Tumblr logo does not show correctly at first load. (style sheet would not load at first load)

VERIFIED FIXED in Firefox 25

Status

()

defect
VERIFIED FIXED
6 years ago
6 years ago

People

(Reporter: alice0775, Assigned: keeler)

Tracking

({regression})

25 Branch
mozilla27
x86_64
Windows 7
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox24 unaffected, firefox25+ verified, firefox26+ verified, firefox27+ verified)

Details

Attachments

(2 attachments, 1 obsolete attachment)

This is spun off from Bug 928832 comment#2

Tumblr logo does not show correctly at first load.
Reload the page works properly.

Steps To Reproduce:
1. Start Firefox with new profile ( OR Clear Cache and restart browser)
2. Open https://www.tumblr.com/

Actual Results:
Tumblr logo does not show correctly.
Just text is displayed.

In Network(Ctrl+Shift+Q) pane:
https://secure.assets.tumblr.com/assets/styles/global.css?_v=b48d56f01eebbac361e12044b8b6edae
does not load properly.
Http request header reported. but no response header....


Expected Results:
Tumblr logo image should be displayed




Regression window(m-c)
Good:
http://hg.mozilla.org/mozilla-central/rev/7e05a42582e4
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20130624 Firefox/25.0 ID:20130624175958
Bad:
http://hg.mozilla.org/mozilla-central/rev/bc569033125a
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20130624 Firefox/25.0 ID:20130624215508
Pushlog:
http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=7e05a42582e4&tochange=bc569033125a


Regression window(m-i)
Good:
http://hg.mozilla.org/integration/mozilla-inbound/rev/4974fb802ec1
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20130624 Firefox/24.0 ID:20130624083204
Bad:
http://hg.mozilla.org/integration/mozilla-inbound/rev/19d9d359ed5e
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20130624 Firefox/24.0 ID:20130624091301
Pushlog:
http://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=4974fb802ec1&tochange=19d9d359ed5e

Regressed by: bug 700693
Setting security.OCSP.enabled = 0 does fix.
Summary: Tumblr logo does not show correctly at first load → Tumblr logo does not show correctly at first load. (style sheet would not load at first load)
Posted file http log zipped
http log
set NSPR_LOG_MODULES=timestamp,nsHttp:5,nsSocketTransport:5,nsHostResolver:5
set NSPR_LOG_FILE=%TEMP%\log.txt
The issue is that secure.assets.tumblr.com is sending a stapled ocsp response with an old "thisUpdate" time. The issue is described in bug 929617, which will track the proper fix. This bug should track our immediate response given that we're about to ship ocsp stapling in a release.
After discussing this further on r-d, let's disable on m-b and m-r for FF25. a=akeybl on landing the disable patch to both branches once prepared. Note that RyanVM is out, so please land the changes yourself. Thanks!
Assignee: nobody → dkeeler
Posted patch pref-off ocsp stapling (obsolete) — Splinter Review
cviecco - we discovered some poor site interactions with OCSP stapling, so we're preffing it off until we fix it.
Attachment #820625 - Flags: review?(cviecco)
Comment on attachment 820625 [details] [diff] [review]
pref-off ocsp stapling

Review of attachment 820625 [details] [diff] [review]:
-----------------------------------------------------------------

Simple and good
Attachment #820625 - Flags: review?(cviecco) → review+
(In reply to Alice0775 White from comment #1)
> Setting security.OCSP.enabled = 0 does fix.

I'd hate to disable all *OCSP* checking (like this setting) to fix something limited to stapling.

Keeler's patch changes:
security.ssl.enable_ocsp_stapling = false 
which seems more appropriate than turning off all OCSP.  Does that off-preffing also fix the problem?
(In reply to Alex Keybl [:akeybl] from comment #4)
> After discussing this further on r-d, let's disable on m-b and m-r for FF25.
> a=akeybl on landing the disable patch to both branches once prepared. Note
> that RyanVM is out, so please land the changes yourself. Thanks!

https://hg.mozilla.org/releases/mozilla-beta/rev/ae2c9c00d149
https://hg.mozilla.org/releases/mozilla-release/rev/9366ed0daf42
Just for posterity, bajaj came into #releng just now asking about why this didn't trigger jobs on m-beta.

