Closed Bug 1678916 Opened 4 years ago Closed 4 years ago

HTTPS-only mode: "Continue to HTTP site" does nothing

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
Firefox 83
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1680934

People

(Reporter: timvandermeij, Unassigned)

Details

Attachments

(1 file)

linux.jpg
253.94 KB, image/jpeg
Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0

Steps to reproduce:

  1. Configure HTTPS-only mode for all windows in the preferences.
  2. Visit http://3.101.106.178:8877/b732d83ccc03d61/output.txt (log output from a PDF.js test run).
  3. Notice the correct prompt about no HTTPS version being available.
  4. Click the "Continue to the HTTP site" button since it's expected that there is no HTTPS version.

Actual results:

Nothing happens and the prompt stays. The button can be clicked numerous times and nothing will happen.

Expected results:

Redirect to the HTTP version like it does correctly for e.g., neverssl.com. I assume this bug is limited to IP/port URLs.

Hey Tim,
I tried reproducing this issue on the latest versions of Firefox Nightly 85.0a1 (2020-11-26), beta 84.0b4 and release 83.0 and after I click "Continue to HTTP site" it leads me there. I will attach a screenshot of the redirect.

Can you test the issue while in Safe Mode? You can find helpful info here : https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode .
Also a fresh new profile could help. You can find more about creating a new profile here : https://support.mozilla.org/en-US/kb/troubleshoot-and-diagnose-firefox-problems#w_6-create-a-new-firefox-profile .
If possible, you can test this issue on the nightly build as well. Download the build from : https://www.mozilla.org/en-US/firefox/nightly/all/ .

Flags: needinfo?(timvandermeij)
Attached image linux.jpg

Hi Andrei,

Thank you for your response. I tried safe mode, but that didn't solve the issue. Interestingly, a new profile did, so then I looked into the differences with my existing profile, especially since I use Firefox with only one extension (uBlock Origin) and four tweaked about:config values. This helped me find the root cause of the bug, which is the privacy.firstparty.isolate setting. If I set that to true in about:config, the STR in my original comment apply and the button doesn't work. If I set that to false (the default in a clean profile), the button works.

I therefore still think there is a bug here since first-party isolation should be safe to enable, and moreover I don't really see how that would impact the redirect functionality of the HTTPS-only mode. At the very least it's now known exactly which setting causes this behavior for me.

Flags: needinfo?(timvandermeij)

Duplicate of Bug 1680934 ?

Yes, other than the browser console message that I don't see the steps are exactly the same. I'll close this bug in favor of that one.

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: