Closed Bug 1725402 Opened 3 years ago Closed 3 years ago

HTTPS-First should copy referrerInfo (and potentially more state) from upgraded channel when performing a fallback to http

Categories

(Core :: DOM: Security, defect, P1)

Product:
Core
Component:
DOM: Security
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
94 Branch
Tracking Flags:
Tracking Status
firefox94 --- fixed

People

(Reporter: ckerschb, Assigned: t.yavor)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file, 2 obsolete files)

Bug 1725402 - HTTPS-First should copy referrerInfo (and potentially more state) from upgraded channel when performing a fallback to http.r=ckerschb
(deleted), text/x-phabricator-request
Details

In case we can't upgrade a top-level load to https we perform a fallback to http in DocumentLoadListener. Currently we do not copy state from the upgraded channel, like e.g. referrerinfo, but we should, similar to what we do here.

Type: task → defect
Attachment #9242277 - Attachment is obsolete: true

Comment on attachment 9242281 [details]
Bug 1725402 - Evaluate HSTS before https-only in NS_ShouldSecureUpgrade. r=ckerschb

Revision D126234 was moved to bug 1722489. Setting attachment 9242281 [details] to obsolete.

Attachment #9242281 - Attachment is obsolete: true
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/7147f598dfc7 HTTPS-First should copy referrerInfo (and potentially more state) from upgraded channel when performing a fallback to http.r=ckerschb,Gijs,freddyb

https://hg.mozilla.org/mozilla-central/rev/7147f598dfc7

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox94: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 94 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: