Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

话题已存档。 如果需要帮助请提出新问题。

No reaction/no information/no error when clicking an HTTPS link that has not been authorized by proxy or host not responding

  • 2 个回答
  • 1 人有此问题
  • 8 次查看
  • 最后回复者为 crankygoat

sb3k
sb3k
more options

Hello, Our company uses a proxy in whitelisting mode. Until recently, clicking any HTTPS link unauthorized by proxy (403 by Squid) would result in an unambiguous error page informing the user that the connection was refused (if needed, they can open a corporate page showing the most recent hostnames blocked from their machine and request authorization).

Now, when clicking an unauthorized link (403 by Squid proxy) in FF, nothing happens. The GUI simply stales as nothing happened. To reproduce: 1. Configure FF with an HTTP proxy (squid) in deny by default. 2. Open duckduckgo, search something, and click on any https link that has not been whitelisted in the proxy. 3. After the click, nothing happens -> no error, no information message, nothing. (in the dev tools -> network tab, one can see a 403 status.)

This also happens when browsing websites: if the website includes a link to another website that is not whitelisted, nothing happens, the user is not informed that the host could not be reached.

This seems like a mechanism has been broken, as FF always used to inform the user of the host not responding with an error page.

Thanks for reading, sb3k

Hello, Our company uses a proxy in whitelisting mode. Until recently, clicking any HTTPS link unauthorized by proxy (403 by Squid) would result in an unambiguous error page informing the user that the connection was refused (if needed, they can open a corporate page showing the most recent hostnames blocked from their machine and request authorization). Now, when clicking an unauthorized link (403 by Squid proxy) in FF, nothing happens. The GUI simply stales as nothing happened. To reproduce: 1. Configure FF with an HTTP proxy (squid) in deny by default. 2. Open duckduckgo, search something, and click on any https link that has not been whitelisted in the proxy. 3. After the click, nothing happens -> no error, no information message, nothing. (in the dev tools -> network tab, one can see a 403 status.) This also happens when browsing websites: if the website includes a link to another website that is not whitelisted, nothing happens, the user is not informed that the host could not be reached. This seems like a mechanism has been broken, as FF always used to inform the user of the host not responding with an error page. Thanks for reading, sb3k

所有回复 (2)

sb3k
sb3k 提问者
more options

Also forgot to add: When right-clicking the link (new tab) -> it shows a blank tab, and the "reload" icon remains disabled.

Until prior versions, the reload button would be enabled and users could click it once they have authorized the website/hostname.

sb3k

crankygoat
crankygoat
more options

What if you try some return codes here: https://httpstat.us/ You can append your desired status code to the URL or pick from a list on the default landing page.

I get a very small, e.g., 403 Forbidden in the upper left. In normal use, usually the webserver returns a page appropriate to the status (it's generally their job), sometimes with some extra default info like the server version, sometimes with more creative things. I do however (at least i believe) recall Firefox occasionally injecting its own "friendly" type of page. Not sure what happened to that.