Closed Bug 1593138 Opened 5 years ago Closed 5 years ago

Firefox fails to proxy requests to 127.0.0.1 regardless of the proxy settings.

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1535581

People

(Reporter: pauljt, Unassigned)

References

Details

Firefox fails to proxy requests to 127.0.0.1 regardless of the proxy settings.

STR:

  1. configure a proxy to listen and intercept (e.g. OWASP ZAP). Make sure "No Proxy For" options is blank (i.e. no exceptions)
  2. navigate to 127.0.0.1:1234 (or similar, doesn't actually need a server to be listening)

Expected:
You should see an error frmo the proxy saying no server etc

Actual:
The request doesnt get proxied.

NB: If you change the address to 0.0.0.0:1234 you will see the proxy intercept the request. It sounds similar to 1354269 but not sure.

PS Im testing this on OSX, FF72. But confirmed in release (OSX FF70 too. )

Hello Paul,
From Firefox 67, Bug 1507110 prevents proxy-ing localhost to avoid the vulnerable-by-omission issue.
Set network.proxy.allow_hijacking_localhost if we want to opt-out.

In 69, Bug 1562084 provides some description for the fact. I guess that's what we can do.
You can see the warning below the "No Proxy For" box.

Thanks for reporting this.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE

Ha thanks Junior, I had no idea (and obviously didn't see the warning below the box). Hello pentesters who find this "bug" when you do the same thing! :)

You need to log in before you can comment on or make changes to this bug.