Closed Bug 1896083 Opened 6 months ago Closed 5 months ago

Do not upgrade domains that do not end with a valid TLD

Categories

(Core :: DOM: Security, enhancement)

Product:
Core
Component:
DOM: Security
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
129 Branch
Tracking Flags:
Tracking Status
firefox129 --- fixed

People

(Reporter: maltejur, Assigned: maltejur)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(2 files)

Bug 1896083 - Do not HTTPS-First upgrade hostnames that do not end with a known public suffix r?simonf!,freddyb!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1896083 - Add functionality to eTLD service to check if hostname ends in known public suffix r?#necko-reviewers!,mak!
48 bytes, text/x-phabricator-request
Details | Review

This would be a easy way to exempt local domains like site.local or router.lan from HTTPS-First. We should also consider if we want to do the same for HTTPS-Only.

See Also: → 1895265
Assignee: nobody → mjurgens
Whiteboard: [domsecurity-active]
Attachment #9403770 - Attachment description: WIP: Bug 1896083 - Do not HTTPS-First upgrade domains that do not end with a known TLD → Bug 1896083 - Do not HTTPS-First upgrade hostnames that do not end with a known TLD r?simonf!,freddyb!
Attachment #9404550 - Attachment description: Bug 1896083 - Add functionality to eTLD service to check if hostname ends in known TLD r?#necko-reviewers!,mak! → Bug 1896083 - Add functionality to eTLD service to check if hostname ends in known public suffix r?#necko-reviewers!,mak!
Attachment #9403770 - Attachment description: Bug 1896083 - Do not HTTPS-First upgrade hostnames that do not end with a known TLD r?simonf!,freddyb! → Bug 1896083 - Do not HTTPS-First upgrade hostnames that do not end with a known public suffix r?simonf!,freddyb!
Pushed by mjurgens@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/8b206d79cd48 Add functionality to eTLD service to check if hostname ends in known public suffix r=mak,necko-reviewers,kershaw https://hg.mozilla.org/integration/autoland/rev/2d286815be60 Do not HTTPS-First upgrade hostnames that do not end with a known public suffix r=necko-reviewers,valentin,simonf,freddyb

Backed out for causing browser_httpsfirst.js

Flags: needinfo?(mjurgens)
Flags: needinfo?(mjurgens)
Pushed by mjurgens@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1e2450e990ce Add functionality to eTLD service to check if hostname ends in known public suffix r=mak,necko-reviewers,kershaw https://hg.mozilla.org/integration/autoland/rev/c2de598b0433 Do not HTTPS-First upgrade hostnames that do not end with a known public suffix r=necko-reviewers,valentin,simonf,freddyb

https://hg.mozilla.org/mozilla-central/rev/1e2450e990ce
https://hg.mozilla.org/mozilla-central/rev/c2de598b0433

Status: NEW → RESOLVED
Closed: 5 months ago
status-firefox129: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 129 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: