Closed Bug 1656719 Opened 2 years ago Closed 2 years ago

https-only mode gets stuck at warning screen with first-party isolation in Firefox 79+

Categories

(Core :: DOM: Security, defect, P3)

79 Branch
defect

Tracking

()

RESOLVED DUPLICATE of bug 1647829

People

(Reporter: nortti, Unassigned)

References

(Blocks 2 open bugs)

Details

(Whiteboard: [domsecurity-backlog1])

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0

Steps to reproduce:

I set both dom.security.https_only_mode and privacy.firstparty.isolate to true in about:config (if I set privacy.firstparty.isolate back to false, the bug does not trigger). I then tried to load a http-only page (e.g. http://www.scp-wiki.net/), clicking "Take the Risk and Continue" on the warning screen

Actual results:

I got redirected back to the same screen, no matter how many times I click the button

Expected results:

The page should have loaded over HTTP

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → DOM: Security
Product: Firefox → Core

It seems there might be a problem with the Principal and corresponding Origin Attributes checks, which might be a bigger problem and not only affecting HOM and FPI. We should investigate this one.

Priority: -- → P3
Whiteboard: [domsecurity-backlog1]

Thank you for reporting this issue! Duplicate of bug 1647829

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1647829
You need to log in before you can comment on or make changes to this bug.