Certificate errors don't fully load if clock skew prefs aren't set
Categories
(Firefox :: Security, defect, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox-esr68 | --- | unaffected |
firefox68 | --- | unaffected |
firefox69 | + | verified |
firefox70 | + | verified |
People
(Reporter: johannh, Assigned: johannh)
References
(Regression)
Details
(Keywords: regression)
Attachments
(2 files)
47 bytes,
text/x-phabricator-request
|
Details | Review | |
3.50 KB,
patch
|
RyanVM
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This is because RPMGetIntPref tries to get these prefs directly without providing a fallback.
[Tracking Requested - why for this release]:
Cert errors don't work on new profiles
Assignee | ||
Comment 1•5 years ago
|
||
Updated•5 years ago
|
Pushed by jhofmann@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/44253072797d Add default parameter to RPMGetIntPref. r=nhnt11
Comment 3•5 years ago
|
||
bugherder |
Comment 4•5 years ago
|
||
Please nominate this for Beta approval when you get a chance. Also, I'm guessing that QA verification would be good here, so some STR would be useful to that end.
Assignee | ||
Comment 5•5 years ago
|
||
Comment on attachment 9080302 [details]
Bug 1568492 - Add default parameter to RPMGetIntPref. r=nhnt11
Beta/Release Uplift Approval Request
- User impact if declined: Error pages aren't fully functional when the user doesn't have certain prefs that are set only after some time in new profiles (or may be missing entirely)
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: - Create a brand new profile OR delete the services.settings.clock_skew_seconds and/or services.settings.last_update_seconds prefs
- Go to https://expired.badssl.com/
- The error page should be fully loaded and functional (have the yellow border, all buttons are clickable, etc.)
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This is a very simple patch that adds an optional parameter to a function
- String changes made/needed: None
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Comment 6•5 years ago
|
||
Hello!
Using STR from comment 5 I successfully reproduced the issue using Firefox 70.0a1 (20190724220024) on Windows 10x64 (using a new profile the page was fully loaded only after some time).
The issue is verified fixed with Firefox 70.0a1 (20190728214940) on Windows 10x64, Ubuntu 18.04 and macOS 10.14. The page is successfully loaded on a new profile having the yellow border and all buttons are clickable.
Assignee | ||
Comment 8•5 years ago
|
||
This is a rebased patch for beta. For some reason I can't run beta locally but try looks solid: https://treeherder.mozilla.org/#/jobs?repo=try&revision=478c7f153d00990cd03ae6c72514bf257b13313a
Assignee | ||
Comment 9•5 years ago
|
||
For some reason I can't run beta locally
Nevermind, needed another clobber for some reason. Works fine on Beta for me.
Updated•5 years ago
|
Comment 10•5 years ago
|
||
Comment on attachment 9081614 [details] [diff] [review] Patch for beta Fixes a bug which can cause missing functionality for error pages in some cases. Approved for 69.0b10.
Comment 11•5 years ago
|
||
bugherder uplift |
Comment 12•5 years ago
|
||
Hello!
The issue is verified fixed using Firefox 69.0b10 (20190731202528) on Windows 10x64, macOS 10.14 and Ubuntu 18.04.
Updated•2 years ago
|
Description
•