Closed Bug 1612530 Opened 6 years ago Closed 6 years ago

non standard port in url prevents popup whitelist GPO application and tagging

Categories

(Firefox :: Enterprise Policies, defect)

Product:
Firefox
Component:
Enterprise Policies
Version:
72 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: mr.reed, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0

Steps to reproduce:

Set up a Computer GPO to whitelist our internal company domain in the popup blocker, in the following format :
https://domain.tld
http://domain.tld

Actual results:

The GPO applies properly, both exceptions are listed in the browser settings and the whitelist works fine on all standard URLs.
However, when we try to access a server with the following url format, the setting is ignored and the popup blocker is active : http(s)://server.domain.tld:portnumber

If we try to set up a specific exception for this server in the GPO by adding http(s)://server.domain.tld:portnumber to the whitelist, the entry isn't added by firefox either after proper GPO sync and browser relaunch.

Adding the exception manually in about:preferences works.

Expected results:

The popup exceptions in Firefox should tag urls properly no matter which port is specified for the given whitelisted domain.

The Computer GPO for popup whitelisting should allow for non standard ports to be specified.

Component: Untriaged → Enterprise Policies

Permissions are based on origins not domains, and adding a port creates a different origin.

So each origin (with port) must be explicitly specified.

You said:

If we try to set up a specific exception for this server in the GPO by adding http(s)://server.domain.tld:portnumber to the whitelist, the entry isn't added by firefox either after proper GPO sync and browser relaunch.

Does it still work though even if it is not in the UI?

Are there any errors in about:policies?

Flags: needinfo?(mr.reed)

Thank you for the quick reply.
Origins, not domains, ok, I get it, it's not as all-encompassing as the google chrome equivalent, but I can work with that.

Regarding the second part of the question, a quick glance at about:policies answered it: it was a mistake on my part, I added a path to the whitelisted URL and this prevented firefox from applying the entry.

The issue can be considered as resolved, however, I think a small bit of documentation in the GPO description itself to prevent such mistakes from being made in the future would be a nice addition. I don't know if this specific behavior is documented somewhere else, and it's a failure on my part for not looking properly, but having the information right there would probably help others.

Thanks again.

Flags: needinfo?(mr.reed)

I've updated the documentation to be more specific about ports. Thanks!

Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.