Page 1 of 1
ff2 issuing http requests when https is forced
Posted: Thu Mar 19, 2009 5:12 pm
by al_9x
Giorgio Maone wrote:I'm currently investigating if the response gets actually parsed by Firefox 2.0 or not: in the latter case, the feature would serve its purpose anyway, notwithstanding the double request
Forcing https is to prevent leaking over http, so how is it relevant if it gets parsed or not?
Re: Fx2 issuing http requests when https is forced
Posted: Thu Mar 19, 2009 5:34 pm
by Giorgio Maone
Sorry, I was quite tired when I wrote that post.
Since I use HTTPS cookie promotion, I didn't consider the leakage argument, forgetting that secure cookie management is not enabled by default.
You're right obviously, this needs to be fixed for Fx 2.
Side note: Fx is the "official" abbreviation for Firefox, and this is a bug report: moderating accordingly
Re: Fx2 issuing http requests when https is forced
Posted: Sat Mar 28, 2009 6:05 am
by Nan M
Putting this here for a quick heads up only.
I'm getting all 443 alla da time now for forcing https on my couple of secure examples
Re: ff2 issuing http requests when https is forced
Posted: Thu Apr 09, 2009 2:15 am
by GµårÐïåñ
Giorgio, not to bug (no pun intended) but did this bug get resolved? Any new word on it?