Open kewisch opened 15 years ago
Date: 2008-12-03 22:46:57 +0100 From: Anil <replicase@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; SunOS i86pc; en-US; rv:1.9.0.4) Gecko/2008111710 Firefox/3.0.4 Build Identifier: 0.9
We have a Foundry Load Balancer that answers calendar (WCAP) requests over 80 and 443 (https). Connections to port 80 are re-directed to port 443 (using a standard HTTP 302 redirect) by the LB.
When you specify http://url for the calendar Lightning reports an error that the connection is insecure. However, doing a snoop in the background shows traffic going over 443 (as expected).
It'll be nice if Lightning can detect the Redirect from the server (foundry) and not show the warning message OR if a SSL connection is detected the user's calendar setting should be changed to https://url.
Reproducible: Always
Steps to Reproduce:
Expected Results:
Perhaps a connection to the WCAP/HTTP server should be made and after the redirects are followed, automatically determine if the connection is secure or not. If not, throw the normal warning message.
Date: 2008-12-03 23:55:47 +0100 From: mvl@exedo.nl
-> WCAP
Date: 2008-12-04 12:10:41 +0100 From: @kewisch
Could you possibly give me or Daniel Bölzle access to this server for testing? We've fixed this for all providers except WCAP.
Date: 2008-12-04 15:35:45 +0100 From: Anil <replicase@gmail.com>
Just sent to your email. Not sure how to do confidential comments on here. Thanks!
Date: 2008-12-08 15:57:20 +0100 From: @dbo
The redirects seems to work, but the current code (statically) warns if a plain http URL is given: http://mxr.mozilla.org/comm-central/ident?i=confirmInsecureLogin
Bugzilla Bug 467826
Date: 2008-12-03T22:46:57+01:00 From: Anil <replicase@gmail.com> Assigned To: nobody
Last updated: 2008-12-08T15:57:20+01:00