Closed Bug 1381462 Opened 7 years ago Closed 7 years ago

Add a "Visit anyway" to the "SSL_ERROR_BAD_CERT_DOMAIN"-page

Categories

(Firefox :: General, enhancement)

Product:
Firefox
Component:
General
Version:
56 Branch
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: BesTo, Unassigned)

References

(
URL
)

Details

Add a "Visit anyway" (and a "Add exception") to the "SSL_ERROR_BAD_CERT_DOMAIN"-page.

Example: https://www.malwarebattle.blogspot.com/
You can normally add a security exception if this happens (see https://wrong.host.badssl.com/), but the site you're visiting has HSTS turned on (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) and thus we don't allow overriding certificates.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
but if you access the site via the numeric IP, you can still do it ?!?
1) A power-user should always be able to add an exception. 
2) And the "more info" should say, why it finds the cert "bad".

Also the current situation is misleading as per bug 1092243 comment 1

see also Bug 902884
You need to log in before you can comment on or make changes to this bug.