Distinguish redirect loop caused by endless HTTPS-HTTP loop
Categories
(Core :: Networking: HTTP, task, P2)
Tracking
()
People
(Reporter: kershaw, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged] [necko-priority-next])
Currently, Firefox fails to differentiate between redirect loops caused by a cycle between HTTPS and HTTP and other types of redirect loops. Currently, we use the same error code NS_ERROR_REDIRECT_LOOP and show the same error page, leading to potential misinterpretation and difficulty in troubleshooting HTTPS and HTTP loop caused by HTTPS-only or HTTPS-first mode.
The first step might be using a different error code for HTTPS-HTTP loop.
|
Reporter | |
Updated•1 year ago
|
|
||
Comment 1•1 year ago
|
||
Currently we show the HTTPS-only error page for errors where a https-only upgrade was involved (including the redirect loop). In some cases this doesn't trigger (when starting at the https page, because then no real https-only upgrade was triggered, only the loop detection). Https-first doesn't show a redirect loop at all, it just loads the http page.
What could be added is to
- show the https-only error page when https-only mode is enabled and the user startet at the https page (i.e. enters
https://example.com/and it redirects tohttp://example.com - don't show the https-only error page when the page has hsts enabled, because hsts has higher priority than https-only mode.
|
||
Updated•1 year ago
|
|
||
Updated•11 months ago
|
|
|
||
Comment 2•9 months ago
|
||
I guess what we need here is:
- A test for this situation
- A new error code in ErrorList.py
- Return the new error code in nsHttpChannel when upgrading the channel to secure (and a channel in the redirect chain also did a HTTPS upgrade using secure)?
|
|
||
Updated•9 months ago
|
Description
•