment 1•5 years ago
|
||
Looks like we are ready to go! \o/
-
Jeremy, can you provide the CNAME info we would need to change
-
Eric, would it be you or someone else changing the DNS entries?
Comment 2•5 years ago
|
||
I can flip the DNS cname for you when you're read, sure.
Comment 3•5 years ago
|
||
product-details.mozilla.org should CNAME to productdetails-prod.prod.mozaws.net.
Just a note in case we need to roll back, this is the current record:
✗ dig +noall +answer product-details.mozilla.org
product-details.mozilla.org. 56 IN CNAME product-details.public.mdc1.mozilla.com.
product-details.public.mdc1.mozilla.com. 778 IN A 63.245.208.218
Assignee | ||
Comment 4•5 years ago
|
||
Eric, can you go ahead and flip the DNS please.
Comment 5•5 years ago
|
||
DNS flipped!
Assignee | ||
Comment 6•5 years ago
|
||
Thank you very much!
Comment 7•5 years ago
|
||
https://mozilla.github.io/releasehealth/ is broken since this change, product-details is no longer accessible via javascript:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://product-details.mozilla.org/1.0/firefox_versions.json. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Comment 8•5 years ago
|
||
Here are the headers pre-migration:
< server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
< cache-control: max-age=900
< content-type: application/json
< strict-transport-security: max-age=63072000; includeSubDomains
< date: Thu, 04 Apr 2019 14:41:24 GMT
< x-xss-protection: 1; mode=block
< accept-ranges: bytes
< access-control-allow-origin: *
< etag: "208-585b54b5c83e1"
< x-content-type-options: nosniff
< last-modified: Thu, 04 Apr 2019 14:36:23 GMT
< x-frame-options: SAMEORIGIN
< content-length: 520
Post migration:
< content-type: application/json
< content-length: 618
< date: Thu, 04 Apr 2019 14:42:05 GMT
< cache-control: max-age=300
< last-modified: Wed, 03 Apr 2019 15:49:49 GMT
< etag: "f2921f7d2a89f1abfc09d87f49e651f5"
< server: AmazonS3
< strict-transport-security: max-age=31536000
< x-cache: Miss from cloudfront
< via: 1.1 aa850772e2b90ee3a4b9eabaa98dbc07.cloudfront.net (CloudFront)
< x-amz-cf-id: M1ODblMidDPMvTag15Vg2u559tsv5c8b2-32MKHzMk7N4D7xQQmCfw==
Shall I also add x-content-type-options, x-frame-options and x-xss-protection?
Comment 9•5 years ago
|
||
I believe x-frame-options and x-xss-protection are security-related. As you can see the Observatory score https://observatory.mozilla.org/analyze/product-details.mozilla.org dropped to a D, so we should probably add those back.
Comment 10•5 years ago
|
||
I've added those headers:
< content-type: application/json
< content-length: 618
< date: Thu, 04 Apr 2019 15:02:01 GMT
< cache-control: max-age=300
< last-modified: Thu, 04 Apr 2019 15:00:04 GMT
< etag: "f2921f7d2a89f1abfc09d87f49e651f5"
< server: AmazonS3
< access-control-allow-origin: *
< x-content-type-options: nosniff
< strict-transport-security: max-age=31536000
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< x-cache: Miss from cloudfront
< via: 1.1 3a9dca02f1ba6ecd49fee9a3ca7fcb81.cloudfront.net (CloudFront)
< x-amz-cf-id: 9INSCq1UH1DeViXdhiFrot-OV0CzOsZvhsYwAF76Vc24Uopf3lb8Lg==
Description
•