Closed Bug 1917297 Opened 1 year ago Closed 1 year ago

Mixed content blocker can block requests only when running with --use-http2-server/--use-http3-server flags

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Type:
defect

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: emilio, Unassigned)

References

Details

This got me backed out in bug 1891335 because I changed some iframes to use http://.

It is apparently expected (per this) that mochitests with those flags run in https mode.

However, I think then http:// iframes should probably not be blocked, but upgraded to https:// as well?

Trivial test-case is changing this line to use http://. Then, the test fails only with --use-http2-server / --use-http3-server.

Flags: needinfo?(kershaw)

(In reply to Emilio Cobos Álvarez (:emilio) from comment #0)

This got me backed out in bug 1891335 because I changed some iframes to use http://.

It is apparently expected (per this) that mochitests with those flags run in https mode.

However, I think then http:// iframes should probably not be blocked, but upgraded to https:// as well?

Trivial test-case is changing this line to use http://. Then, the test fails only with --use-http2-server / --use-http3-server.

The request is blocked in nsHttpChannel::AsyncOpen, which occurs before an opportunity to perform an HTTPS upgrade.
Due to our current architecture, we cannot determine if an HTTPS record is available during nsHttpChannel::AsyncOpen, making it impossible to perform an HTTPS upgrade at that stage.
So, we must either accept this workaround or skip this test when using an HTTP/2 or HTTP/3 server.

Status: NEW → RESOLVED
Closed: 1 year ago
Flags: needinfo?(kershaw)
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.