Just Plain Mean
- May 18, 1997
I cannot replicate the issue with FF v 94.0.1
RoldanLTI did a little bit of sleuthing with Firefox 94.0.1 (windows) TLS logging and wireshark, but I've also seen issues on Firefox 94.1.2 on Android. This seems to be a problem with TLS 1.3 0-rtt data and Firefox. If you set security.tls.enable_0rtt_data in about:config to false, it looks like it resolves the issue in my testing.
From what I'm seeing, if you do anything that tries to post to hardforum.com when there's no active connection, Firefox will open a new connection with TLS 1.3 and some 0-RTT http/2 stuff, and then kind of sit around until the server tells it to go away, and only then does it try to send the POST; that obviously doesn't work because the server told them to go away already. I'm pretty versed in TLS 1.3, I don't know very much about http/2, but this looks like Firefox doing something dumb. I didn't find anything like this in the mozilla bugzilla, so I'm guessing nobody else has figured this out yet, and I'm on the hook to write up a bug report; joy.
If the hardforums admins wanted to "fix" this, I'd guess they could turn off TLS 1.3 0-rtt (aka early data), but that would need to be done for all browsers because it's somewhere between very hard and impossible to determine browser identity in the TLS handshake, and that's where it needs to be done, and I'm guessing they turned it on for a reason; 0-rtt should help performance a bit and AFAIK, it's not a default setting.