Closed Bug 1675730 Opened 4 years ago Closed 3 years ago

"Security Error: Content at about:certificate?cert=<CERTIFICATE> may not load or link to chrome://browser/skin/critical.svg." exception thrown while vieving certificate in a tab.

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Type:
defect

Tracking

(thunderbird_esr78 wontfix)

Status:
RESOLVED FIXED
Milestone:
88 Branch
Tracking Flags:
Tracking Status
thunderbird_esr78 --- wontfix

People

(Reporter: cmgaudry33, Assigned: darktrojan)

References

(Regression)

Details

Attachments

(1 file)

Bug 1675730 - Move critical.svg from browser to toolkit. r?johannh
48 bytes, text/x-phabricator-request
Details | Review

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36

Steps to reproduce:

  • View any certificate from the "Certificate Manager" dialog
  • Display console

Actual results:

The console displays the following exceptions :

  • Security Error: Content at about:certificate?cert=<CERTIFICATE> may not load or link to chrome://browser/skin/critical.svg.
  • Uncaught (in promise) undefined
    The critical.svg image is not displayed is the certificate viewing tab, but there is only two empty squares.

Expected results:

  • No exception.
  • critical.svg should be visible, not empty.

I cannot find any solution but I see that the file chrome/browser/skin/critical.svg is missing and its signature is missing also from any manifest.

I'm having the same issue:

  • When clicking on "View..." in "Certificate Manager" I get:
Security Error: Content at about:certificate?cert=...
  • And then when I click on "PEM (cert)" in the new window I get:
NS_ERROR_CANNOT_CONVERT_DATA: Component returned failure code: 0x80460001 (NS_ERROR_CANNOT_CONVERT_DATA) [mozIStorageRow.getString] 16 GlodaDatastore.jsm:605
    handleResult resource:///modules/gloda/GlodaDatastore.jsm:605

NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIURI.host] LinkHandlerChild.jsm:98
    handleEvent resource:///actors/LinkHandlerChild.jsm:98

I'm using Thunderbird 87.0b1 (32-bit) in Windows 10 Pro, 64-bit, 20H2.

I have experimented a bit by manually running the same code from viewCertHelper as listed in the patch here and I got an additional error:

InvalidCharacterError: String contains an invalid character utils.js:58

That's about the '%' from the base64 encoded string. If I truncate that string at the '%' character, then the invalid character error disappears, but I get the same error as the OP:

...may not load or link to chrome://browser/skin/critical.svg.

Khushil Mistry, thoughts?

Flags: needinfo?(khushil324)

Geoff, on trunk this is erroring out due to e10s. https://searchfox.org/comm-central/rev/dc208bc3dc9ed27f25fa2529b492973856624fd3/mail/base/actors/LinkHandlerChild.jsm#96 - we have an about page linking to a data: url.
Using .host or Services.eTLD.getBaseDomain for non-http urls will not work. But I'm not sure what the solution is. Just returning if it's not http doesn't open the data url.

Flags: needinfo?(khushil324) → needinfo?(geoff)

I'm going to handle comments 2 through 5 in a new bug since they aren't related to comment 0.

Flags: needinfo?(geoff)
Blocks: 1696300

certviewer.html, being a toolkit file, shouldn't link to an icon in browser. This results in a broken image icon in Thunderbird.

Assignee: nobody → geoff
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Regressed by: 1601463
No longer blocks: 1696300
Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/integration/autoland/rev/23dc12cc5263
Move critical.svg from browser to toolkit. r=johannh

https://hg.mozilla.org/mozilla-central/rev/23dc12cc5263

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 88 Branch

status-thunderbird_esr78: --- → wontfix

Can you please tell me if this means that the fix won't make it into the 78-Beta? I just got the update to 87.0b2 (32-bit), and while clicking on "View..." in "Certificate Manager" works now, further clicking on "PEM (cert)" still doesn't. Thanks.

Flags: needinfo?(geoff)

It means this bug about the critical.svg file won't be fixed in 78.

Bug 1696300 which is about opening the PEM file doesn't occur in 78 and won't be fixed in the beta until 88.0b1.

Flags: needinfo?(geoff)

Got it, thanks for clarifying Geoff.

Having just updated to "88.0b1 (32-bit)" on Windows, I confirm that clicking on "PEM (cert)" works on the certificate details page - thanks! However, right-clicking the same link and selecting "Save Link As..." fails with:

Uncaught TypeError: this.link.getAttribute is not a function
    linkText chrome://messenger/content/nsContextMenu.js:1012
    saveLink chrome://messenger/content/nsContextMenu.js:819
    oncommand chrome://messenger/content/messenger.xhtml:1
nsContextMenu.js:1012:24

Please file a new bug about that.

Sure, created 1701590.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: