Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The WebSocket constructor does not throw SecurityError on bad port anymore #2460

Closed
nox opened this Issue Mar 23, 2017 · 6 comments

Comments

3 participants
@nox
Copy link
Member

nox commented Mar 23, 2017

The test /websockets/Create-Secure-blocked-port.htm checks that a SecurityError is thrown on a bad port, but the spec doesn't mandate that anymore since the switch to Fetch.

Cc @jdm.

@nox

This comment has been minimized.

Copy link
Member Author

nox commented Mar 23, 2017

The same issue exists for the https to ws check.

@jdm

This comment has been minimized.

Copy link

jdm commented Mar 23, 2017

See changes in #840 that caused this.

@annevk

This comment has been minimized.

Copy link
Member

annevk commented Mar 23, 2017

Those changes were intentional, FWIW, but unfortunately before we changed tests and filed bugs. I'm happy to take this on.

@annevk annevk self-assigned this Mar 23, 2017

@nox

This comment has been minimized.

Copy link
Member Author

nox commented Mar 23, 2017

16:36 < nox> jdm: I guess there is the same issue for the https -> ws check, no?
16:38 < •jdm> nox: yeah
16:38 < nox> jdm: Ok.
16:38 < •jdm> that's part of mixed content checks now, I guess
16:39 < nox> jdm: I had no wpt failure for that one though.
16:39 < nox> bz: Does https -> ws raise SecurityError directly in the WebSocket constructor in Gecko?
16:40 — •jdm thinks that bz is not a good person to ask about this
16:42 < •jdm> nox: from WebSocket.cpp, there's a // Don't allow https:// to open ws://

annevk added a commit to web-platform-tests/wpt that referenced this issue Mar 23, 2017

WebSocket: don't throw for bad ports
This changed in whatwg/html#840 to improve the
security architecture.

Fixes whatwg/html#2460.
@annevk

This comment has been minimized.

Copy link
Member

annevk commented Mar 23, 2017

Filed https://bugzilla.mozilla.org/show_bug.cgi?id=1349969.

@mikewest I seem to remember you were going to fix this in Chrome, did you file a bug? Couldn't find one during a quick skim.

jgraham added a commit to web-platform-tests/wpt that referenced this issue Mar 27, 2017

WebSocket: don't throw for bad ports
This changed in whatwg/html#840 to improve the
security architecture.

Fixes whatwg/html#2460.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.