#13639 closed bug (fixed)
Various failures on https://badssl.com/
Reported by: | pulkomandy | Owned by: | pulkomandy |
---|---|---|---|
Priority: | normal | Milestone: | R1/beta2 |
Component: | Applications/WebPositive | Version: | R1/Development |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Platform: | All |
Description
https://badssl.com/ tests for various possible SSL certificate problems.
WebPositive should show an error on all these pages, but doesn't always. We should review how we trigger certificate validation errors.
Change History (4)
comment:1 by , 7 years ago
comment:2 by , 7 years ago
I just modified the way this error is handled so the web browser (instead of HaikuWebKit itself) can intercept the error and do whatever it wants with it (including showing the error inside the page area, I guess).
However, with the current solution of an alert, it looks like we don't get things right anyway, as the dashboard will never show "failure" but instead will keep spinning forever on the failed pages?
We should also let Web+ show a keylock somewhere or colorize the address bar or something for unsecure pages.
comment:3 by , 5 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Following hrev53396, the page has the same appearance for me on Haiku as it does on Firefox on Windows, with the one exception of the "sha1-intermediate" which we allow. Probably that's a ca_root_certificates item.
comment:4 by , 5 years ago
Milestone: | Unscheduled → R1/beta2 |
---|
Assign tickets with status=closed and resolution=fixed within the R1/beta2 development window to the R1/beta2 Milestone
I'd also suggest to rethink the way the user is notified of such problems - going to https://badssl.com/dashboard/ causes a whole bunch of warnings to pop-up, while, say, Firefox on Linux doesn't do such things, and when a problematic page is attempted to be loaded it shows a warnings on that page, not as a separate pop-up, which I personally consider to be more user-friendly.