Closed
Bug 1415279
Opened 6 years ago
Closed 6 years ago
[tracking] migrate certificate error string determination to front-end
Categories
(Core :: Security: PSM, enhancement, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla61
Tracking | Status | |
---|---|---|
firefox61 | --- | fixed |
People
(Reporter: keeler, Assigned: franziskus)
References
(Depends on 2 open bugs, Blocks 1 open bug)
Details
(Keywords: meta, Whiteboard: [psm-tracking])
Attachments
(1 file)
To improve our certificate error pages, we need to be more flexible in the error strings we come up with. This means many things, including moving the error string generation to the front-end, exposing more information from the handshake (fetched OCSP responses, stapled OCSP responses, CT information, etc.), and so on.
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → franziskuskiefer
Priority: P3 → P1
Comment 1•6 years ago
|
||
Updated•6 years ago
|
Flags: needinfo?(jhofmann)
Assignee | ||
Updated•6 years ago
|
Blocks: better-cert-errors
Comment 2•6 years ago
|
||
Comment on attachment 8952384 [details] Move error strings for certError and netError pages to frontend David Keeler [:keeler] (use needinfo) has approved the revision. https://phabricator.services.mozilla.com/D607
Attachment #8952384 -
Flags: review+
Updated•6 years ago
|
Flags: needinfo?(jhofmann)
Comment 3•6 years ago
|
||
Comment on attachment 8952384 [details] Move error strings for certError and netError pages to frontend David Keeler [:keeler] (use needinfo) has been removed from the revision. https://phabricator.services.mozilla.com/D607
Attachment #8952384 -
Flags: review+
Assignee | ||
Comment 4•6 years ago
|
||
Honza, can you check the devtools changes? The human-readable error message isn't available anymore so I added the error code string instead. Sebastian can you check the Android changes?
Flags: needinfo?(s.kaspari)
Flags: needinfo?(odvarko)
Updated•6 years ago
|
Flags: needinfo?(jhofmann)
Comment 5•6 years ago
|
||
(In reply to Franziskus Kiefer [:fkiefer or :franziskus] from comment #4) > Honza, can you check the devtools changes? The human-readable error message > isn't available anymore so I added the error code string instead. Yep, looks good, some inline comments created. Honza
Flags: needinfo?(odvarko)
Comment 6•6 years ago
|
||
(In reply to Franziskus Kiefer [:fkiefer or :franziskus] from comment #4) > Sebastian can you check the Android changes? @snorp: Can you or someone from your team take this over?
Flags: needinfo?(s.kaspari) → needinfo?(snorp)
Updated•6 years ago
|
Updated•6 years ago
|
Flags: needinfo?(jhofmann)
Updated•6 years ago
|
Attachment #8952384 -
Attachment description: Move error strings for certError and netError pages to frontent → Move error strings for certError and netError pages to frontend
Flags: needinfo?(snorp)
Assignee | ||
Updated•6 years ago
|
Flags: needinfo?(jhofmann)
Comment 7•6 years ago
|
||
Comment on attachment 8952384 [details] Move error strings for certError and netError pages to frontend David Keeler [:keeler] (use needinfo) has approved the revision. Johann Hofmann [:johannh] has approved the revision. https://phabricator.services.mozilla.com/D607
Attachment #8952384 -
Flags: review+
Assignee | ||
Comment 9•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=61e2d94cb21ef4c02b81448531609205c85a9707
Comment 10•6 years ago
|
||
Pushed by franziskuskiefer@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/617a25dfb30d Move error strings for certError and netError pages to frontend, r=johannh,keeler,Honza,snorp
Comment 11•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/617a25dfb30d
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox61:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
Comment 12•6 years ago
|
||
Is there a followup for the remaining URL params? When testing on current Nightly, I see a URL like: "about:neterror?e=dnsNotFound&u=http%3A//www.afdgusndcoiairhfuadgvadfgafgadfgvnousfgpaerg.com/&c=UTF-8&f=regular&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20www.afdgusndcoiairhfuadgvadfgafgadfgvnousfgpaerg.com." which seems to still contain some data in URL params, rather than exposing it through webidl or other means - even if some of the parameters (like 'd') don't seem to be used anymore (which makes me wonder why they're still there...).
Flags: needinfo?(franziskuskiefer)
Comment 13•6 years ago
|
||
Oh, the 'd' bit seems to still make an appearance, just not as the title, which I guess is why I missed it... Still, seems like that should move to frontend, too, and the URL and encoding bits should be passed through some other means than URL params.
Assignee | ||
Comment 14•6 years ago
|
||
> Is there a followup for the remaining URL params? There's bug 1442203 for more TLS error page improvements. Moving away from using e and c should probably go there. But that's not a PSM issue anymore. The way these error pages are handled in the front-end and in nsDocShell has to change for that. > Oh, the 'd' bit seems to still make an appearance Yes there are other errors (like dns) that use it. But no TLS errors.
Flags: needinfo?(franziskuskiefer)
You need to log in
before you can comment on or make changes to this bug.
Description
•