So I'm not sure what to do about this ticket.
The current situation is:
* we have backports.org - which does *not* belong to Debian
* when accessing it, some variations of the URL get forwarded to
https://backports.debian.org/ and some break in various way
My opinion on this is: let's let the backports.org URL die or be broken
like it is. If people notice then let them manually switch the URL they
use to https://backports.debian.org/.
*t
On Sun, 15 Aug 2021, Xan Charbonnet wrote:
Sorry, I should have checked this on more than one browser before reporting.
For some reason my ancient Firefox profile, when I browse to "backports.org",
redirects to https://www.backports.org/. Perhaps this was a cached permanent
redirect, or something to do with HSTS.
On a naive profile (with seemingly any browser), browsing to "backports.org"
fails, because backports.org has no A record. Not terribly friendly but not
a problem. It sounds like your browser has some memory that points
backports.org to backports.debian.org. A naive browser has no way to return
anything for https://backports.org/ or http://backports.org/.
www.backports.org does have a CNAME record: it points to
backports.debian.org, which seems to have the same IP address as debian.org.
Browsing to http://www.backports.org/ is successful: the Debian webserver
redirects the request to https://backports.debian.org/, and when accessed via
that name, the Debian webserver correctly serves the backports page.
However, when you browse to https://www.backports.org/ (note the secure
protocol), that's when it breaks. The Debian webserver defaults to serving
the Debian homepage, complete with the TLS certificate for debian.org. This
causes a nasty security error in the browser, and if bypassed, results in the
Debian homepage loading at https://www.backports.org/ rather than the
Backports page.
The only remaining mystery is why my Firefox profile is handling
"backports.org" the way it is. I'm trying to figure out how to diagnose
that, but it doesn't seem like there's much visibility to that kind of thing.
It could be something that affects everybody who visited backports.org during
a particular timeframe.
--
To unsubscribe, send mail to 991972-unsubscr...@bugs.debian.org.
