Closed Bug 1049946 Opened 10 years ago Closed 10 years ago

browser.xul.error_pages.expert_bad_cert should not expose the "add exception" button for HSTS sites

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
mozilla34

People

(Reporter: keeler, Assigned: keeler)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

patch
2.28 KB, patch
jst
: review+
Details | Diff | Splinter Review 
Setting the pref browser.xul.error_pages.expert_bad_cert exposes the "add exception" button in about:certerror even for sites that use HTTP Strict Transport Security (HSTS). This is misleading, because adding an exception for such sites won't do anything.
Attached patch patchSplinter Review 
jst - would you mind having a look? Thanks.
Assignee: nobody → dkeeler
Status: NEW → ASSIGNED
Attachment #8468876 - Flags: review?(jst)
Comment on attachment 8468876 [details] [diff] [review]
patch

Looks good, r=jst
Attachment #8468876 - Flags: review?(jst) → review+
https://hg.mozilla.org/mozilla-central/rev/20655d498dfd
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla34
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: