Closed
Bug 973311
Opened 11 years ago
Closed 10 years ago
Make all Firefox Beta, Release and ESR channel download links default to SSL
Categories
(www.mozilla.org :: Bedrock, enhancement)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: kohei, Assigned: kohei)
References
(Blocks 1 open bug)
Details
(Whiteboard: [kb=1273997])
Attachments
(2 files)
44 bytes,
text/x-github-pull-request
|
Details | Review | |
4.24 KB,
patch
|
Details | Diff | Splinter Review |
+++ This bug was initially created as a clone of Bug #962204 +++
Bug 962204 has changed Firefox download links to reference SSL products in bouncer, but the SSL-enabled version list is maintained manually for now.
Let's make all Firefox Release channel download links default to SSL, once the experiment goes well and generating SSL products is fully incorporated into the release engineering process.
Assignee | ||
Comment 1•11 years ago
|
||
Creating SSL products is already part of release automation, so let's do this.
Depends on: 956674
Assignee | ||
Updated•11 years ago
|
Summary: Make all Firefox Release channel download links default to SSL → Make all Firefox Release and Beta channels' download links default to SSL
Comment 2•11 years ago
|
||
(In reply to Kohei Yoshino [:kohei] from comment #1)
> Creating SSL products is already part of release automation, so let's do
> this.
Who is maintaining this meta data now on Bedrock? Release engineering in product details?
Assignee | ||
Comment 3•11 years ago
|
||
It's currently a Bedrock setting and I have sent pull requests to update the version list like this: https://github.com/mozilla/bedrock/pull/1791
Assignee | ||
Comment 4•11 years ago
|
||
And I already have a PR to fix this.
Assignee | ||
Comment 5•11 years ago
|
||
This enables secure downloads for all Release and Beta builds.
* Windows stub installers have already been downloaded via SSL
* ESR and funnelcakes are not included in this change
* Aurora links are pointing https://ftp.mozilla.org/ directly, instead of download.m.o
Assignee | ||
Comment 6•11 years ago
|
||
Looks like the latest ESR builds are also SSL-ready.
Summary: Make all Firefox Release and Beta channels' download links default to SSL → Make all Firefox Beta, Release and ESR channel download links default to SSL
Comment 7•11 years ago
|
||
BTW, Releng has started generating <product>-<version>-SSL style Bouncer entries recently. Would you prefer to use <product>-<version> and make it SSL-only?
Assignee | ||
Comment 8•11 years ago
|
||
> Would you prefer to use <product>-<version> and make it SSL-only?
That sounds good to me.
Comment 9•11 years ago
|
||
(In reply to Kohei Yoshino [:kohei] from comment #8)
> > Would you prefer to use <product>-<version> and make it SSL-only?
>
> That sounds good to me.
That would be a lot easier if we are since SSL is the default now.
Comment 10•11 years ago
|
||
Keep in mind that the stub installer requires the non-SSL product.
Comment 11•11 years ago
|
||
(In reply to Kohei Yoshino [:kohei] from comment #8)
> > Would you prefer to use <product>-<version> and make it SSL-only?
>
> That sounds good to me.
See comment #10, let's use the current approach then, no changes for <product>-<version>. I WONTFIXed the dep bug.
Assignee | ||
Comment 12•11 years ago
|
||
Hm, okay, reopening my pull request.
Comment 13•11 years ago
|
||
(In reply to Chris AtLee [:catlee] from comment #10)
> Keep in mind that the stub installer requires the non-SSL product.
What he said. Whatever we do, let's make double-sure we don't break that... it's the default delivery mechanism for Windows users, after all. :)
Comment 14•11 years ago
|
||
Any update here? how can we move forward with forcing SSL on mozilla.org for all web/download requests with this particular bug?
Assignee | ||
Comment 15•11 years ago
|
||
I'll add some tests to my pull request today then it should be ready to get merged.
Comment 16•11 years ago
|
||
(In reply to Kohei Yoshino [:kohei] from comment #15)
> I'll add some tests to my pull request today then it should be ready to get
> merged.
pmac jgmize: Since we are making a change to downloads, I want to make sure this is well tested. Should we put this up on a demo server?
Flags: needinfo?(pmac)
Comment 17•11 years ago
|
||
(In reply to Chris More [:cmore] from comment #16)
> pmac jgmize: Since we are making a change to downloads, I want to make sure
> this is well tested. Should we put this up on a demo server?
We should indeed! As soon as it's ready to test I can throw it onto one. Just let me know :kohei.
Flags: needinfo?(pmac) → needinfo?(kohei.yoshino)
Assignee | ||
Comment 18•11 years ago
|
||
Re-added tests to my pull request. It should be ready for test, probably on demo1? as the Privacy Center branch has been merged.
Flags: needinfo?(kohei.yoshino)
Updated•11 years ago
|
Whiteboard: [kb=1273997] → [kb=1273997][qawanted]
Comment 19•11 years ago
|
||
:retornam I've pushed :kohei's branch to demo5; would you mind taking a look at it?
Flags: needinfo?(mozbugs.retornam)
Comment 20•11 years ago
|
||
(In reply to Josh Mize [:jgmize] from comment #19)
> :retornam I've pushed :kohei's branch to demo5; would you mind taking a look
> at it?
The Release Download button at
https://www-demo5.allizom.org/en-US/ ---> https://www-demo5.allizom.org/en-US/products/download.html?product=firefox-28.0-SSL&os=osx&lang=en-US
The Beta download button at
https://www-demo5.allizom.org/en-US/firefox/beta/ didn't work. It linked to https://www-demo5.allizom.org/products/download.html?product=firefox-29.0b9&os=osx&lang=en-US&channel=fxbeta
The ESR links at
https://www-demo5.allizom.org/en-US/firefox/organizations/all/ all linked to the firefox-24.4.0esr-SSL product.
Josh, Kohei, the Beta page is on the PHP site, can you please take a look at why it isn't linking to the SSL product
Flags: needinfo?(kohei.yoshino)
Flags: needinfo?(jmize)
Updated•11 years ago
|
Flags: needinfo?(mozbugs.retornam)
Assignee | ||
Comment 21•11 years ago
|
||
The PHP site has its own download button code so this pull request won't fix /firefox/beta/. Bug 995539 is a similar issue. We should port /firefox/beta/ and /firefox/aurora/ to Bedrock, rather than patching the PHP code.
Flags: needinfo?(kohei.yoshino)
Assignee | ||
Updated•11 years ago
|
Blocks: download-buttons
Assignee | ||
Comment 23•11 years ago
|
||
My PR has been deployed to demo1 by :pmac so now we need some tests :)
:retornam can you help?
Flags: needinfo?(kohei.yoshino) → needinfo?(mozbugs.retornam)
Comment 24•11 years ago
|
||
(In reply to Kohei Yoshino [:kohei] from comment #23)
> My PR has been deployed to demo1 by :pmac so now we need some tests :)
>
> :retornam can you help?
I'm taking a look at this now
Flags: needinfo?(mozbugs.retornam)
Comment 25•11 years ago
|
||
Kohei,
Can you apply this to the PHP side as well. https://www-demo1.allizom.org/en-US/products/download.html still serves downloads without SSL https://download.mozilla.org/?product=firefox-29.0.1&os=osx&lang=en-US
Updated•11 years ago
|
Flags: needinfo?(kohei.yoshino)
Assignee | ||
Comment 26•11 years ago
|
||
That's because /products/download.html is still on the legacy PHP side. Bug 988046 will resolve the issue with a redirect.
Flags: needinfo?(kohei.yoshino)
Assignee | ||
Comment 27•11 years ago
|
||
Bug 988046 is blocked by Bug 1005237 that will happen at the end of July. I'll write a PHP patch for the time being, as I said on IRC.
Assignee | ||
Comment 28•11 years ago
|
||
A minimum patch for the PHP site to resolve retornam's comment 25 where no query string is provided. The source is located at:
http://viewvc.svn.mozilla.org/vc/libs/product-details/
This page serves a build via SSL when the query string has SSL like this:
https://www-demo1.allizom.org/en-US/products/download.html?product=firefox-29.0.1-SSL&os=osx&lang=en-US
Attachment #8428337 -
Flags: review?(jmize)
Comment 29•10 years ago
|
||
The patch looks okay to me, but web-prod doesn't own the product-details library. I believe we'll need approval and a merge from Release Management. Not sure who we should ping with this, but that library is an external for our PHP stuff, so they'll have to update it and then we can update our external definition to bring in the new version for testing in trunk.
Assignee | ||
Comment 30•10 years ago
|
||
Actually all links from Bedrock to download.html have query strings, so the PHP patch isn't necessary. It's just a nice-to-have.
Comment 31•10 years ago
|
||
:kohei cool. It would be nice to have merged, but you'll probably have to file this patch in a separate bug for product-details for the right people to review and merge it.
Comment 32•10 years ago
|
||
Commits pushed to master at https://github.com/mozilla/bedrock
https://github.com/mozilla/bedrock/commit/511badf60520c153811f64ac8d425a4975d42eec
Fix Bug 973311 - Make all Firefox Beta, Release and ESR channel download links default to SSL
https://github.com/mozilla/bedrock/commit/d24775a5a64b5e02b7ac96c5d117f81259163a99
Merge pull request #1800 from kyoshino/bug-973311-firefox-download-ssl
Fix Bug 973311 - Make all Firefox Beta, Release and ESR channel download links default to SSL
Updated•10 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Comment 33•10 years ago
|
||
Comment on attachment 8428337 [details] [diff] [review]
PHP patch
Review of attachment 8428337 [details] [diff] [review]:
-----------------------------------------------------------------
see https://bugzilla.mozilla.org/show_bug.cgi?id=973311#c31
Attachment #8428337 -
Flags: review?(jmize)
Comment 34•10 years ago
|
||
Fixed bug, QA is no longer required.
Correct me if im wrong, Thanks.
Whiteboard: [kb=1273997][qawanted] → [kb=1273997]
You need to log in
before you can comment on or make changes to this bug.
Description
•