Closed Bug 1847804 Opened 2 years ago Closed 2 years ago

"The connection has timed out" error on licensebureauvancouverwa.com

Categories

(Web Compatibility :: Site Reports, defect, P3)

Product:
Web Compatibility
Component:
Site Reports
Platform:
All
Unspecified
Type:
defect

Tracking

(firefox-esr102 unaffected, firefox-esr115 disabled, firefox116 disabled, firefox117 disabled, firefox118 disabled, firefox119 disabled)

Status:
RESOLVED WORKSFORME
Tracking Flags:
Tracking Status
firefox-esr102 --- unaffected
firefox-esr115 --- disabled
firefox116 --- disabled
firefox117 --- disabled
firefox118 --- disabled
firefox119 --- disabled

People

(Reporter: ksenia, Unassigned)

References

(Blocks 1 open bug, Regression,
URL
)

Details

(Keywords: regression, webcompat:site-wait)

We've received a report in https://github.com/webcompat/web-bugs/issues/125218 where a user is unable to load the site and eventually "The connection has timed out" error is displayed.

To reproduce visit https://www.licensebureauvancouverwa.com/services2/ in Firefox Nightly (118.0a1 (2023-08-07)) on MacOS or Android.

From mozregression:

17:04.04 INFO: Last good revision: 0846d258566e1b31da040b6cd5e4ff5b8a20974d
17:04.04 INFO: First bad revision: 70dec260867a04a285867e0586434475917f480d
17:04.04 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=0846d258566e1b31da040b6cd5e4ff5b8a20974d&tochange=70dec260867a04a285867e0586434475917f480d

Hi Dennis, wonder if you could take a look at this, please?

Flags: needinfo?(djackson)

I took a look and there is no HTTPS record in place. The problem seems to be with their TLS configuration, which stalls in the presence of the ECH extension. Setting security.tls.ech.grease_probability to 0 makes the connection work.

I had a look as well. This is similar to the other bug in that its a non-compliant TLS server which only supports TLS 1.2. The site also breaks with Chrome and its not ECH-specific as using a different extension id also triggers it. As this server times out rather than causes an error the user experience is a bit worse and there's no way for us to fall back as we can't distinguish the lack of reply from a server that's simply unavailable.

Given the site is very local and the fact Chrome is also impacted I'm not concerned by this. But I'll reach out to the site admin anyway to see if they can figure out what the root cause is... their fingerprint suggests they're using the latest version of Microsoft IIS (10.0), but I've tested with other sites using IIS 10.0 and they work fine in Firefox.

Blocks: ech
Flags: needinfo?(djackson)

The severity field is not set for this bug.
:beurdouche, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(bbeurdouche)
Severity: -- → S4
Flags: needinfo?(bbeurdouche)
Priority: -- → P3
Assignee: nobody → nobody
Component: Libraries → Desktop
Product: NSS → Web Compatibility
Version: other → unspecified

The site operator has now resolved their misconfiguration.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.