Delete or fix about:certerror & about:neterror internal Firefox pages




a year ago
a year ago


(Reporter: Virtual, Unassigned)



Windows 7

Firefox Tracking Flags

(Not tracked)



(1 attachment)

Delete or fix about:certerror & about:neterror internal Firefox pages,
as for now they both show this error:
> Oops.
> Nightly can’t load this page for some reason.
> Try Again
Has Regression Range: --- → irrelevant
Has STR: --- → irrelevant
Is this if you manually input these, or if you actually go somewhere with a cert / network error ( e.g. is currently unregistered and will show a version of about:neterror )
Flags: needinfo?(Virtual)
Judging by bug 1392247, you're expecting these to do something more than this even if used without query parameters - but what they're doing in the screenshot is exactly what they're supposed to do in those circumstances.
Last Resolved: a year ago
Resolution: --- → INVALID
It's the first one,
I input "about:certerror" and "about:neterror" manually in Location Bar, and in the end got this error
> Oops.
> Nightly can’t load this page for some reason.
> Try Again

For about:certerror I think Firefox should show:
> Your connection is not secure
> The owner of about:certerror has configured their website improperly. To protect your information from being stolen, Nightly has not connected to this website.
> Learn more…
> Report errors like this to help Mozilla identify and block malicious sites
> Go back     /     Advanced

and for about:neterror
> Server not found
> Firefox can’t find the server at about:neterror.
> Check the address for typing errors such as instead of
> If you are unable to load any pages, check your computer’s network connection.
> If your computer or network is protected by a firewall or proxy, make sure that Nightly is permitted to access the Web.
> Try Again

So is it still INVALID?
Flags: needinfo?(Virtual) → needinfo?(gijskruitbosch+bugs)
Yes. The strings from comment #4 only make sense if there's actual data to show them for. We show subtly different errors for different issues with the connection/ssl, and all of those use about:net/certerror. We pick an error based on the query parameters. The fallback is the one you're encountering. I don't think changing the fallback to what you're suggesting is useful work. You're not "meant" to access these pages manually, and that is part of why they're not in about:about. They're internal URLs.

Not everything on about: is meant to be exposed - we use it for some things because it's easier to restrict what code runs on it than it is on chrome:// (which is always privileged, and therefore carries risk - we don't want webpages really having access to chrome:// pages directly, and they would if we e.g. loaded chrome:// something in a frame if that frame caused a network error. )
Flags: needinfo?(gijskruitbosch+bugs)
OK. That makes sense. Thank you very much for detailed explanation!
You need to log in before you can comment on or make changes to this bug.