Open Bug 438760 Opened 16 years ago Updated 2 years ago

Firefox 3 allows form submission POST from https to http action

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Type:
defect

Tracking

()

People

(Reporter: brett, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: sec-low, Whiteboard: [sg:low] lack of warning for web site owners)

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008051202 Firefox/3.0 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008051202 Firefox/3.0 If a form points to an https url: form action="https://www.example.com/doit" and the server returns a redirect (301) at this url (https://www.example.com/doit) to a non-https version (http://www.example.com) the form submits with no problem. In firefox 2.0.0.14 this raised a security exception. Reproducible: Always Steps to Reproduce: 1. Create a form that uses POST to submit to an https action url https://U. 2. Have https://U raise a 301 and redirect to http://U 3. Note the form submits with no warning from firefox. Actual Results: The form was submitted over HTTP instead of HTTPS Expected Results: Expected an exception to be raised. Sorry, no simple example. I was using XMLHttpRequest to make the POSTs.
Version: unspecified → 3.0 Branch
Whiteboard: [sg:low] lack of warning for web site owners
Status: UNCONFIRMED → NEW
Ever confirmed: true
Component: Security → HTML: Form Submission
Product: Firefox → Core
QA Contact: firefox → form-submission
Version: 3.0 Branch → Trunk
Can anyone reproduce this issue on current Firefox versions?
I'm able to reproduce using current Nightly Build.
OS: Linux → All
Hardware: x86 → All
Highly unlikely we're going to find a useful regression range for this bug at this point given how old it is.
Keywords: regressionwindow-wanted
Component: HTML: Form Submission → DOM: Core & HTML
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.