Closed Bug 1276848 Opened 8 years ago Closed 5 years ago

Permalink to download firefox leads to a download link with a bad certificate

Categories

(Cloud Services :: Operations: Product Delivery, task)

Product:
Cloud Services
Component:
Operations: Product Delivery
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: eloi, Unassigned)

References

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0 Build ID: 20160502172042 Steps to reproduce: Sorry, bug with the website more than with Firefox itself. Trying to download latest versions of Firefox with the permalinks furnished in the README file http://releases.mozilla.org/pub/firefox/releases/latest/README.txt ; e.g. in my case the french version of the latest Firefox : https://download.mozilla.org/?product=firefox-latest&os=win&lang=fr Actual results: The site redirects me to download the following file : https://download.cdn.mozilla.net/pub/firefox/releases/46.0.1/win32/en-US/Firefox%20Setup%2046.0.1.exe which seems to be the one I want. However, the connection is not secure because of a problem with the used SSL certificate. Downloading is blocked due to HSTS. download.cdn.mozilla.net utilise un certificat de sécurité invalide. Le certificat n'est valide que pour les noms suivants : a248.e.akamai.net, *.akamaihd.net, *.akamaihd-staging.net, *.akamaized.net, *.akamaized-staging.net Code d'erreur : SSL_ERROR_BAD_CERT_DOMAIN Expected results: Download the setup executable.
Component: Untriaged → Installer
OS: Unspecified → All
Hardware: Unspecified → All
Version: 46 Branch → unspecified
Thanks for the report. Moving to (what I think is) a better component, so the right people see this.
Component: Installer → Operations: Product Delivery
Product: Firefox → Cloud Services
QA Contact: oremj
Do you have an addon installed that is forcing SSL? I get the following from 'https://download.mozilla.org/?product=firefox-latest&os=win&lang=fr' ➜ ~ curl -v 'https://download.mozilla.org/?product=firefox-latest&os=win&lang=fr' * Trying 52.10.91.46... * Connected to download.mozilla.org (52.10.91.46) port 443 (#0) * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: download.mozilla.org * Server certificate: DigiCert Secure Server CA * Server certificate: DigiCert Global Root CA > GET /?product=firefox-latest&os=win&lang=fr HTTP/1.1 > Host: download.mozilla.org > User-Agent: curl/7.43.0 > Accept: */* > < HTTP/1.1 302 Found < Cache-Control: max-age=60 < Content-Type: text/html; charset=utf-8 < Date: Tue, 31 May 2016 15:28:10 GMT < Location: http://download.cdn.mozilla.net/pub/firefox/releases/46.0.1/win32/fr/Firefox%20Setup%2046.0.1.exe < Content-Length: 120 < Connection: keep-alive < <a href="http://download.cdn.mozilla.net/pub/firefox/releases/46.0.1/win32/fr/Firefox%20Setup%2046.0.1.exe">Found</a>.
You are absolutely right, NoScript is the problem here. I did not find those bugs when looking for precedents, my mistake. The fix here (https://bugzilla.mozilla.org/show_bug.cgi?id=1272909#c11) works very well. Cheers
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.