Open Bug 1831644 Opened 1 year ago Updated 1 year ago

Spurious localhost call during Microsoft OAuth login

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: sancus, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [snnot3p])

Andrei Hajdukewycz [:sancus]

Reporter

Description

•

1 year ago

We do a call to https://localhost/?code during the OAuth process. This call works on 102 but it fails with NS_ERROR_CONNECTION_REFUSED on current Daily.

This seems to have no effect on the authentication whatsoever and @leftmostcat suggested it shouldn't even be happening at all.

Andrei Hajdukewycz [:sancus]

Reporter

Updated

•

1 year ago

Blocks: tb-ms-oauth2

Thomas D. (:thomas8)

Updated

•

1 year ago

Whiteboard: [snnot3p]

Magnus Melin [:mkmelin]

Comment 1

•

1 year ago

I think that's to be expected; it's the redirect_uri
Dunno about the fail. At least ideally it will be intercepted internally, but a call to localhost definitely needs to happen for the process to succeed.

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Spurious localhost call during Microsoft OAuth login

Categories

(Thunderbird :: Security, defect)

Tracking

(Not tracked)

People

(Reporter: sancus, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [snnot3p])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Comment 1