Created attachment 8841326 [details] public key pins.JPG User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Steps to reproduce: i opened biugbountyvis.brickftp.com on forefox 49.0.2 version and i seen some error in developer mode options. error like this: Public-Key-Pins: The certificate used by the site was not issued by a certificate in the default root certificate store. To prevent accidental breakage, the specified header was ignored.[Learn More] Actual results: A daemon that performs cryptographic operations on behalf of a client application in mozila firefox Expected results: A daemon that should not performs cryptographic operations on behalf of a client application.
Everything seems to be working as intended here, and this is not a security bug that needs to be hidden. I can't reproduce on a more current version of Firefox (49 is old and no longer supported). It's possible this was fixed, or that your copy of Firefox has a different trust store and you're being MITM'd by e.g. your employer, school, or ISP. Either way, not a Firefox bug.
Status: UNCONFIRMED → RESOLVED
Last Resolved: a year ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.