Closed Bug 856712 Opened 11 years ago Closed 11 years ago

Defect - HTTPS certificate Visit Site/Add permanent exception buttons are not working

Categories

(Firefox for Metro Graveyard :: Browser, defect)

Product:
Firefox for Metro Graveyard
Component:
Browser
Platform:
x86
Windows 8.1
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: flaki, Unassigned)

References

Details

(Whiteboard: feature=defect c=content_features u=metro_firefox_user p=0)

Attachments

(1 file)

Patch v1
(deleted), patch
mbrubeck
: review+
Details | Diff | Splinter Review 
User Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:22.0) Gecko/20130331 Firefox/22.0
Build ID: 20130331030859

Steps to reproduce:

Tried to open an https connection to a site with invalid certificate:

"jegyvasarlas.mav-start.hu uses an invalid security certificate.

The certificate is not trusted because no issuer chain was provided.

(Error code: sec_error_unknown_issuer)"


Actual results:

Clicked Visit site (or Add permanent exception) button, but after site reload, the warning screen showed up again and could not continue browsing.


Expected results:

The site should have reloaded normally after clicking the Visit site buttin(and a an exception rule should have been added to open the site on later occasions, despite the certificate problem, when clicked the Add permanent exception button).
Status: UNCONFIRMED → NEW
Component: General → Browser
Ever confirmed: true
OS: All → Windows 8 Metro
Hardware: All → x86
Summary: When there are problems with the HTTPS certificate Visit Site/Add permanent exception buttons are not working, user is presented again the yellow warning page after clicking the buttons → HTTPS certificate Visit Site/Add permanent exception buttons are not working
Version: 22 Branch → Trunk
Plan a is to fix it. Plan b is to remove the buttons.
Priority: -- → P2
Blocks: metrov1defect&change
No longer blocks: metrov1triage
Summary: HTTPS certificate Visit Site/Add permanent exception buttons are not working → Defect - HTTPS certificate Visit Site/Add permanent exception buttons are not working
Whiteboard: feature=defect c=tbd u=tbd p=0
has anyone reproduced this?
Whiteboard: feature=defect c=tbd u=tbd p=0 → feature=defect c=tbd u=tbd p=0 [shovel-ready]
Yes, you can reproduce this easily by trying to go to https://stackoverflow.com and verifying that the buttons don't work
QA Contact: rsilveira
Assignee: nobody → rsilveira
Status: NEW → ASSIGNED
QA Contact: rsilveira
Blocks: metrov1it8
No longer blocks: metrov1defect&change
QA Contact: jbecerra
Whiteboard: feature=defect c=tbd u=tbd p=0 [shovel-ready] → feature=defect c=tbd u=tbd p=2 [shovel-ready]
Attached patch Patch v1 (deleted) — Splinter Review 
There was a reference error when trying to get current window. Replaced by window global. 

The parameter is only used to figure out if it is a private window. I was inclined to remove the parameter and the call to PrivateBrowsingUtils.isWindowPrivate() since I can't find any other instance in our code where we consider in private mode. This is the call:
https://mxr.mozilla.org/mozilla-central/source/browser/metro/base/content/exceptions.js#81

The "visit site" option adds a temporary exception for the site that I could only revert by clearing private data. The permanent exception kept the exception even after clearing private data.
Attachment #754906 - Flags: review?(mbrubeck)
Attachment #754906 - Flags: review?(mbrubeck) → review+
https://hg.mozilla.org/mozilla-central/rev/1739d95b627b
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
For testing and verification.
Flags: needinfo?(jbecerra)
Tested on 2013-06-14 with latest nightly

- Using https://stackoverflow.com/ I see all options work, "get me out of here!", "Technical details", "visit site", and "Add permanent exception", and when I pick one either of the last two I can see the site in question.

- When I use https://jegysarlas.mav-start.hu/ I can almost do the same, except if I pick "Add permanent exception" then I won't be able to see the site even after reloading and opting to "Visit site" for instance. Is there something special about that site that would make it behave like that, and is that expected?
Status: RESOLVED → REOPENED
Flags: needinfo?(jbecerra) → needinfo?(rsilveira)
Resolution: FIXED → ---
It shouldn't be any exceptions AFAIK. I tried https://jegysarlas.mav-start.hu/ and was getting "can't find server", then I used https://mav-start.hu/ and it worked as expected. Was that the right domain name you were having issues with?
Flags: needinfo?(rsilveira)
See response from Rodrigo in Comment #11.
Flags: needinfo?(jbecerra)
Rodrigo, check the domain, it's https://jegyvasarlas.mav-start.hu/

The site btw has some quirks as it loads some content over non-encrypted connection, which is now blocked by Firefox by default.
Flags: needinfo?(jbecerra)
Ah OK, after deleting my profile I was able to see the issue. If on the first time you visit the site you select 'add permanent exception', it works fine forever. But if on the fist visit you select 'visit site' the site opens fine once but fails to open on next visits: no matter what you select the certificate page reopens.

This is not expected, on desktop I didn't even get a certificate error page.

I'll investigate further

This does not happen with the stackoverflow url.
Blocks: metrov1it9
No longer blocks: metrov1it8
Assignee: rsilveira → nobody
Blocks: metrov1defect&change
No longer blocks: metrov1it9
Blocks: 801023
Whiteboard: feature=defect c=tbd u=tbd p=2 [shovel-ready] → feature=defect c=content_features u=tbd p=2 [shovel-ready]
Whiteboard: feature=defect c=content_features u=tbd p=2 [shovel-ready] → feature=defect c= u=tbd p=2 [shovel-ready]
Whiteboard: feature=defect c= u=tbd p=2 [shovel-ready] → feature=defect c=content_features u=metro_firefox_user p=2 [shovel-ready]
Blocks: 887442
No longer blocks: 887442
Assignee: nobody → rsilveira
Blocks: metrov1it10
No longer blocks: metrov1defect&change
Status: REOPENED → ASSIGNED
On my second visit to https://jegyvasarlas.mav-start.hu/ (see comment 14) the page seem to begin loading, I see a character encoding not declared error and if I go back and fwd the page loads fully.

I'm also seeing multiple cert errors for that page. Code that redirects to about:certerror doesn't seem to be in browser/metro, need to investigate further.
Spent some time debugging this and notifyCertProblem is never called, then sslStatus is null in _addOverride and the override is not added: https://mxr.mozilla.org/mozilla-central/source/browser/metro/base/content/exceptions.js#40
Blocks: metrov1it11
No longer blocks: metrov1it10
This is probably not a common occurrence for most users so I recommend we push it out to v2.
I was able to get to the same state in desktop, wrote STR to bug 808511.
Assignee: rsilveira → nobody
No longer blocks: metrov1it11
Status: ASSIGNED → NEW
Whiteboard: feature=defect c=content_features u=metro_firefox_user p=2 [shovel-ready] → feature=defect c=content_features u=metro_firefox_user p=2
Priority: P2 → --
QA Contact: jbecerra
Whiteboard: feature=defect c=content_features u=metro_firefox_user p=2 → feature=defect c=content_features u=metro_firefox_user p=0
User Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0
Build ID: 20130819030205
Built from http://hg.mozilla.org/mozilla-central/rev/c8c9bd74cc40

WFM
Tested on windows 8 using latest nightly for iteration-12. Followed steps provided in comment0 and got expected result.

I used https://maven.glassfish.org/ website and after site reload, the warning screen didn't showed up again.
Status: NEW → RESOLVED
Closed: 11 years ago11 years ago
Resolution: --- → WORKSFORME
OS: Windows 8 Metro → Windows 8.1
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: