Closed
Bug 319060
Opened 19 years ago
Closed 19 years ago
Firefox 1.5 restricts sites on non-standard ports, without the option to disable this "feature"
Categories
(Firefox :: Security, defect)
Tracking
()
People
(Reporter: bholowka, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051111 Firefox/1.5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051111 Firefox/1.5
I realize the first response will be that Firefox restricts access to sites on non-standards ports -by design-, however, it should have the option to disable this feature, not be pushed on us in a draconian manner.
It is no different with the other security features that can be disbled: pop-up blocking, allowing web sites to install software, run scripts, etc.
There are many good reasons to run a web site on a non-standard port, including the security and privacy of that site itself.
Reproduce by browsing to a site that has a port after the address (the site doesn't even have to be real).
e.g. http://www.google.com:6000
Reproducible: Always
Steps to Reproduce:
1. Open Browser
2. Enter address with nonstandard port (http://www.google.com:6000)
3. goto 1
Actual Results:
access restricted
Expected Results:
access granted
Comment 1•19 years ago
|
||
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 2•19 years ago
|
||
Thanks for the reference. It should be noted thet I did exensive searches based on both the text in the page displayed when a site is block, and with various general terms (firefox, port, block, blocking, etc.) and could not find this resource page you provided. I searched in every Firefox resource I could find and on google before coming here. Perhaps there should be something easier to find on this subject.
Was it decided on purpose that management of this feature would not be included in the UI? As a Technical Architect, I believe in the 'all or nothing' philosophy... if you can manage some security features, you should be able to manage all security features (through some interface at least); either through the UI or through the about:config. Adding some items there but keeping some out seems arbitrary at times.
Just my 2cents.
Having the average user edit their
Comment 3•19 years ago
|
||
(In reply to comment #2)
> Was it decided on purpose that management of this feature would not be included
> in the UI? As a Technical Architect, I believe in the 'all or nothing'
> philosophy... if you can manage some security features, you should be able to
> manage all security features (through some interface at least); either through
> the UI or through the about:config. Adding some items there but keeping some
> out seems arbitrary at times.
>
Access to port 6000 is denied, because it's ridiculuous easy to launch a DOS-attack to a Unix or Linux workstation this way.
Firefox is all about a /simplified/ GUI. Mozilla Seamonkey was way to complicated for most people (way to many preferences for instance). That's why this feature can only be changed in about:config. bug 85601 wants a GUI for it, although IMHO this would allow people to make changes without realling the consequences.
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
Comment 4•19 years ago
|
||
*** This bug has been marked as a duplicate of 85601 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago → 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•