New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create grid of browser/interference mechanism user experience #4

Open
willscott opened this Issue Feb 5, 2015 · 1 comment

Comments

Projects
None yet
1 participant
@willscott
Owner

willscott commented Feb 5, 2015

To show under what conditions the application cache fires.

@willscott

This comment has been minimized.

Show comment
Hide comment
@willscott

willscott Feb 19, 2015

Owner

We consider the following interference modes:

  • No DNS Reply - No UDP response from DNS server
  • No DNS Answer - A DNS response is sent with no answer section
  • IP RST - a reset packet is sent in response to the client's TCP SYN
  • No IP Response - No syn-ack packet is received by the client
  • No HTTP Response - The connection is closed after the client request
  • MITM - An incorrect SSL certificate is presented by a malicious server

Current behavior for an HTTPS site using a fallback appcache appears to be:

Browser AppCache No DNS Reply No DNS Answer IP RST No IP Response No HTTP Response MITM - 404 MITM - Block Page
Chrome/41 Yes Activates Activates Activates 2 min timeout Activates Warning Warning
Safari/5.1 Yes Activates Activates Activates 3 sec timeout Activates Activates Activates
Firefox/36 Yes Activates Activates Activates 5 min timeout Activates Activates Activates
IE/11 Yes Activates Activates Activates 1 min timeout Activates Warning Warning

Current behavior for an HTTPS site using a primary appcache appears to be:

Browser AppCache No DNS Reply No DNS Answer IP RST No IP Response No HTTP Response MITM - 404 MITM - Block Page
Chrome/41 Yes Activates Activates Activates Activates Activates Activates Activates
Safari/5.1 Yes Activates Activates Activates Activates Activates Activates Activates
Firefox/36 Yes Activates Activates Activates Activates Activates Activates Activates
IE/11 Yes Activates Activates Activates Activates Activates Activates Activates
Owner

willscott commented Feb 19, 2015

We consider the following interference modes:

  • No DNS Reply - No UDP response from DNS server
  • No DNS Answer - A DNS response is sent with no answer section
  • IP RST - a reset packet is sent in response to the client's TCP SYN
  • No IP Response - No syn-ack packet is received by the client
  • No HTTP Response - The connection is closed after the client request
  • MITM - An incorrect SSL certificate is presented by a malicious server

Current behavior for an HTTPS site using a fallback appcache appears to be:

Browser AppCache No DNS Reply No DNS Answer IP RST No IP Response No HTTP Response MITM - 404 MITM - Block Page
Chrome/41 Yes Activates Activates Activates 2 min timeout Activates Warning Warning
Safari/5.1 Yes Activates Activates Activates 3 sec timeout Activates Activates Activates
Firefox/36 Yes Activates Activates Activates 5 min timeout Activates Activates Activates
IE/11 Yes Activates Activates Activates 1 min timeout Activates Warning Warning

Current behavior for an HTTPS site using a primary appcache appears to be:

Browser AppCache No DNS Reply No DNS Answer IP RST No IP Response No HTTP Response MITM - 404 MITM - Block Page
Chrome/41 Yes Activates Activates Activates Activates Activates Activates Activates
Safari/5.1 Yes Activates Activates Activates Activates Activates Activates Activates
Firefox/36 Yes Activates Activates Activates Activates Activates Activates Activates
IE/11 Yes Activates Activates Activates Activates Activates Activates Activates
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment