Closed
Bug 858730
Opened 11 years ago
Closed 6 years ago
Selecting to visit site on a cert error page should only provide a temporary cert exception, not a permanent cert exception
Categories
(Firefox OS Graveyard :: General, defect)
Tracking
(blocking-b2g:-, b2g-v1.3 affected, b2g-v1.3T affected, b2g-v1.4 affected)
RESOLVED
WONTFIX
blocking-b2g | - |
People
(Reporter: jsmith, Unassigned)
References
Details
(Whiteboard: permafail)
Build: B2G 4/5/2013 Device: Unagi STR 1. Visit https://summitbook.mozilla.org/ in the browser 2. Select visit site under I understand the risks 3. Close the browser and kill the process 4. Open the browser again and go to https://summitbook.mozilla.org/ Expected We should get a cert error, as we only granted a temporary exception to access the site. Actual We gain access to the site. This is incorrect behavior - we only granted a temporary exception to access the site, so we should only have access it while the browser process remains open.
Reporter | ||
Updated•11 years ago
|
Comment 1•11 years ago
|
||
Actually, the temporary exception is for chrome process. The exception available until chrome is killed.
Comment 2•11 years ago
|
||
I think implementing per-app cert exception can fix this problem. I don't really know about the code in CertOverrideService.cpp, but with a glimpse of the code inside CertOverrideService.cpp, it seems not trivial to make per-app cert exception. CCing people who may understand code in CertOverrideService.cpp.
Comment 3•11 years ago
|
||
Restarting the phone will revoke the temporary cert exception, so we won't block on this. Likely a lot of work anyway.
blocking-b2g: leo? → -
The bug reproduces on the latest Buri 1.3 Aurora Moz RIL, the full page access is granted after giving a temporary permission Device: Buri 1.3 Aurora Moz RIL BuildID: 20131210004003 Gaia: 3452fbdb5e1bed0cd27cc6173136537a03e8072f Gecko: e0c328d99742 Version: 28.0a2 Firmware Version:v1.2_20131115
Whiteboard: burirun1.3-1
status-b2g-v1.3:
--- → affected
Updated•11 years ago
|
Whiteboard: burirun1.3-1, burirun1.3-3 → burirun1.3-1, burirun1.3-3, burirun1.4-1
Updated•11 years ago
|
Whiteboard: burirun1.3-1, burirun1.3-3, burirun1.4-1 → permafail
Updated•10 years ago
|
status-b2g-v1.4:
--- → affected
Comment 8•10 years ago
|
||
This issue also occurs on the buri 1.4 Moz Ril 1.4 Environmental Variables: Device: Buri 1.4 MOZ BuildID: 20140324000202 Gaia: 730670951e40b2317a167fcd07c398bb662d6e87 Gecko: a44f8b39c2c8 Version: 30.0a2 Firmware Version: v1.2-device.cfg the full page access is granted after giving a temporary permission
Updated•10 years ago
|
status-b2g-v1.3T:
--- → affected
Updated•9 years ago
|
Assignee: nobody → stephouillon
Updated•7 years ago
|
Assignee: stephouillon → nobody
Comment 11•6 years ago
|
||
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•