Opened 3 years ago

Last modified 16 months ago

#19994 assigned defect

Forwards URLs with dedicated port number which causes breakage

Reported by: hanno Owned by: legind
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I recently stumbled upon someone linking his pgp key to an url at pgp.mit.edu like this one:
http://pgp.mit.edu:11371/

Now HTTPS Everywhere has pgp.mit.edu listed as an https url, therefore it tries to forward it. However there is no reasonable way to forward such an URL, as it has a dedicated port number. HTTPS everywhere tries to forward it to this:
https://pgp.mit.edu:11371/

This obviously does not work, as it is now trying to connect via TLS on the same port that an HTTP server is running.

In this case it would work to forward to the "normal" https port, aka:
https://pgp.mit.edu/
But this is merely a very special situation, because it seems for pgp.mit.edu the same service is running on the normal 80/443 http/https ports.

I think the general solution should be to never forward URLs that have a specific port set.

Child Tickets

Change History (1)

comment:1 Changed 16 months ago by teor

Owner: changed from jsha to legind
Status: newassigned

Make legind the owner of all HTTPS Everywhere tickets that were mistakenly assigned to jsha.
(See #26397.)

Note: See TracTickets for help on using tickets.