Closed Bug 1759407 Opened 3 years ago Closed 2 years ago

http site only and infinite loop redirection when in private mode.

Categories

(Firefox :: Private Browsing, enhancement)

Product:
Firefox
Component:
Private Browsing
Type:
enhancement

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1725646

People

(Reporter: karlcow, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

Here an interesting case initially reported on webcompat.com
at https://github.com/webcompat/web-bugs/issues/83146

I wonder if the user experience should be better.

  1. Open a private mode window.
  2. Go to http://www.bom.gov.au/

Expected:
read the site at http://www.bom.gov.au/

Actual:
The site doesn't support https and it redirects to the page
http://www.bom.gov.au/akamai/https-redirect.html

HTTP/1.1 307 Temporary Redirect
Server: AkamaiGHost
Content-Length: 0
Location: http://www.bom.gov.au/akamai/https-redirect.html
Date: Mon, 14 Mar 2022 05:43:05 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=1

which contains this script

    <script language="Javascript">
      var home_page = 'http://' + location.hostname;
      var timerId;
      function start()
      {
        timerId = setTimeout('load_page()', 10000);
      }
      function load_page()
      {
        clearTimeout(timerId);
        window.location.replace(home_page);
      }
    </script>

basically pushing back to http, but then private mode is trying to push back again to https… hence an infinite loop.

If it was done through http redirects only, the site would fail after 10 rebounds but that would still be a poor user experience.

FWIW, Setting dom.security.https_first_pbm to false resolves the issue.

Blocks: https-first-mode

See bug 1725646 comment 24 :-)

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.