New Persona URLs and IP addresses: possible impact on CSP and firewalls

Francois Marier francois at mozilla.com
Thu Jul 12 19:41:16 PDT 2012


We have rolled out our rebrand of BrowserID to Persona. As part of this
change, the URLs and IP addresses have changed. Most sites will not be
impacted by this since redirects from the old URLs to the new ones will
remain in place for the foreseeable future.

Content Security Policy
-----------------------

However, you need to update your CSP headers if you are using
Content-Security-Policy. The instructions available at
http://feeding.cloud.geek.nz/2011/11/using-browserid-and-content-security.html
are still valid, but you now have to include both https://browserid.org
and https://login.persona.org in your headers.

Once you have replaced all references to
https://browserid.org/include.js with
https://login.persona.org/include.js in your application code, you will
be able to drop https://browserid.org from your CSP headers.

Firewalls
---------

Similarly, once you start verifying assertions using
https://verifier.login.persona.org/verify (instead of
https://browserid.org/verify), you will need to change your firewall
rules if you are restricting outgoing HTTPS connections.

The verifier is now available at 63.245.209.241 and
63.245.217.134.

As always, you can get in touch with us on IRC (#identity on
irc.mozilla.org) or on our mailing list
(https://lists.mozilla.org/listinfo/dev-identity) if you run into any
problems.

- The Persona team


More information about the Persona-notices mailing list