Opened 2 years ago

Closed 3 weeks ago

#13639 closed bug (fixed)

Various failures on https://badssl.com/

Reported by: pulkomandy Owned by: pulkomandy
Priority: normal Milestone: Unscheduled
Component: Applications/WebPositive Version: R1/Development
Keywords: Cc:
Blocked By: Blocking:
Has a Patch: no Platform: All

Description

https://badssl.com/ tests for various possible SSL certificate problems.

WebPositive should show an error on all these pages, but doesn't always. We should review how we trigger certificate validation errors.

Change History (3)

comment:1 by accessays, 2 years ago

I'd also suggest to rethink the way the user is notified of such problems - going to https://badssl.com/dashboard/ causes a whole bunch of warnings to pop-up, while, say, Firefox on Linux doesn't do such things, and when a problematic page is attempted to be loaded it shows a warnings on that page, not as a separate pop-up, which I personally consider to be more user-friendly.

comment:2 by pulkomandy, 2 years ago

I just modified the way this error is handled so the web browser (instead of HaikuWebKit itself) can intercept the error and do whatever it wants with it (including showing the error inside the page area, I guess).

However, with the current solution of an alert, it looks like we don't get things right anyway, as the dashboard will never show "failure" but instead will keep spinning forever on the failed pages?

We should also let Web+ show a keylock somewhere or colorize the address bar or something for unsecure pages.

comment:3 by waddlesplash, 3 weeks ago

Resolution: fixed
Status: newclosed

Following hrev53396, the page has the same appearance for me on Haiku as it does on Firefox on Windows, with the one exception of the "sha1-intermediate" which we allow. Probably that's a ca_root_certificates item.

Note: See TracTickets for help on using tickets.