X
Tippen Sie hierhin, um die Version dieser Website für Mobilgeräte aufzurufen.

Hilfeforum

insecure connection

Veröffentlicht

I've confirmed the following problem was introduced in Firefox 57, and continues in v58 and v59b. It does not occur in v56 or prior. It also does not occur in the current versions of Chrome v64 or Safari v11.0.3.

When accessing www.pubmed.gov through a library http rewriting proxy server (ezproxy from OCLC), and clicking a link which targets another web site which has subdomains, FF57 attempts a forced Content Security Policy : Upgrading insecure request. This fails because the proxy uses a wildcard certificate which is invalid for multi-level subdomains.

Screen shot attached.

I've confirmed the following problem was introduced in Firefox 57, and continues in v58 and v59b. It does not occur in v56 or prior. It also does not occur in the current versions of Chrome v64 or Safari v11.0.3. When accessing www.pubmed.gov through a library http rewriting proxy server (ezproxy from OCLC), and clicking a link which targets another web site which has subdomains, FF57 attempts a forced Content Security Policy : Upgrading insecure request. This fails because the proxy uses a wildcard certificate which is invalid for multi-level subdomains. Screen shot attached.
Angefügte Screenshots

Mehr Details zum System

Anwendung

  • Firefox 58.0.2
  • User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:58.0) Gecko/20100101 Firefox/58.0
  • Hilfe-URL: https://support.mozilla.org/1/firefox/58.0.2/Darwin/en-US/

Erweiterungen

  • User-Agent Switcher 0.2.0 ({75afe46a-7a50-4c6b-b866-c43a1075b071})
  • Adobe Acrobat DC - Create PDF 15.01.04 (web2pdfextension@web2pdf.adobedotcom) (inaktiv)

JavaScript

  • incrementalGCEnabled: True

Grafiken

  • adapterDescription:
  • adapterDeviceID: 0x119d
  • adapterDrivers:
  • adapterRAM:
  • adapterVendorID: 0x10de
  • crashGuards: []
  • driverDate:
  • driverVersion:
  • featureLog: {u'fallbacks': [], u'features': [{u'status': u'available', u'description': u'Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'HW_COMPOSITING'}, {u'status': u'available', u'description': u'OpenGL Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'OPENGL_COMPOSITING'}, {u'status': u'unavailable', u'description': u'WebRender', u'log': [{u'status': u'opt-in', u'message': u'WebRender is an opt-in feature', u'type': u'default'}, {u'status': u'unavailable', u'message': u"Build doesn't include WebRender", u'type': u'runtime'}], u'name': u'WEBRENDER'}, {u'status': u'blocked', u'description': u'Off Main Thread Painting', u'log': [{u'status': u'disabled', u'message': u'Disabled by default', u'type': u'default'}, {u'status': u'blocked', u'message': u'OMTP does not yet support tiling', u'type': u'runtime'}], u'name': u'OMTP'}]}
  • info: {u'TileHeight': 1024, u'ApzWheelInput': 1, u'ApzDragInput': 1, u'ApzKeyboardInput': 1, u'ApzAutoscrollInput': 1, u'AzureFallbackCanvasBackend': u'none', u'TileWidth': 1024, u'AzureCanvasAccelerated': 1, u'AzureCanvasBackend': u'skia', u'AzureContentBackend': u'skia'}
  • numAcceleratedWindows: 2
  • numTotalWindows: 2
  • offMainThreadPaintEnabled: False
  • webgl1DriverExtensions: GL_ARB_blend_func_extended GL_ARB_draw_buffers_blend GL_ARB_draw_indirect GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_gpu_shader_fp64 GL_ARB_gpu_shader5 GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sample_shading GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shader_subroutine GL_ARB_shading_language_include GL_ARB_tessellation_shader GL_ARB_texture_buffer_object_rgb32 GL_ARB_texture_cube_map_array GL_ARB_texture_gather GL_ARB_texture_query_lod GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_transform_feedback2 GL_ARB_transform_feedback3 GL_ARB_vertex_attrib_64bit GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_viewport_array GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_depth_bounds_test GL_EXT_framebuffer_multisample_blit_scaled GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_mirror_clamp GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier
  • webgl1Extensions: ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_frag_depth EXT_sRGB EXT_shader_texture_lod EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context
  • webgl1Renderer: NVIDIA Corporation -- NVIDIA GeForce GTX 775M OpenGL Engine
  • webgl1Version: 4.1 NVIDIA-10.28.10 355.11.10.10.20.111
  • webgl1WSIInfo: CGL
  • webgl2DriverExtensions: GL_ARB_blend_func_extended GL_ARB_draw_buffers_blend GL_ARB_draw_indirect GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_gpu_shader_fp64 GL_ARB_gpu_shader5 GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sample_shading GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shader_subroutine GL_ARB_shading_language_include GL_ARB_tessellation_shader GL_ARB_texture_buffer_object_rgb32 GL_ARB_texture_cube_map_array GL_ARB_texture_gather GL_ARB_texture_query_lod GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_transform_feedback2 GL_ARB_transform_feedback3 GL_ARB_vertex_attrib_64bit GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_viewport_array GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_depth_bounds_test GL_EXT_framebuffer_multisample_blit_scaled GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_mirror_clamp GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier
  • webgl2Extensions: EXT_color_buffer_float EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_texture_float_linear WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_lose_context
  • webgl2Renderer: NVIDIA Corporation -- NVIDIA GeForce GTX 775M OpenGL Engine
  • webgl2Version: 4.1 NVIDIA-10.28.10 355.11.10.10.20.111
  • webgl2WSIInfo: CGL
  • windowLayerManagerRemote: True
  • windowLayerManagerType: OpenGL
  • windowUsingAdvancedLayers: False

Veränderte Einstellungen

Verschiedenes

  • User JS: Nein
  • Barrierefreiheit: Nein
FredMcD
  • Top 10 Contributor
3813 Lösungen 52925 Antworten
Veröffentlicht
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate. https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message http://kb.mozillazine.org/Error_loading_websites https://www.bing.com/search?q=web+site+access+denied
cor-el
  • Top 10 Contributor
  • Moderator
16711 Lösungen 151144 Antworten
Veröffentlicht

Does it work if you temporarily disable CSP as a test or does Firefox still tries to use the https: protocol?

You can temporarily disable CSP by toggling this pref to false on the about:config page.

  • security.csp.enable = false

This is a security feature you shouldn't leave it disabled and re-enable this feature once you are done with the website.

You may have to check SiteSecurityServiceState.txt for references to this domain.

You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.

Does it work if you temporarily disable CSP as a test or does Firefox still tries to use the https: protocol? You can temporarily disable CSP by toggling this pref to false on the <b>about:config</b> page. *security.csp.enable = false This is a security feature you shouldn't leave it disabled and re-enable this feature once you are done with the website. *https://developer.mozilla.org/en-US/Security/CSP You may have to check SiteSecurityServiceState.txt for references to this domain. You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the <b>about:profiles</b> page. *Help -> Troubleshooting Information -> Profile Directory:<br>Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder *http://kb.mozillazine.org/Profile_folder_-_Firefox

Fragesteller

Setting security.csp.enable = false does mitigate the symptoms. However, FF v56 has security.csp.enable = true, and it does not have the same problem as FF v57 and above.

Setting security.csp.enable = false does mitigate the symptoms. However, FF v56 has security.csp.enable = true, and it does not have the same problem as FF v57 and above.