Closed Bug 1714630 Opened 3 years ago Closed 3 years ago

Add Exception doesn't work with latest Nightly 91.0a1 (20210604102111)

Categories

(Core :: Security: PSM, defect, P1)

Product:
Core
Component:
Security: PSM
Version:
Firefox 91
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
91 Branch
Tracking Flags:
Tracking Status
firefox-esr78 --- unaffected
firefox89 --- unaffected
firefox90 --- unaffected
firefox91 blocking fixed

People

(Reporter: tmpest1, Assigned: rmf)

References

(Regression)

Details

(Keywords: regression)

Attachments

(1 file)

Bug 1714630 - Fix broken call to rememberValidityOverride in exceptionDialog r=keeler
48 bytes, text/x-phabricator-request
Details | Review

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0

Steps to reproduce:

Type about:preferences
Search for "cert"
Click on "View Certificates..."
Within Certificate Manager, click on Servers tab
Click "Add Exception..."
Add Security Exception dialog is displayed on top of Certificate Manager
Enter local website "https://....", click "Get Certificate"
Click "Confirm Security Exception" while "Permanently store this exception" checked (default)

I also tried the above while launching the latest Nightly w/ left shift key pressed to disable all addons. Same results.

Windows 10 x64

Actual results:

Add Security Exception dialog does not go away and prevents the local site from being added to the list of Server certificates in Certificate Manager.

Expected results:

Add Security Exception dialog is dismissed and certificate is added to Server certificates in Certificate Manager. This worked on Nightly 91.0a1 (20210603094827) or (20210602214447).

The Bugbug bot thinks this bug should belong to the 'Core::Security: PSM' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: Untriaged → Security: PSM
Product: Firefox → Core

Looks like bug 1597600:

Uncaught 
Exception { name: "NS_ERROR_XPC_NOT_ENOUGH_ARGS", message: "Not enough arguments [nsICertOverrideService.rememberValidityOverride]", result: 2153185281, filename: "chrome://pippki/content/exceptionDialog.js", lineNumber: 389, columnNumber: 0, data: null, stack: "addException@chrome://pippki/content/exceptionDialog.js:389:19\n_fireButtonEvent@chrome://global/content/elements/dialog.js:495:19\n_doButtonCommand@chrome://global/content/elements/dialog.js:474:29\n_handleButtonCommand@chrome://global/content/elements/dialog.js:468:19\naddException@chrome://pippki/content/certManager.js:200:44\noncommand@chrome://pippki/content/certManager.xhtml:1:16\n", location: XPCWrappedNative_NoHelper }
columnNumber: 0
data: null
filename: "chrome://pippki/content/exceptionDialog.js"
lineNumber: 389
location: XPCWrappedNative_NoHelper { QueryInterface: QueryInterface(), filename: Getter, name: Getter, … }
message: "Not enough arguments [nsICertOverrideService.rememberValidityOverride]"
name: "NS_ERROR_XPC_NOT_ENOUGH_ARGS"
result: 2153185281
stack: "addException@chrome://pippki/content/exceptionDialog.js:389:19\n_fireButtonEvent@chrome://global/content/elements/dialog.js:495:19\n_doButtonCommand@chrome://global/content/elements/dialog.js:474:29\n_handleButtonCommand@chrome://global/content/elements/dialog.js:468:19\naddException@chrome://pippki/content/certManager.js:200:44\noncommand@chrome://pippki/content/certManager.xhtml:1:16\n"
<prototype>: ExceptionPrototype { toString: toString(), name: Getter, message: Getter, … }
exceptionDialog.js:389

:rmf, can you take a look?

Flags: needinfo?(bugs)
Regressed by: 1597600
Has Regression Range: --- → yes

(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #2)

Looks like bug 1597600:

I looked at 1597600 and the latest nightly 91.0a1 (20210604213013) doesn't do that.

Opening a private window and going to an internal site that doesn't have a server certificate stored will show Warning: Potential Security Risk Ahead. After adding the site in the private window and using a normal window, going to that same site will show the Security Risk warning as well.

Set release status flags based on info from the regressing bug 1597600

status-firefox89: --- → unaffected
status-firefox90: --- → unaffected
status-firefox91: --- → affected
status-firefox-esr78: --- → unaffected
Assignee: nobody → bugs

(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #2)

:rmf, can you take a look?

Yes, that was the cause. I put up a patch.

Flags: needinfo?(bugs)
Attachment #9226116 - Attachment description: Bug 1714630 - Add Exception doesn't work with latest Nightly 91.0a1 (20210604102111) r=keeler → Bug 1714630 - Fix broken call to rememberValidityOverride in exceptionDialog r=keeler
Severity: -- → S2
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: -- → P2

[Tracking Requested - why for this release]:
This is fixing adding an exception for certificates which broke in Fx91 with the patch for Bug 1597600.

Severity: S2 → S1
tracking-firefox91: --- → ?
Priority: P2 → P1
Pushed by archaeopteryx@coole-files.de:
https://hg.mozilla.org/integration/autoland/rev/17a3dbc14706
Fix broken call to rememberValidityOverride in exceptionDialog r=keeler

https://hg.mozilla.org/mozilla-central/rev/17a3dbc14706

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox91: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 91 Branch

Confirmed fixed in 91.0a1 (2021-06-17) (64-bit)

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: