**How to test:** This will need a setup much like that used to test the "enterprise roots" feature (bug 1513069): an intercepting proxy with a CA cert installed in the OS root store. If you already have a test environment with a proxy like ZAP that would work, or you could install an antivirus with an "HTTPS scanning" feature. One I know about is Avast Web Shield. 1. turn on the intercepting proxy. 1.a Make sure `https:` sites still work and 1.b that when you look at their certificates they are issued by the proxy and are not the ones from the site. 2. install an out-of-date version of [Facebook container](https://addons.mozilla.org/en-US/firefox/addon/facebook-container/versions/) 3. open `about:addons` 4. click the Gear button and "Check for updates" In an unfixed version you will be told "No updates found" (rather than an error -- see bug 1556718) In the fixed version your Facebook Container should be updated to the most recent version.
Bug 1308251 Comment 67 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
**How to test:** This will need a setup much like that used to test the "enterprise roots" feature (bug 1513069): an intercepting proxy with a CA cert installed in the OS root store. If you already have a test environment with a proxy like ZAP that would work, or you could install an antivirus with an "HTTPS scanning" feature. ~One I know about is Avast Web Shield.~ 1. turn on the intercepting proxy. 1.a Make sure `https:` sites still work and 1.b that when you look at their certificates they are issued by the proxy and are not the ones from the site. 2. install an out-of-date version of [Facebook container](https://addons.mozilla.org/en-US/firefox/addon/facebook-container/versions/) 3. open `about:addons` 4. click the Gear button and "Check for updates" In an unfixed version you will be told "No updates found" (rather than an error -- see bug 1556718) In the fixed version your Facebook Container should be updated to the most recent version. **Update 2020-06-23:** According to https://zakird.com/papers/https_interception.pdf Avast only intercepts IE on windows, but should intercept Firefox on Mac according to Fig. 4. That paper is several years old now, though, so some products may have changed. Others popular ones that were known to have an "HTTPS scanning" feature are Bitdefender, Kaspersky, ESET, McAfee, and Norton. Their sites still have support pages on how to disable it so I assume they all still do.