Closed Bug 1921052 Opened 6 months ago Closed 4 months ago

https - URL scanned via Android camera is modified to http and is declined to connect with server for security reasons

Categories

(Fenix :: QR, defect)

Product:
Fenix
Component:
QR
Version:
Firefox 130
Platform:
All
Android
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: karl.grote, Unassigned)

Details

Steps to reproduce:

I am using my Cloud landing page https://simparq.net: with ports 4941, 4942 and 4949. Proxy Server is nginx. Ports are ssl Let’s Encrypt secured. niginx is forwarding the client (Android S23 Ultra with Fenix) to an internal port for further processing. http unsecured is also tolerated - see configuration file:

HTTPS- und HTTP-Umleitung für Port 4949

server {
listen 4949 ssl; # Lauschen auf HTTPS-Anfragen auf Port 4949
server_name www.simparq.net;

# SSL-Zertifikate für HTTPS-Verbindungen
ssl_certificate /etc/letsencrypt/live/www.simparq.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.simparq.net/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

# Umleitung von HTTP zu HTTPS auf demselben Port
error_page 497 301 =307 https://$host:$server_port$request_uri;

# Proxy-Einstellungen für HTTPS-Anfragen
location / {
    proxy_pass http://localhost:64949;  # Weiterleitung an den internen Service auf Port 64949
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Ssl on;
}

}

This works pretty fine with a probability of 95%. Sometimes not! Then for a series ist does now work. (Caching problem ?) Any QR-Code is different by a random Ascii code - exemplarily #"TN5EzhrtlH"

Actual results:

I scan a self created QR-Code- exemplarily "2024-09-25 13:36:16,829 - main - DEBUG - Creating QR code with content: https://SimParQ.net:4949/WEST_A_3034#TN5EzhrtlH" via a S23Ultra camera.

Fenix (Build #2016044751) is default browser. After scanning the QRC Fenix is triggered by Android to forward the user to the correponding landing page for further input.

But instead Fenix (sometimes) refuses to forward - no https or http request with corresponding timestamp in the Nginx Logging can be found!
Furthermore the Browser shows an error page with the URL "http://simparq.net:4949/WEST_A_3034#TN5EzhrtlH " and tells the user for security reasons he is not forwarded to the server!

Strange: "https" seems to be transformed to "http" Fenix internally.
Why that?

Expected results:

User should be forwarded to a landing page for further action or alternatively to a "timed-out" catching landing page (no action).

"http://simparq.net:4949/WEST_A_3034#TN5EzhrtlH" OR "https://simparq.net:4949/WEST_A_3034#TN5EzhrtlH"

http OR https should work - see Nginx configuration.

Hey Karl, thank you for the report. Would it be possible to get an isolated test case? The URLs you provided don't seem to work so debugging locally isn't possible.

Flags: needinfo?(karl.grote)
Severity: -- → S3
Component: General → Browser Engine

Redirect a needinfo that is pending on an inactive user to the triage owner.
:boek, since the bug has recent activity, could you please find another way to get the information or close the bug as INCOMPLETE if it is not actionable?

For more information, please visit BugBot documentation.

Flags: needinfo?(karl.grote) → needinfo?(jboek)

Going to close this as invalid for now. Please feel free to re-open with a QR code or a reproducible test case.

Status: UNCONFIRMED → RESOLVED
Closed: 4 months ago
Component: Browser Engine → QR
Flags: needinfo?(jboek)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.