Closed Bug 2019611 Opened 22 days ago Closed 14 hours ago

New "Looks like there’s a problem with this site" page shows error for the wrong host to which it hasn't tried to connect

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
Firefox 150
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
150 Branch
Tracking Flags:
Tracking Status
firefox150 --- fixed

People

(Reporter: nabijaczleweli, Assigned: jbrown, NeedInfo)

References

(Blocks 1 open bug)

Details

Attachments

(4 files)

a.png
60.09 KB, image/png
Details
host name.png
6.71 KB, image/png
Details
previous-design.png
60.79 KB, image/png
Details
Bug 2019611 - Fix netTimeout error to use correct l10n IDs and whole origin with subdomains - r?niklas
48 bytes, text/x-phabricator-request
Details | Review
Attached image a.png

Steps to reproduce:

Follow a link to http://www.hpl.hp.com/techreports/tandem/TR-85.7.html

Actual results:

As reproduced in the attachment:

Looks like there’s a problem with this site

Nightly can’t connect to the server at hp.com
What can you do about it?

Try connecting on a different device. Check your modem or router. Disconnect and reconnect to Wi-Fi.

Expected results:

The page should show the error that actually caused the page to fail loading instead of a different one which doesn't appear to have actually happened?

Accd'g to F12, the request was to www.hpl.hp.com, which is as-expected. I don't see any history of an hp.com request, so I'm not sure why this error page is trying to gaslight me into thinking there was one?

Or mayhap there was a spurious hp.com request and the browser hid it from me? Much to think about!

Either way, the browser should either (a) not be doing that request or (b) brand the hostname it tried to connect to into the error page instead of deliberately misleading the user and whoever may be downstream of the user.

Nightly 150.0a1 (2026-02-24) (64-bit) and 150.0a1 (2026-02-26) (64-bit)

I don't think that's incorrect, given that the host name for that URL is hp.com, but letting Security folks triage.

Component: Untriaged → Security
Attached image host name.png

The host name for that URL is www.hpl.hp.com. We know this because that's where the host name goes in the URL (cf. https://datatracker.ietf.org/doc/html/rfc1738#section-3.1), and we know this because that's what the network tab tells us (cf. attachment "host name.png").

This is a change in error messaging from the security.certerrors.felt-privacy-v1. Confirming, that this is indeed a change in messaging on the error page.

previous:

The server at www.hpl.hp.com is taking too long to respond.

new:

Nightly can’t connect to the server at hp.com

This looks like an unintended change due to other errors still showing the full origin.

@jbuck: Is this an intentional change and if so do we have reasoning documented somewhere, or is this something that should be addressed by going back to show the full origin?

Blocks: 1990918
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(jbrown)

And looking at the previous design, the information about connection time out is also missing?

Assignee: nobody → jbrown
Attachment #9548767 - Attachment description: WIP: Bug 2019611 - Fix netTimeout error to use correct l10n IDs and whole origin with subdomains → Bug 2019611 - Fix netTimeout error to use correct l10n IDs and whole origin with subdomains - r?niklas
Status: NEW → ASSIGNED
Pushed by jbrown@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/a729ef7f53b9 https://hg.mozilla.org/integration/autoland/rev/7a02c40691b2 Fix netTimeout error to use correct l10n IDs and whole origin with subdomains - r=niklas,fluent-reviewers,bolsson,desktop-theme-reviewers,sfoster

https://hg.mozilla.org/mozilla-central/rev/7a02c40691b2

Status: ASSIGNED → RESOLVED
Closed: 14 hours ago
status-firefox150: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 150 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: