X
Tap here to go to the mobile version of the site.

Support Forum

No reaction/no information/no error when clicking an HTTPS link that has not been authorized by proxy or host not responding

Posted

Hello, Our company uses a proxy in whitelisting mode. Until recently, clicking any HTTPS link unauthorized by proxy (403 by Squid) would result in an unambiguous error page informing the user that the connection was refused (if needed, they can open a corporate page showing the most recent hostnames blocked from their machine and request authorization).

Now, when clicking an unauthorized link (403 by Squid proxy) in FF, nothing happens. The GUI simply stales as nothing happened. To reproduce: 1. Configure FF with an HTTP proxy (squid) in deny by default. 2. Open duckduckgo, search something, and click on any https link that has not been whitelisted in the proxy. 3. After the click, nothing happens -> no error, no information message, nothing. (in the dev tools -> network tab, one can see a 403 status.)

This also happens when browsing websites: if the website includes a link to another website that is not whitelisted, nothing happens, the user is not informed that the host could not be reached.

This seems like a mechanism has been broken, as FF always used to inform the user of the host not responding with an error page.

Thanks for reading, sb3k

Hello, Our company uses a proxy in whitelisting mode. Until recently, clicking any HTTPS link unauthorized by proxy (403 by Squid) would result in an unambiguous error page informing the user that the connection was refused (if needed, they can open a corporate page showing the most recent hostnames blocked from their machine and request authorization). Now, when clicking an unauthorized link (403 by Squid proxy) in FF, nothing happens. The GUI simply stales as nothing happened. To reproduce: 1. Configure FF with an HTTP proxy (squid) in deny by default. 2. Open duckduckgo, search something, and click on any https link that has not been whitelisted in the proxy. 3. After the click, nothing happens -> no error, no information message, nothing. (in the dev tools -> network tab, one can see a 403 status.) This also happens when browsing websites: if the website includes a link to another website that is not whitelisted, nothing happens, the user is not informed that the host could not be reached. This seems like a mechanism has been broken, as FF always used to inform the user of the host not responding with an error page. Thanks for reading, sb3k
Quote

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0

More Information

Question owner

Also forgot to add: When right-clicking the link (new tab) -> it shows a blank tab, and the "reload" icon remains disabled.

Until prior versions, the reload button would be enabled and users could click it once they have authorized the website/hostname.

sb3k

Also forgot to add: When right-clicking the link (new tab) -> it shows a blank tab, and the "reload" icon remains disabled. Until prior versions, the reload button would be enabled and users could click it once they have authorized the website/hostname. sb3k
Was this helpful to you?
Quote
crankygoat
  • Top 25 Contributor
40 solutions 471 answers

What if you try some return codes here: https://httpstat.us/ You can append your desired status code to the URL or pick from a list on the default landing page.

I get a very small, e.g., 403 Forbidden in the upper left. In normal use, usually the webserver returns a page appropriate to the status (it's generally their job), sometimes with some extra default info like the server version, sometimes with more creative things. I do however (at least i believe) recall Firefox occasionally injecting its own "friendly" type of page. Not sure what happened to that.

What if you try some return codes here: https://httpstat.us/ You can append your desired status code to the URL or pick from a list on the default landing page. I get a very small, e.g., 403 Forbidden in the upper left. In normal use, usually the webserver returns a page appropriate to the status (it's generally their job), sometimes with some extra default info like the server version, sometimes with more creative things. I ''do'' however (at least i believe) recall Firefox occasionally injecting its own "friendly" type of page. Not sure what happened to that.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.