Eduardo Trápani Reporter
	Description • 13 years ago

When I visit this page[1] I get an incomplete security dialog that does not have the "I understand the risks" link, so there's no way to add a security exception

If I right-click and open the frame in a new window, then I can add the exception.

	Eduardo Trápani Reporter
	Comment 1 • 13 years ago

I guess the first question is whether that is a localization issue, but I get the same screen with the official en-US build, running with -safe-mode.

	[:philipp]
	Comment 2 • 12 years ago

a user in the SUMO forum has reported the same reproducible issue with a secure site that embeds an iframe containing a different https URL with a certificate error not showing the "I understand the risks" section.

https://support.mozilla.org/de/questions/929298#answer-341229

	Eduardo Trápani Reporter
	Comment 3 • 12 years ago

HTML document to reproduce the error.

	[:philipp]
	Comment 4 • 12 years ago

i tried to pin this down - the regression occurred in firefox 11. the first time it fails is on mozilla-central/mozilla-inbound nightly build of 2011-12-07.

	Virgil Dicu [:virgil] [QA]
	Comment 5 • 12 years ago

I believe this is intentional: see follow-up bug 742645.

(In reply to Eduardo Trápani from comment #0)
> If I right-click and open the frame in a new window, then I can add the
> exception.
 
This however is inconsistent. Adding dependency to bug 742645

	Daniel Veditz [:dveditz]
	Comment 6 • 12 years ago

framed pages can be click-jacked or users can be persuaded to approve a cert for the wrong site, removing the button from cert-error page is intentional. But people do need to add legitimate exceptions in the case of poorly managed servers, so we do want to allow you to open the frame in its own page/tab where you can what site it's for.

	[:philipp]
	Comment 7 • 12 years ago

thanks for clarification!