搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

Why does Firefox makes an http request to ietf.org even when in HTTPS-only mode? (OCSP related)

more options

When in HTTPS-only mode and the "Query OCSP responder servers" settings is enabled, Firefox makes an http request on port 80 to ietf.org.

details:

  • HTTPS-only mode on, OCSP on:
  • go to http://ietf.org/
  • requests are made to:

ocsp.starfieldtech.com ietf.org ocsp.digicert.com

  • HTTPS-only mode on, OCSP on:
  • go to https://ietf.org/
  • requests are only made to:

ocsp.starfieldtech.com ocsp.digicert.com

why is this? (Firefox 103 on macOS 10.15)

When in HTTPS-only mode and the "Query OCSP responder servers" settings is enabled, Firefox makes an http request on port 80 to ietf.org. details: * HTTPS-only mode on, OCSP on: * go to '''http'''://ietf.org/ * requests are made to: ocsp.starfieldtech.com ietf.org ocsp.digicert.com * HTTPS-only mode on, OCSP on: * go to '''https'''://ietf.org/ * requests are only made to: ocsp.starfieldtech.com ocsp.digicert.com why is this? (Firefox 103 on macOS 10.15)

所有回覆 (2)

more options

(ignore this post)

由 n0u355lo 於 修改

有幫助嗎?

more options

The server at http://ietf.org returns a 302 redirect to https://www.ietf.org/ so I'm not sure whether HTTPS-Only causes anything different to happen there.

There probably is a diagram somewhere showing the exact request flow for HTTPS-Only mode and whatever implications OCSP might have.

有幫助嗎?

問個問題

如果您還沒有帳號,您必須先 登入您的帳號 來回覆文章。請 開始一個新問題