The reason was that only landings on the |default| hg branch (|master| in git terms) will trigger jobs. however just having David reland this on default on m-beta would have caused some problems in 6 weeks at next beta->release merge so bajaj asked me to look into manually kicking the jobs.

I did the latter choice by loading https://secure.pub.build.mozilla.org/buildapi/self-serve/mozilla-beta and then pasting in the rev into the box at the bottom (for both depend and pgo builds) and clicking submit. Within minutes we had a full platform list of jobs starting on mozilla-beta ready to recieve test results once complete.
(In reply to Justin Wood (:Callek) from comment #9)
> Just for posterity, bajaj came into #releng just now asking about why this
> didn't trigger jobs on m-beta.
> 
> The reason was that only landings on the |default| hg branch (|master| in
> git terms) will trigger jobs. however just having David reland this on
> default on m-beta would have caused some problems in 6 weeks at next
> beta->release merge so bajaj asked me to look into manually kicking the jobs.

And actually I did not do the same choice for m-release since you likely will also want the change on |default| incase of a chemspill reason, so please reland on the default branch there, which will trigger tests.
Comment on attachment 820625 [details] [diff] [review]
pref-off ocsp stapling

Review of attachment 820625 [details] [diff] [review]:
-----------------------------------------------------------------

::: netwerk/base/public/security-prefs.js
@@ +11,5 @@
>  pref("security.ssl.renego_unrestricted_hosts", "");
>  pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
>  pref("security.ssl.require_safe_negotiation",  false);
>  pref("security.ssl.warn_missing_rfc5746",  1);
> +pref("security.ssl.enable_ocsp_stapling", false);

In nsNSSComponent.cpp, we should also change this, right?:

- #define OCSP_STAPLING_ENABLED_DEFAULT true
+ #define OCSP_STAPLING_ENABLED_DEFAULT false
Good catch, Brian. Here's the updated patch.
Attachment #820625 - Attachment is obsolete: true
Attachment #820717 - Flags: review+
https://hg.mozilla.org/releases/mozilla-release/rev/8a2925c6b567

https://hg.mozilla.org/releases/mozilla-beta/rev/8fb39b8fb2a7
https://hg.mozilla.org/releases/mozilla-beta/rev/b1aa52690126
(I backed out the incorrect patch)

It looks like the builds got kicked off for release, but we'll have to manually start them for beta again.
We tested the FF 25b11 as specified here: https://wiki.mozilla.org/Releases/Firefox_25/Test_Plan#Regression_Testing_10 

This issue is no longer reproducible having security.ssl.enable_ocsp_stapling pref disabled.
Thanks Mihai, we won't call this verified until testing is repeated in 25rc2 just to be safe.
Alice, can you please confirm this is working for you now across all branches and if so please mark this bug verified fixed.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
I can confirm that the problrm was fixed in Nightly27.0a1, Aurora26.0a2 and Firefox25.0b11.

http://hg.mozilla.org/mozilla-central/rev/19fd3388c372
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 ID:20131024030204
http://hg.mozilla.org/releases/mozilla-aurora/rev/ed279034d066
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0 ID:20131024004004
http://hg.mozilla.org/releases/mozilla-beta/rev/e55593a833c9
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 ID:20131022211721
Status: RESOLVED → VERIFIED
Alice - did you test with the instructions at https://wiki.mozilla.org/Releases/Firefox_25/Test_Plan (the important part is setting the system clock forward 1 week)? The patch disabling ocsp stapling was only uplifted to 25.
Flags: needinfo?(alice0775)
(In reply to David Keeler (:keeler) from comment #19)
> Alice - did you test with the instructions at
> https://wiki.mozilla.org/Releases/Firefox_25/Test_Plan (the important part
> is setting the system clock forward 1 week)? The patch disabling ocsp
> stapling was only uplifted to 25.

No.
Flags: needinfo?(alice0775)
Umm, I cannot also reproduce the problem in the BAD build

Probably,
https://www.tumblr.com/ site was modified by themselves.
Target Milestone: --- → mozilla27
You need to log in before you can comment on or make changes to this bug.