Closed
Bug 400732
Opened 17 years ago
Closed 10 years ago
Certificates should be able to be blocked always (as accept always)
Categories
(Camino Graveyard :: Security, enhancement)
Tracking
(Not tracked)
RESOLVED
WONTFIX
Future
People
(Reporter: funsheep, Unassigned)
References
Details
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.8pre) Gecko/20071019 Camino/1.6a1pre (like Firefox/2.0.0.8pre) Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.8pre) Gecko/20071019 Camino/1.6a1pre (like Firefox/2.0.0.8pre) Some Ad-Sever store ids to identify user profiles not only in cookies, but also in certifcates. There are currently three options when a unknown certificate appears: accept always, accept once, block once. Its annoying, that i cant set some ad-server certificate to "block always". now i have to be careful all the time i go to certian websides. The bad thing is that ids to create ad-profiles (to trace the users surfbehavior) can be stored in certificates and currently there is no way to permanently block these privacy-violating-certificates original post: http://comments.gmane.org/gmane.comp.security.full-disclosure/55354 the following webside demonstrates the problem: http://0x90.eu/ff_tls_poc.html Reproducible: Always Steps to Reproduce: 1. Go to a webside with https-ads 2. Watch your browser pop-up the certificate for the adserver (something like *.adservising.xxxx.com) 3. block it once 4. because you love the webside / the content - go there again every day - several times 5. everytime watch the dialog popup for the adserver-certificate 6. Say it loud: "This is annoying! I hate https-ads! I hate my stupid browser. Why cant there be an 'always block certificate'-button?!" Actual Results: I broke my keyboard. Just kidding. The certificate-dialog pops up for an adserver and i just can block it once - not always. Expected Results: There should be a button to block certificates always not only once.
Comment 1•17 years ago
|
||
See core bug 236675, which is basically the same.
I have no problem confirming this as a placeholder bug for implementing the new PSM UI when bug 236675 gets fixed (if we don't get that part of the UI for free, which I think we don't), if we agree.
Component: Annoyance Blocking → Security
Depends on: 236675
QA Contact: annoyance.blocking → camino
Target Milestone: --- → Future
Comment 3•16 years ago
|
||
Sounds good to me. Confirming per comment 2.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 4•10 years ago
|
||
This bug has been buried in the graveyard and has not been updated in over 5 years. It is probably safe to assume that it will never be fixed, so resolving as WONTFIX. [Mass-change filter: graveyard-wontfix-2014-09-24]
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•