Change the HTTPS exception to temporary by default

RESOLVED WONTFIX

Status

()

enhancement
RESOLVED WONTFIX
2 years ago
3 months ago

People

(Reporter: MikkCZ, Assigned: johannh)

Tracking

58 Branch
Points:
---

Firefox Tracking Flags

(firefox58 affected, firefox59 ?)

Details

This request we have got as a feedback during OpenAlt conference this weekend. At this moment when adding an exception for a certificate, it's checked to store the exception permanently by default. Personally I find this confusing too, as the users usually click everything they see without reading.

However the reported usecase was when testing pre-production web application, it's a pain to remove all the exception from time to time for new generated certificates and CA authorities. At least an option in about:config to uncheck the option by default would be helpful.
Component: Untriaged → Security

Updated

2 years ago
See Also: → 762985
Assignee

Comment 2

3 months ago

You can set security.certerrors.permanentOverride to false now.

Assignee: nobody → jhofmann
Status: NEW → RESOLVED
Closed: 3 months ago
Resolution: --- → FIXED

Comment 3

3 months ago

(In reply to Johann Hofmann [:johannh] from comment #2)

You can set security.certerrors.permanentOverride to false now.

This is requested by bug 762985, not "by default" from this bug.

Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee

Comment 4

3 months ago

Ok, fair enough, then this is a WONTFIX (because we won't do it), I was referring to

At least an option in about:config to uncheck the option by default would be helpful.

Status: REOPENED → RESOLVED
Closed: 3 months ago3 months ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.