Closed
Bug 840678
Opened 11 years ago
Closed 11 years ago
Use HTTPS instead of HTTP for input.mozilla.org submissions
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
FIXED
Firefox 22
People
(Reporter: briansmith, Assigned: raymondlee)
References
Details
(Keywords: privacy)
Attachments
(1 file, 4 obsolete files)
931 bytes,
patch
|
Details | Diff | Splinter Review |
+++ This bug was initially created as a clone of Bug #771788 +++ Steps to reproduce: Go to about:config Search for : http:// Actual results: [...] extensions.input.brokenURL;http://input.mozilla.com/feedback#broken extensions.input.happyURL;http://input.mozilla.com/happy extensions.input.ideaURL;http://input.mozilla.com/feedback#idea extensions.input.sadURL;http://input.mozilla.com/sad [...] Expected results: The secure HTTPS protocol should have been used, not the insecure HTTP protocol.
Comment 1•11 years ago
|
||
I don't understand this bug. Doesn't seem like anything we can fix in the input.mozilla.org site. Shouldn't this be a Firefox bug and not an Input bug? Or am I missing something?
Comment 2•11 years ago
|
||
This is, indeed, a Firefox bug. This component is for the Input Server Software.
Component: Submission → General
Product: Input → Firefox
Reporter | ||
Comment 3•11 years ago
|
||
Will, James, do you object to Firefox changing the URLs to "https://"? Could you verify that https://input.mozilla.org will work OK?
Comment 4•11 years ago
|
||
(In reply to Brian Smith (:bsmith) from comment #3) > Will, James, do you object to Firefox changing the URLs to "https://"? Could > you verify that https://input.mozilla.org will work OK? It works great. In fact, I was surprised that http:// doesn't redirect and we don't send HSTS headers.
Comment 5•11 years ago
|
||
Brian, Android has a different set of URLs (starting with m.). I didn't see a blocker to bug 771788 specifically for Android.
Assignee | ||
Comment 6•11 years ago
|
||
http://mxr.mozilla.org/mozilla-central/search?string=input.mozilla.com I see there some places in the following directories which use HTTP instead of HTTPS. Should we update them as well? /b2g/app/ /mobile/android/app/profile/extensions/feedback@mobile.mozilla.org/ /mobile/xul/app/
Attachment #720518 -
Flags: review?(gavin.sharp)
Flags: needinfo?
Assignee | ||
Comment 7•11 years ago
|
||
Since they are all simple changes, I have just updated b2 and mobile directories
Attachment #720521 -
Flags: review?(gavin.sharp)
Flags: needinfo?
Assignee | ||
Updated•11 years ago
|
Attachment #720518 -
Attachment is obsolete: true
Attachment #720518 -
Flags: review?(gavin.sharp)
Comment 8•11 years ago
|
||
While we're at it, it looks like input.mozilla._org_ is the canonical URL, so we should probably also switch to that.
Assignee | ||
Comment 9•11 years ago
|
||
Use https and mozilla.org
Attachment #720552 -
Flags: review?(gavin.sharp)
Assignee | ||
Updated•11 years ago
|
Attachment #720521 -
Attachment is obsolete: true
Attachment #720521 -
Flags: review?(gavin.sharp)
Assignee | ||
Comment 10•11 years ago
|
||
Redirect chain https://input.mozilla.org/feedback/ ->https://input.mozilla.org/en-US/feedback/ https://input.mozilla.org/happy -> https://input.mozilla.org/en-US/feedback#happy https://input.mozilla.org/sad -> https://input.mozilla.org/en-US/feedback#sad https://input.mozilla.org/feedback#broken -> https://input.mozilla.org/en-US/feedback#broken https://input.mozilla.org/feedback#idea -> https://input.mozilla.org/en-US/feedback#idea
Assignee | ||
Updated•11 years ago
|
Assignee: nobody → raymond
Assignee | ||
Updated•11 years ago
|
Status: NEW → ASSIGNED
Comment 11•11 years ago
|
||
I've never seen any indication there's handling for #broken. I think that doesn't exist. We probably should take out the brokenURL thing.
Assignee | ||
Comment 12•11 years ago
|
||
(In reply to Will Kahn-Greene [:willkg] from comment #11) > I've never seen any indication there's handling for #broken. I think that > doesn't exist. We probably should take out the brokenURL thing. This preference is being used by testpilot. http://mxr.mozilla.org/mozilla-central/source/browser/app/profile/extensions/testpilot@labs.mozilla.com/modules/feedback.js#35 Jono: Do you know more about that? Can we remove that?
Flags: needinfo?(jono)
Comment 13•11 years ago
|
||
If you go to the above #broken url, you just end up on the feedback form (the #broken part doesn't do anything). So it "works", but doesn't do anything in particular unless metrics is tracking it somehow outside of Input. One other thing is that we're in the process of getting the new Input to production and it should be there this month. End of March at the latest. At that point, all these urls are going to need to change again. I'd hold off on making url changes until the new Input is in production.
Comment 14•11 years ago
|
||
We're also re-writing testpilot (bug 840108) and removing some of the "input" pieces from it (bug 841437). So for the moment we should probably just not touch that code. It looks to me though that app.feedbackURL is a remnant from mobile XUL's about page that got copied to b2g/metro but isn't used there. So perhaps we can just remove it? We may want to avoid touching mobile/ in this bug too (and perhaps file a followup on them), so maybe this bug should just cover making the utilityOverlay change.
Flags: needinfo?(jono)
Assignee | ||
Comment 15•11 years ago
|
||
(In reply to :Gavin Sharp (use gavin@gavinsharp.com for email) from comment #14) > We're also re-writing testpilot (bug 840108) and removing some of the > "input" pieces from it (bug 841437). So for the moment we should probably > just not touch that code. > > It looks to me though that app.feedbackURL is a remnant from mobile XUL's > about page that got copied to b2g/metro but isn't used there. So perhaps we > can just remove it? Filed bug 847784 and bug 847786 > > We may want to avoid touching mobile/ in this bug too (and perhaps file a > followup on them), Filed bug 847788 and bug 847789 > so maybe this bug should just cover making the > utilityOverlay change. The patch only contains the utilityOverlay change.
Attachment #720552 -
Attachment is obsolete: true
Attachment #720552 -
Flags: review?(gavin.sharp)
Attachment #721058 -
Flags: review?(gavin.sharp)
Updated•11 years ago
|
Attachment #721058 -
Flags: review?(gavin.sharp) → review+
Assignee | ||
Comment 16•11 years ago
|
||
Attachment #721058 -
Attachment is obsolete: true
Assignee | ||
Updated•11 years ago
|
Keywords: checkin-needed
Comment 17•11 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/2a84cfaf3a6a
Keywords: checkin-needed
Comment 18•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/2a84cfaf3a6a
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 22
You need to log in
before you can comment on or make changes to this bug.
Description
•