SSL request size greater than 8K is giving connection reset error on Firefox 11
we are currently facing an issue with Firefox 10 & 11. I am seeing the termination of SSL connection when the size of the post message is greater than 8K. This caused 'connection reset' errors on the browser side. I believe this is due to the beast attack fixes on FF10 and later version. The https works fine until the request size reaches 8600 bytes. The same issue didnt happen if i proxy the FF through fiddler.
Сви одговори (2)
You should either use the Feedback tool or Bugzilla to report this to the developers:
https://input.mozilla.org/en-US/feedback https://bugzilla.mozilla.org/
The "The connection was reset" error message can be caused by a bug fix for the BEAST (Browser Exploit Against SSL/TLS) attack that the server doesn't handle.
See comment 60 in this bug report for workaround, but be aware that this makes you vulnerable to that BEAST attack.
- bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset"
Be sure to remove that environment variable after testing to prevent you from being vulnerable to that exploit.