Closed Bug 1938361 Opened 2 months ago Closed 1 month ago

HTTPS-First should not upgrade non-default ports

Categories

(Core :: DOM: Security, defect, P2)

Product:
Core
Component:
DOM: Security
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
136 Branch
Tracking Flags:
Tracking Status
firefox-esr115 --- unaffected
firefox-esr128 --- unaffected
firefox134 --- wontfix
firefox135 --- wontfix
firefox136 --- fixed

People

(Reporter: simonf, Assigned: simonf)

References

(Regression)

Details

(Keywords: regression, Whiteboard: [domsecurity-active])

Attachments

(1 file)

Bug 1938361. Disable HTTPS-first for non-standard ports - r=maltejur
48 bytes, text/x-phabricator-request
Details | Review

After we implemented the spec proposal to work on the WPT tests we got the proposal changed because upgrading default ports is pretty much never the right choice.
We will keep the pref dom.security.https_first_for_custom_ports in case it will be useful for WPT tests but the default needs to be changed.

\o/

Duplicate of this bug: 1938323
Severity: -- → S3
Priority: -- → P2
Whiteboard: [domsecurity-active]
Pushed by sfriedberger@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6859ab2cc37c Disable HTTPS-first for non-standard ports - r=maltejur,freddyb

Backed out for causing xpcshell failures @ test_https_only_https_first_prefs.js

TEST-UNEXPECTED-FAIL | dom/security/test/unit/test_https_only_https_first_prefs.js | xpcshell return code: -11
Flags: needinfo?(sfriedberger)
Pushed by sfriedberger@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/d6ae0c16ff94 Disable HTTPS-first for non-standard ports - r=maltejur,freddyb
Flags: needinfo?(sfriedberger)

https://hg.mozilla.org/mozilla-central/rev/d6ae0c16ff94

Status: NEW → RESOLVED
Closed: 1 month ago
status-firefox136: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 136 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: