467826 - http -> https redirect with WCAP calendar

Status: RESOLVED MOVED

(Calendar :: Provider: WCAP, defect)

Description

[Anil]

User-Agent:       Mozilla/5.0 (X11; U; SunOS i86pc; en-US; rv:1.9.0.4) Gecko/2008111710 Firefox/3.0.4
Build Identifier: 0.9

We have a Foundry Load Balancer that answers calendar (WCAP) requests over 80 and 443 (https). Connections to port 80 are re-directed to port 443 (using a standard HTTP 302 redirect) by the LB.

When you specify http://url for the calendar Lightning reports an error that the connection is insecure. However, doing a snoop in the background shows traffic going over 443 (as expected).

It'll be nice if Lightning can detect the Redirect from the server (foundry) and not show the warning message OR if a SSL connection is detected the user's calendar setting should be changed to https://url.

Reproducible: Always

Steps to Reproduce:
1. Setup HTTP -> 443 redirect on web server
2. Configure Lightning to use WCAP server at http://url


Expected Results:  
Perhaps a connection to the WCAP/HTTP server should be made and after the redirects are followed, automatically determine if the connection is secure or not. If not, throw the normal warning message.

Comment 1

[Michiel van Leeuwen (email: mvl+moz@)]

-> WCAP

Comment 2

[Philipp Kewisch [:Fallen] [:📆][:🧩]]

Could you possibly give me or Daniel Bölzle access to this server for testing? We've fixed this for all providers except WCAP.

Comment 3

[Anil]

Just sent to your email. Not sure how to do confidential comments on here. Thanks!

Comment 4

[Daniel Boelzle [:dbo]]

The redirects seems to work, but the current code (statically) warns if a plain http URL is given: <http://mxr.mozilla.org/comm-central/ident?i=confirmInsecureLogin>

Comment 5

[Philipp Kewisch [:Fallen] [:📆][:🧩]]

Moved to https://github.com/kewisch/wcap-provider/issues/13