Accept the risk and continue-button not working
Categories
(Firefox :: Security, defect)
Tracking
()
People
(Reporter: emil, Unassigned)
Details
Attachments
(1 file)
|
42.60 KB,
image/png
|
Details |
screenshot.png
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0
Steps to reproduce:
I'm using a self-signed certificate on localhost for development. Trying to open the page in Firefox.
Actual results:
I am shown a "Log in to network" page. It displays the following text:
"You must log in to this network before you can access the Internet."
And am given two button choices:
"Open Network Login Page" and
"Advance"
If I click the "Advance" button, I am given the choice to go back, or to accept the risk and continue.
Expected results:
-
If I click the Open Network Login Page, I am able to log on to my local network (I'm at work). Still it doesn't work. It is highly unclear to me what a self-signed certificate error has to do with logging in to my network. Also, if this is an option, why doesn't it work after I log in?
-
If I click the "Advance..." button, I am shown some certificate information and options. Again -- it is highly unclear to me what this has to do with "Log in to network".
-
If I click the "Advance..." button, there is a button "Go Back (Recommended)". If I click it, nothing happens. That's because my history is empty. This button should not be shown. Also -- it is highly unclear to me as to why the button indicates that it is safer (recommended) to go back. I'm staring at a screen and getting nowhere. Both are equally safe.
-
If I click the button "Accept the Risk and Continue", nothing happens. If nothing happens because there is an error, an error message should be displayed explaining what went wrong. I am not interpreting the button as being disabled, because the style of the button is the same as the "Advance..." button, and that button works.
But my main issue here is that the "Accept the Risk and Continue" button does not work.
I'm Googling a lot, and there's a lot of suggestions on altering stuff in about:config. I've changed about three properties by now, but it doesn't seem to work. Ultimately, the un-userfriendliness of this page, and the defect button leads to a serious degradation of security in my browser right now, and I'm sure a lot of others :)
Hi Emil,
Thanks for reporting this bug to us.
Can you test if you are able to reproduce this issue in the latest Firefox Nightly and share your results with us? You can download it from here: https://nightly.mozilla.org/
It would be a great help if you could also attach a copy of the certificate you used and further steps so we can try to reproduce it on our end as well.
As a starting point, I'll add this to the Security PSM component. Hopefully, someone with more expertise can take a look at this bug and advise.
Regards,
Virginia
|
||
Comment 2•5 years ago
|
||
I have the same issue with the mobile version (Nightly 200318 18:01 (Build #2015729363))
I guess the issue started after the Preview Beta was merged in Nightly
|
||
Comment 3•5 years ago
|
||
I'm fairly sure this is a duplicate of another bug (and may even be fixed now), but Johann will know for sure.
|
|
||
Comment 4•5 years ago
|
||
It's for sure still reproducible with yesterdays nightly on android:
Nightly 200320 18:01 (Build #2015729747)
37.0.20200319190049, 5ec61b91d
GV: 76.0a1-20200319094444
AS: 0.55.0
|
||
Comment 5•5 years ago
|
||
This should be fixed on desktop by bug 1613477, I can't really say for mobile, it might be a good idea to file a separate issue with them.
|
|
||
Comment 6•5 years ago
|
||
Description
•