Firefox Websocket security issue

FirefoxWebsocket

Firefox Problem Overview

We have a websocket server on port 8080 setup on a Linode box. Chrome and Opera work just fine. Firefox however complains that the operation is insecure.

"The operation is insecure: Code 18"

If I try to create a new WebSocket object in the web console before the page is loaded everything is fine. However, after the page loads something is screwy then I cannot create the object anymore. See the attached screenshot.enter image description here

I have no idea what operation is insecure or even how to go about diagnosing this.

Firefox Solutions

Solution 1 - Firefox

As you point out in another answer, https:// to ws:// is disallowed by default on firefox.

Going to firefox's about:config and toggling network.websocket.allowInsecureFromHTTPS will get rid of the SecurityError.

Solution 2 - Firefox

I fixed this. The app itself is under SSL but the websocket being accessed is not. Chrome and Opera don't care but Firefox does. According to:

https://bugzilla.mozilla.org/show_bug.cgi?id=303952

This is known and is not considered a bug. Mozilla's response: wontfix

Solution, put websocket server under SSL and use wss://

Solution 3 - Firefox

Had the same problem and attempted to fix by changing network.websocket.allowInsecureFromHTTPS in about:config which did not work.

Ended up finding this post => https://stackoverflow.com/questions/58470055/unhandled-rejection-securityerror-the-operation-is-insecure-on-a-fresh-creat

Changing this in index.js ended up working for me

serviceWorker.register();
//serviceWorker.unregister();

Solution 4 - Firefox

This is a hunch based off limited info, and I probably should put this into a comment, but I don't have enough reputation points to do that yet.

Looking at your log, it seems as if 24 seconds are passing from the receipt of [object Websocket] (time 17:46:36.683) until you get The connection to ws://.....(time 17:47:00:952) error message.The long delay leads me to believe that the server could be timing out and closing the websocket connection. Look at this answer for a potential solution.

Solution 5 - Firefox

Open "about:config" url in firefox. Search for allowInsecureFromHTTPS and set it to true

Solution 6 - Firefox

Beside secure ssl context and cross-origin policies, assigning some port can trigger the error as well.

What are valid http ports for Firefox? I don't know precisely, but have to be between 1500 and 64000, or the console will display:

SecurityError: The operation is insecure.

And http links will say:

This address is restricted

This address uses a network port which is normally used for purposes other than Web browsing.
Firefox has canceled the request for your protection.

enter image description here

Categories
Recommended Firefox Solutions
Recommended Websocket Solutions

Previous Solution:

Duplicate a document in MongoDB using a new _id

Mongodb

Next Solution:

Firebase child_added only get child added

Firebase

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionbcardarellaView Question on Stackoverflow
Solution 1 - FirefoxFrandromedoView Answer on Stackoverflow
Solution 2 - FirefoxbcardarellaView Answer on Stackoverflow
Solution 3 - FirefoxAvidDabblerView Answer on Stackoverflow
Solution 4 - FirefoxlakerView Answer on Stackoverflow
Solution 5 - Firefoxuser665327View Answer on Stackoverflow
Solution 6 - FirefoxNVRMView Answer on Stackoverflow