Open Bug 1613063 (https-only-mode) Opened 4 years ago Updated 8 days ago

[meta] HTTPS Only Mode

Categories

(Core :: DOM: Security, enhancement, P3)

Product:
Core
Component:
DOM: Security
Type:
enhancement

Tracking

()

Status:
ASSIGNED

People

(Reporter: ckerschb, Assigned: freddy)

References

(Depends on 50 open bugs, Blocks 1 open bug)

Details

(Keywords: meta, Whiteboard: [domsecurity-meta])

Attachments

(1 obsolete file)

Currently, if a Firefox user types foo.com in the address bar then our internal machinery establishes an HTTP connection to foo.com. Within this project we will expose a preference which allows end users to opt into an 'HTTPS Only' mode which tries to establish an HTTPS connection rather than an HTTP connection for foo.com. Further, we will upgrade all subresources within the page to load using https instead of http.

Implementation considerations:

  • For top-level loads which encounter a time-out we could provide some kind of error page with a button which would allow the end user to load the requested page using http.
  • For subsource loads we could fail silently and just log some info to the console.
Assignee: nobody → jgaibler
Status: NEW → ASSIGNED
Type: defect → enhancement
Priority: -- → P3
Whiteboard: [domsecurity-active]
Blocks: 459495
Summary: Experimental: HTTPS Only Mode → [meta] Experimental: HTTPS Only Mode
Whiteboard: [domsecurity-active] → [domsecurity-meta]
Depends on: 1620242
Depends on: 1620244
Attachment #9126109 - Attachment description: Bug 1613063 - Experimental: HTTPS Only Mode. r=ckerschb → Bug 1620242 - Basic implementation for HTTPS Only Mode. r=ckerschb

Comment on attachment 9126109 [details]
Bug 1620242 - Basic implementation for HTTPS Only Mode. r=ckerschb

Revision D62590 was moved to bug 1620242. Setting attachment 9126109 [details] to obsolete.

Attachment #9126109 - Attachment is obsolete: true
Depends on: 1622028
Depends on: 1622822
Alias: https-only-mode
Depends on: 1625156
Depends on: 1625448
Depends on: 1627206
Depends on: 1622399
Blocks: 1067293
See Also: → 1628831
Depends on: 1629169
Depends on: 1631380
Depends on: 1631384
Depends on: 1640853
Depends on: 1642387
Depends on: 1644146
Depends on: 1644148
Depends on: 1644152
Depends on: 1644456
Depends on: 1647033
Depends on: 1647336
Depends on: 1647719
Depends on: 1647829
No longer depends on: 1647719
Depends on: 1650779
Depends on: 1651197
Depends on: 1651198
Depends on: 1651209
No longer depends on: 1651198
No longer depends on: 1644148
Depends on: 1653026
Depends on: 1653898
Depends on: 1653973
Depends on: 1656027
Depends on: 1656719
Depends on: 1657348
Depends on: 1657583
Depends on: 1060546
Depends on: 1657681
Depends on: 1657891
Depends on: 1658264
Depends on: 1658265
Depends on: 1658266
Depends on: 1658267
Depends on: 1658283
Depends on: 1658323
Depends on: 1658325
Depends on: 1658594
Depends on: 1658921
Depends on: 1658924
Depends on: 1655329
Depends on: 1659115
Depends on: 1661077
Depends on: 1661275
Blocks: 1661892
No longer blocks: 1661892
Depends on: 1661892
Depends on: 1660945
Depends on: 1662359
Depends on: 1662710
Depends on: 1665057
Depends on: 1665062
Depends on: 1669424
Depends on: 1669898
Depends on: 1670381
Blocks: 1670406
No longer blocks: 1670406
Depends on: 1670406
Depends on: 1670765
Depends on: 1671060
Depends on: 1671122
Depends on: 1671181
Depends on: 1671291
Depends on: 1671499
Depends on: 1671846
Depends on: 1671882
Depends on: 1671911
Depends on: 1672153
No longer depends on: 1670381
Depends on: 1670381
Depends on: 1673010
Depends on: 1673256
Depends on: 1673598
Depends on: 1674226
Depends on: 1674427
Depends on: 1675533
Depends on: 1674859
Depends on: 1676227
Depends on: 1678252
Depends on: 1670659
Depends on: 1678306
Blocks: https-everything
Depends on: 1678575
Depends on: 1678870
Depends on: 1679630
Depends on: 1678843
See Also: → 1618896
Depends on: 1678719
Depends on: 1681827
Depends on: 1683015
Depends on: 1683382
Depends on: 1685529
Depends on: 1685862
Depends on: 1686770
Depends on: 1686756
Depends on: 1687722
Depends on: 1687969
Depends on: 1688038
Depends on: 1687639
Depends on: 1690276
Depends on: 1689133
Depends on: 1691388
Depends on: 1691449
Depends on: 1691888
Depends on: 1694932
Depends on: 1696954
Assignee: julianwels → ckerschb
Depends on: 1696847
Depends on: 1699421
Depends on: 1700378
Depends on: 1703699
Depends on: https-first-mode
No longer depends on: 1658924
Summary: [meta] Experimental: HTTPS Only Mode → [meta] HTTPS Only Mode
Depends on: 1672478
Depends on: 1717797
Depends on: 1717793
Depends on: 1716586
Depends on: 1714661
Depends on: 1719770
Depends on: 1717380
Depends on: 1722696
Depends on: 1724080
Depends on: 1725747
Depends on: 1727049
Depends on: 1727292
Depends on: 1726955
Depends on: 1728981
Depends on: 1729668
Depends on: 1730920
Depends on: 1725423
Depends on: 1736456
Depends on: 1737359
Depends on: 1746844
Depends on: 1746069
Depends on: 1755742
Depends on: 1757297
Depends on: 1764702
Depends on: 1768457
Depends on: 1739714
Depends on: 1747535
Depends on: 1769786
Depends on: 1774159
Depends on: 1778291
Depends on: 1780793
Depends on: 1751105
Depends on: 1781772
Severity: normal → S3
Depends on: 1764703
Depends on: 1798276
Depends on: 1799711
Depends on: 1804684
Assignee: ckerschb → fbraun
Depends on: 1821012
Depends on: 1828063
Depends on: 1720458
Depends on: 1848117
Depends on: CVE-2023-6211
Depends on: 1850773
No longer blocks: 1067293
No longer blocks: 459495
Depends on: 1675744
See Also: 1628831
No longer depends on: 1060546
No longer duplicate of this bug: 1158191
Depends on: 1855734
Depends on: 1858565
Depends on: 1858894
Depends on: 1874801
Depends on: 1869995
Depends on: 1882839
Depends on: 1775881
Depends on: 1887796
Depends on: 1900212
Depends on: 1901498
Depends on: 1903292
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: