2020.5.20 does not fix port whitelisting issue

[jmgurney]

Type: code issue

When upgrading to 2020.5.20, I experience the issue that if Encrypt All Sites Eligible is on, that sites w/ a port number and are included in the whitelist are broken and unreachable. If I downgrade to 2019.11.7, things work fine. See previously related issue:
#19029

When I got to a site w/ a port number that is different that 443, and the that site uses http, but the 443 port is available, I get an error that the proxy server is refusing connections. I normally use a proxy server to browser the web, and w/ 2019.11.7, things work. The site w/ port number is correct listed in the HTTPS Everywher Sites Disabled list, and so should work as normal. The only change is switching between 2020.5.20 and 2019.11.7, no other changes are made.

This is with Firefox 76.0.1.

[cschanaj]

There was a breaking change in the whitelisting mechanism, and I suspect this is an issue with the legacy whitelist entries. Would you try to add a new whitelist item for the same website without specifying the port number?

[jmgurney]

Can you explain to me how to add a new rule to have a website, like foo.example.com:12345 always be http? The only way I can see to add a new rule is to go to see more -> add rule for this website, but I don't see a way to change the always use https for this site part. See attached screen shot.

I need a rule to always use http for this website.

[cschanaj]

On Chrome, you shall right-click on the extension icon, select "Options", and type foo.example.com in the input box under the "HTTPS Everywhere Sites Disabled" section and click "Add Disabled Site".

[jmgurney]

Ok, for some reason I missed the disable HTTPS Everywhere on this site button that was staring me in the face.

[jmgurney]

I deleted this comment because I thought I was incorrect, but looking closer at the network trace, I see that this is correct:
Though the issue is now requests that go to the different site w/o the port number are still sent unencrypted instead of defaulting to https. Whitelisting sites with a port should ONLY whitelist that specific port number, it should NOT whitelist the entire domain. If I white list foo.example.com:12345, this ends up white listing foo.example.com as well, which is different. The port number needs to be included when considering if it matches or not.

[zoracon]

@cschanaj It seems as if #18760 should be reverted for now. host property included port numbers and hostname excludes this. Can you discuss what the original MCB issue was? MC is handled at a higher level for browsers now and I feel maybe this needs to be fully reverted to handle port numbers again properly.

@jmgurney Thank you for reporting.

[zoracon]

After I return from my week off, my priority is to set this patch release. Would have done it this week, but didn't want to not be available for extended support/hotfixes, etc. Thank you for your patience.

[zoracon]

Please check if your issue still persists in version 2020.8.13, I will wait for confirmation before closing.

[zoracon]

Seems as if this is resolved since there are no further reports. Closing