[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#991972: More information

Sorry, I should have checked this on more than one browser before reporting.
For some reason my ancient Firefox profile, when I browse to "backports.org", redirects to https://www.backports.org/. Perhaps this was a cached permanent redirect, or something to do with HSTS.
On a naive profile (with seemingly any browser), browsing to "backports.org" fails, because backports.org has no A record. Not terribly friendly but not a problem. It sounds like your browser has some memory that points backports.org to backports.debian.org. A naive browser has no way to return anything for https://backports.org/ or http://backports.org/.
www.backports.org does have a CNAME record: it points to backports.debian.org, which seems to have the same IP address as debian.org. Browsing to http://www.backports.org/ is successful: the Debian webserver redirects the request to https://backports.debian.org/, and when accessed via that name, the Debian webserver correctly serves the backports page.
However, when you browse to https://www.backports.org/ (note the secure protocol), that's when it breaks. The Debian webserver defaults to serving the Debian homepage, complete with the TLS certificate for debian.org. This causes a nasty security error in the browser, and if bypassed, results in the Debian homepage loading at https://www.backports.org/ rather than the Backports page.
The only remaining mystery is why my Firefox profile is handling "backports.org" the way it is. I'm trying to figure out how to diagnose that, but it doesn't seem like there's much visibility to that kind of thing. It could be something that affects everybody who visited backports.org during a particular timeframe.
Reply to: