Closed Bug 569097 Opened 15 years ago Closed 15 years ago

e10s HTTP: Let HttpChannelParent::GetInterface result with NO_INTERFACE for nsIBadCertListener2

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 569098

People

(Reporter: jduell.mcbugs, Assigned: mayhemer)

References

Details

Attachments

(1 file)

v1
(deleted), patch
Details | Diff | Splinter Review 
This is much like the HTTP auth case:  all we need to do is to figure out how to give the HttpChannelParent the appropriate nsIBadCertListener2 to hand out during GetInterface, and things ought to just work (?)

Without this, test-ipc.xul pops up a "secure connection failed" dialog, which allows the client to see the cert info, but doesn't provide any way to make a cert exception and continue the connection.

I tested this by loading https://mail.yahoo.com/, which on 5/29/10 at least had a bad cert.

Not sure if this depends on bug 536301 or not--Honza?
Honza:  feel free to morph this into a larger "security UI" bug if that's the right way to proceed.
Depends on: 569098
Hmmm... I don't think it is that easy...

By default (when loading an html page) callbacks doesn't provide any badCertListener.  It is not a precondition for the bad cert error page (it lies somewhere else, already discussed in bug 536301 comment 6).

Few components on chrome are pushing nsIBadCertListener2 implementation manually as callbacks to a channel or xmlhttprequest, to suppress the error.  Those seem to be: AddonInstall, UpdateParser, Blocklist.

The first one is using directly an http channel, the last two are using XHR.channel and all set (XHR.)channel.notificationCallbacks = new BadCertListener.  Access to channel's notificationCallbacks is able only on the chrome (or better say, with the chrome privileges).

So, for me, patch for this bug is to let HttpChennelParent throw NO_INTERFACE (not DROP_DEAD!) when nsIBadCertListener2 is demanded.

The rest needed to correctly display the bad cert error page should be part of bug 536301 and the security UI browser binding (bug 568504).

-> me
Assignee: nobody → honzab.moz
Status: NEW → ASSIGNED
Summary: e10s HTTP: Hook up nsIBadCertListener2 to HttpChannelParent → e10s HTTP: Let HttpChannelParent::GetInterface result with NO_INTERFACE for nsIBadCertListener2
And also UpdateService's Checker is setting xhr.channel.notificationCallbacks = new BadCertListener.
Attached patch v1 (deleted) — Splinter Review 
This makes the bad cert dialog appear w/o any drop_deads.  It is IMO sufficient for the initial merge with m-c, however, working on making the exception page appear in bug 536301 and dependent.
Attachment #448425 - Flags: review?(jduell.mcbugs)
Ups... looks like this patch is completely the same as the already reviewed patch for bug 569098.  Differs just in the comment.
Great minds think alike.
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Attachment #448425 - Flags: review?(jduell.mcbugs)
Blocks: 570003
No longer blocks: 570003
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: