Current time: 09-18-2019, 09:35 AM Hello There, Guest! (LoginRegister)

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Additional request in Firefox
12-29-2015, 10:02 PM
Post: #1
Additional request in Firefox
I was testing one of the websites and found some extra requests in Firefox,
Like -
https://search.servi...S/SG/default/default
http://ocsp.entrust.net/
http://ocsp.digicert.com/

These requests aren't included in page, also they do not appear when I tested same web page from different browsers (IE and Chrome) on same machine.

Also will blocking these requests for the run would help?
Please take a look -
http://www.webpagetest.org/result/151227...1/details/
Find all posts by this user
Quote this message in a reply
12-29-2015, 10:18 PM (This post was last modified: 12-29-2015 10:34 PM by akshayranganath.)
Post: #2
RE: Additional request in Firefox
Firefox (and all browsers) implement what's called as OCSP stampling. This article explains the behavior: https://blog.mozilla.org/security/2013/0...-firefox/. It looks like the Firefox has been hardened to verify the TLS cert validity.

tl;dr; - The income tax site is not sending the certificate validity information and FF is defaulting to the OCSP check. This can be disabled through the browser's "about:config" setting. This will not be possible on WPT public instance.

For your use case, you could just block the domain and re-test. However, I'd suggest you to not do this. My suggestion would be to run 2 tests with the OCSP domains blocked and not blocked. You should consider both the response since some browsers (esp those behind corporate proxies) would be hardened to check for OCSP signatures.

Follow me on twitter: @rakshay
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 2 Guest(s)