browser_net_send-beacon.js fails with https-first (404 from httpd.js in HTTPS treated as 200?)
Categories
(DevTools :: Netmonitor, task, P2)
Tracking
(firefox97 fixed)
Tracking | Status | |
---|---|---|
firefox97 | --- | fixed |
People
(Reporter: jdescottes, Assigned: bomsy)
References
(Blocks 1 open bug)
Details
Attachments
(3 files)
From my local tests, it seems that 404 errors in HTTPS created by httpd.js are captured by the platform as "200 Connected"
An easy way to trigger this is to force https-first with any test which asserts a 404 status. For instance:
- run
./mach test devtools/client/netmonitor/test/browser_net_send-beacon.js --setpref dom.security.https_first=true
ER: Test should pass
AR: Test fails with Got "200", expected "404"
This is a browser mochitest which tries to make a request for https://example.com/browser/devtools/client/netmonitor/test/beacon_request
This request is done via navigator.sendBeacon, but this has no importance here, I only picked this test as an example because it is the smallest one which asserts a 404 in the netmonitor test suite.
From what I can see, httpd.js (which is the server used for mochitests) sends a response with the proper headers. However the network activity picked up by DevTools will only receive a 200 response.
I will create a smaller test case with a few additional logs to try to illustrate the issue. But I don't believe this is a DevTools issue, so I am a bit stuck in my investigation as I don't know the Necko codebase at all.
Reporter | ||
Comment 1•3 years ago
|
||
This might actually be an issue in DevTools' network observer. In _httpResponseExaminer
(searchfox), I receive a 404 response status for the HTTPS URL, but somehow it gets lost.
Reporter | ||
Comment 2•3 years ago
|
||
Updated•3 years ago
|
Reporter | ||
Comment 3•3 years ago
|
||
Hi Bomsy, could you take a look at the test case attached here?
This test performs 2 requests which should lead to a 404 error, one in HTTPS, one in HTTP.
The one made with HTTPS is logged as a 200 Connected in DevTools, whereas the HTTP one is logged as a 404.
I initially suspected a platform issue, but I am not so sure anymore. I enabled platform events logging in network-observer.js, and we can see that we get a http-on-examine-response
notification for both requests which has a responseStatus of 404
. So I'm not sure why we still display it as a 200 in DevTools. I'll keep looking at this, but it might be easier for you to figure out where the mixup comes from.
Reporter | ||
Comment 5•3 years ago
|
||
It seems that we get different headers though.
Still in network-observer.js, in _onResponseHeader
, we get the following arrays:
- for the HTTPS request:
["HTTP/1.1 200 Connected", "Connection: keep-alive", "", ""]
- for the HTTP request:
["HTTP/1.1 404 Not Found", "content-type: text/html;charset=utf-8", "connection: close", "server: httpd.js", "date: Thu, 30 Sep 2021 17:01:36 GMT", "content-length: 735", "", ""]
Reporter | ||
Comment 6•3 years ago
|
||
:whimboo suggested looking at http logs. This is an extract of the logs generated by running the test uploaded on Phabricator with MOZ_LOG=timestamp,rotate:200,nsHttp:5,nsSocketTransport:5,nsHostResolver:5
. This is only the part which relates to the HTTPS request.
We can see 2 Http Have status line
logs, one with [version=11 status=200 statusText=Connected], the other with [version=11 status=404 statusText=Not Found]
. Not sure how to parse this in more details, maybe it will make more sense to others.
Comment 7•3 years ago
|
||
Valentin could you maybe help out with Julian's question? Looks like that httpd.js returns a 200 instead of a 404 response for a non-existing path. See the last comment for a HTTP log. Thanks!
Assignee | ||
Comment 8•3 years ago
|
||
Just to add, i had a look from the netmonitor devtools end, observeActivity
https://searchfox.org/mozilla-central/rev/eecd2dd4ba630bea4ce103623a4bfb398065b64b/devtools/server/actors/network-monitor/network-observer.js#678 receives (from the platform) both the "HTTP/1.1 200 Connected"
and the "HTTP/1.1 404 Not Found"
sometime later.
We listen for the gActivityDistributor.ACTIVITY_SUBTYPE_RESPONSE_HEADER
here https://searchfox.org/mozilla-central/rev/eecd2dd4ba630bea4ce103623a4bfb398065b64b/devtools/server/actors/network-monitor/network-observer.js#634-635. The extraStringData
is
HTTP/1.1 200 Connected
Connection: keep-alive
but ideally it rather should be
HTTP/1.1 404 Not Found
content-type: text/html;charset=utf-8
connection: close
server: httpd.js
date: Fri, 01 Oct 2021 00:04:42 GMT
content-length: 735
Interestingly we still get the 404 notification sometime later.
So It is not clear were the 200 response is fired from.
Also we seem to be getting a correct 404
notification from http-on-examine-response
as mentioned by Julian in Comment 3.
Note: This does not seem to an issue with real websites.
Comment 9•3 years ago
|
||
The 200 Connected is the response from the proxy connection. The 404 is tunneled through that.
Only the 404 is generated by httpd.js AFAIK, the 200 is from the proxy server.
Not entirely sure where this mismatch is happening. I'll take a more careful look later tomorrow if this isn't much help.
Comment 10•3 years ago
|
||
Right, so the issue is that mChannelId we pass to mActivityDistributor->ObserveActivityWithArgs
is the same for the initial CONNECT and the actual tunneled request. I assume we should report things differently when mConnection->IsProxyConnectInProgress()
Kershaw, do you have a better suggestion?
Comment 11•3 years ago
|
||
(In reply to Valentin Gosu [:valentin] (he/him) from comment #10)
Right, so the issue is that mChannelId we pass to
mActivityDistributor->ObserveActivityWithArgs
is the same for the initial CONNECT and the actual tunneled request. I assume we should report things differently whenmConnection->IsProxyConnectInProgress()
Kershaw, do you have a better suggestion?
I can't think other better suggestion here. So, when mConnection->IsProxyConnectInProgress()
is true, I think we should not report HTTP/1.1 200 Connected
.
:bomsy, could you check if netmonitor
wants to inspect the header of proxy response? If yes, we might need to add a new activity subtype.
Thanks.
Assignee | ||
Comment 12•3 years ago
|
||
:bomsy, could you check if
netmonitor
wants to inspect the header of proxy response? If yes, we might need to add a new activity subtype.
Thanks.
ATM the netmonitor does do anything with the proxy response header. But it might be useful to have as a new activity subtype (if it is not much more effort), as there have been requests for viewing proxy information e.g Bug 1707192, Bug 252142.
Thanks
Comment 13•3 years ago
|
||
(In reply to Hubert Boma Manilla (:bomsy) from comment #12)
:bomsy, could you check if
netmonitor
wants to inspect the header of proxy response? If yes, we might need to add a new activity subtype.
Thanks.ATM the netmonitor does do anything with the proxy response header. But it might be useful to have as a new activity subtype (if it is not much more effort), as there have been requests for viewing proxy information e.g Bug 1707192, Bug 252142.
I'll file a big to do this. Thanks!
Reporter | ||
Updated•3 years ago
|
Comment 14•2 years ago
|
||
Given that the dependency has been fixed now shall we continue to get it fixed? It's still marked as a P2.
Reporter | ||
Comment 15•2 years ago
|
||
It would be nice to get this fixed. I'll defer to Bomsy: do you have a rough idea of what is left on DevTools side to address this?
Assignee | ||
Comment 16•2 years ago
|
||
Updated•2 years ago
|
Comment 17•2 years ago
|
||
Pushed by hmanilla@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/fb65575ef4e3 [devtools] Migrate the remaining tests to http-first r=jdescottes
Comment 18•2 years ago
|
||
bugherder |
Assignee | ||
Updated•2 years ago
|
Description
•