Closed Bug 840687 Opened 12 years ago Closed 12 years ago

Use HTTPS instead of HTTP for in-product documentation URLs

Categories

(Firefox Graveyard :: Help Documentation, defect)

defect
Not set
normal

Tracking

(Not tracked)

VERIFIED FIXED
Firefox 22

People

(Reporter: briansmith, Assigned: raymondlee)

References

Details

(Keywords: meta)

Attachments

(1 file, 1 obsolete file)

+++ This bug was initially created as a clone of Bug #771788 +++ Got to about:config and search for "http://" app.releaseNotesURL;http://www.mozilla.com/%LOCALE%/%APP%/%VERSION%/releasenotes/ app.support.baseURL;http://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/ app.update.url.details;http://www.mozilla.com/%LOCALE%/%APP%/releases/ app.update.url.manual;http://www.firefox.com app.vendorURL;http://www.mozilla.com/%LOCALE%/%APP%/ [...] browser.geolocation.warning.infoURL;http://www.mozilla.com/%LOCALE%/firefox/geolocation/ datareporting.healthreport.infoURL;http://www.mozilla.org/legal/privacy/firefox.html#health-report toolkit.crashreporter.infoURL;http://www.mozilla.com/legal/privacy/firefox.html#crash-reporter toolkit.telemetry.infoURL;http://www.mozilla.com/legal/privacy/firefox.html#telemetry On 'app.update.url.manual;http://www.firefox.com' suffix a slash at the end to make it FQDN. Most or all of these can be "fixed" simply by replacing "http://" with "https://" as the various websites already support HTTPS.
These bugs are probably best filed per-host. support.mozilla.org link changes require sign-off from different people than mozilla.com links. I think mozilla.com/org can probably just be changed wholesale.
(In reply to :Gavin Sharp (use gavin@gavinsharp.com for email) from comment #1) > These bugs are probably best filed per-host. support.mozilla.org link > changes require sign-off from different people than mozilla.com links. I > think mozilla.com/org can probably just be changed wholesale. support.mozilla.org in particular is not really designed to have all traffic come over HTTPS right now. I don't think it would cause the site to fall over, but there are changes we would really rather make before Firefox changed to HTTPS-only. With any site, including mozilla.com/org, please CC or otherwise confirm with relevant webdev and ops that the infrastructure will support the increase in HTTPS traffic.
(In reply to James Socol [:jsocol, :james] from comment #2) > With any site, including mozilla.com/org, please CC or otherwise confirm > with relevant webdev and ops that the infrastructure will support the > increase in HTTPS traffic. Thanks. I filed separate bugs for support.mozilla.org and for the Help|About link at firefox.com. All of these bugs are blocking bug 771788, and I will send out a pointer to bug 771788 to dev-webdev.
Attached patch v1 (obsolete) — Splinter Review
(In reply to Brian Smith (:bsmith) from comment #0) > [...] > browser.geolocation.warning.infoURL;http://www.mozilla.com/%LOCALE%/firefox/ > geolocation/ I will file some followups for b2, metro and mobile/android as they don't seem to use that preference, and a followup for mobile/xul to update it to use HTTPS > datareporting.healthreport.infoURL;http://www.mozilla.org/legal/privacy/ > firefox.html#health-report Updated > toolkit.crashreporter.infoURL;http://www.mozilla.com/legal/privacy/firefox. > html#crash-reporter Updated > toolkit.telemetry.infoURL;http://www.mozilla.com/legal/privacy/firefox. > html#telemetry > Updated
Attachment #721093 - Flags: review?(gavin.sharp)
Depends on: 847811
Depends on: 847812
Depends on: 847814
Depends on: 847816
Assignee: nobody → raymond
Status: NEW → ASSIGNED
Comment on attachment 721093 [details] [diff] [review] v1 >diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js >-pref("browser.geolocation.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/geolocation/"); >+pref("browser.geolocation.warning.infoURL", "https://www.mozilla.org/%LOCALE%/firefox/geolocation/"); Seems like we need to decide whether we should use %LOCALE% for mozilla.org links. Relying on the server-side detection may be better than explicitly choosing a locale on the client. But I guess we don't need to sort that out now. > pref("toolkit.crashreporter.infoURL", >- "http://www.mozilla.com/legal/privacy/firefox.html#crash-reporter"); >+ "https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter"); Looks like the anchor portion of this link is broken. I guess we should file a Websites::www.mozilla.org website bug about that.
Attachment #721093 - Flags: review?(gavin.sharp) → review+
(In reply to :Gavin Sharp (use gavin@gavinsharp.com for email) from comment #5) > Comment on attachment 721093 [details] [diff] [review] > v1 > > >diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js > > >-pref("browser.geolocation.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/geolocation/"); > >+pref("browser.geolocation.warning.infoURL", "https://www.mozilla.org/%LOCALE%/firefox/geolocation/"); > > Seems like we need to decide whether we should use %LOCALE% for mozilla.org > links. Relying on the server-side detection may be better than explicitly > choosing a locale on the client. But I guess we don't need to sort that out > now. > OK, leave it as it is. > > pref("toolkit.crashreporter.infoURL", > >- "http://www.mozilla.com/legal/privacy/firefox.html#crash-reporter"); > >+ "https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter"); > > Looks like the anchor portion of this link is broken. I guess we should file > a Websites::www.mozilla.org website bug about that. Filed bug 855179
Attachment #721093 - Attachment is obsolete: true
Keywords: checkin-needed
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 22
Verified fixed on Windows 7 64bit, Ubuntu 13.10 and Mac OSX 10.8.5 using latest Nightly 34.0a1.
Status: RESOLVED → VERIFIED
Product: Firefox → Firefox Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: