Closed Bug 430904 Opened 12 years ago Closed 12 years ago

Use identity error icons on ssl error pages (all platforms)

Categories

(Firefox :: Theme, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
Firefox 3

People

(Reporter: faaborg, Assigned: Ehsan)

References

(Depends on 1 open bug)

Details

Attachments

(4 files)

Content area messages for SSL errors should use a yellow customs official (larry) icon.  On windows these files will land with bug 430759:

toolkit/themes/winstripe/global/icons/sslWarning-aero.png
toolkit/themes/winstripe/global/icons/sslWarning.png

On OS X and Linux the files should be placed in a similar location in their respective themes.
I think using an unhappy Larry instead of /!\ makes it seem less like an error, and therefore more likely to be overridden by users.
(In reply to comment #2)
> I think using an unhappy Larry instead of /!\ makes it seem less like an error,
> and therefore more likely to be overridden by users.
> 

Every time I see the current cert error, my instinctive reaction isn't "stop, pay attention", but instead "great, it looks like the server's busy".  Maybe it's just me, but I have come to associate /!\ with network/server problems (usually transient ones) because of the relative infrequency of cert errors, so it may be worthwhile to not overload that icon.

As for overriding, it's not that easy...  Click add exception, see a very off-putting dialog appear, click a mysterious "get certificate" button in said dialog, click confirm... if someone is so desperate to see dancing bunnies that they do that, I doubt that a different icon would make a big difference.

Finally, I'm not too keen on the idea of labeling cert errors as hard errors, and to that end, what little ambiguity a yellow Larry might offer would be welcome.  All the certificate errors that I've seen have been on legitimate sites.  E.g., the "www.amazon.com" cert not working on "amazon.com" or sites that let their cert expire (which, in practice, is almost always a false alarm, not unlike the silliness of a driver's license no longer being proof of age once it expires).  In all my years of browsing, I've never encountered a cert error that was a bona fide error.
Attached patch Patch (v1)Splinter Review
Simple patch to switch the icon in SSL error pages.  Requesting review from jst on the docshell part and from mconnor on the toolkit part.
Assignee: nobody → ehsan.akhgari
Status: NEW → ASSIGNED
Attachment #317868 - Flags: review?(mconnor)
Attachment #317868 - Flags: review?(jst)
Comment on attachment 317868 [details] [diff] [review]
Patch (v1)

The docshell part should need sr as well.
Attachment #317868 - Flags: superreview?(jst)
Attachment #317868 - Flags: superreview?(jst)
Attachment #317868 - Flags: superreview+
Attachment #317868 - Flags: review?(jst)
Attachment #317868 - Flags: review+
Attachment #317868 - Flags: review?(mconnor) → review+
Comment on attachment 317868 [details] [diff] [review]
Patch (v1)

Requesting approval on a simple patch which implements a requirement of Firefox 3 as specified by Alex.
Attachment #317868 - Flags: approval1.9?
I hope you remember not to check this in until Gnomestripe gets the required icon at that URL :) (or has that icon already landed and I'm using an out-of-date build?)
(In reply to comment #7)
> I hope you remember not to check this in until Gnomestripe gets the required
> icon at that URL :) (or has that icon already landed and I'm using an
> out-of-date build?)

If you mean mozilla/toolkit/themes/gnomestripe/global/icons/sslWarning.png, no the icon is not yet in the tree.  But shouldn't gnomestripe theme pick up all of the winstripe theme files, and then override some of them?  If that's the case, then this file should already be included in the classic.jar for the latest gnomestripe builds, as it does for winstripe builds...  Or am I missing something?
Attached image Tango SSL error icon
I believe this is the most up to date SSL error icon in the tango style.
>But shouldn't gnomestripe theme pick up all
>of the winstripe theme files, and then override some of them?

We are trying pretty hard not to use any windows icons on linux.
(In reply to comment #10)
> We are trying pretty hard not to use any windows icons on linux.

OK.  Then attachment 317970 [details] should land as mozilla/toolkit/themes/gnomestripe/global/icons/sslWarning.png with this patch.  The icon can be updated later, if needed.
Comment on attachment 317970 [details]
Tango SSL error icon

Does this attachment already have approval1.9 elsewhere?
Comment on attachment 317970 [details]
Tango SSL error icon

(In reply to comment #12)
> Does this attachment already have approval1.9 elsewhere?

Not sure...
Attachment #317970 - Flags: approval1.9?
>Does this attachment already have approval1.9 elsewhere?

I don't think it does.  Can any tango artists confirm that this is the most up to date version?
Attached image Proto SSL Error Icon
This is the icon we have for OS X. It doesn't have review or approval anywhere else.
Attachment #318013 - Flags: approval1.9?
Comment on attachment 317868 [details] [diff] [review]
Patch (v1)

a=mconnor on behalf of 1.9 drivers
Attachment #317868 - Flags: approval1.9? → approval1.9+
Comment on attachment 317970 [details]
Tango SSL error icon

a=mconnor on behalf of 1.9 drivers
Attachment #317970 - Flags: approval1.9? → approval1.9+
Comment on attachment 318013 [details]
Proto SSL Error Icon

a=mconnor on behalf of 1.9 drivers
Attachment #318013 - Flags: approval1.9? → approval1.9+
When this was brought up the first time to me, in conversation, I mentioned that my only concern with using a "caution Larry" on SSL errors (which otherwise seems like a consistent use of the metaphor, to me) was that the page is toolkit, not browser, and other users of toolkit may have nothing like a Larry icon elsewhere in their product.

I can see a couple arguments in favour of doing it anyhow, e.g.:

 - even without the rest of the Larry set, the passport officer is an existing symbol representing something broadly like what SSL error pages are talking about (identity verification)
 - the SSL error pages are new behaviour, so we are not regressing anything here. It's appropriate for errors with new semantics to have new icons, and if there were no Larry, we'd likely have gotten around to choosing something other than a /!\ anyhow because the confusion Kai L talks about in comment 3.

I'm certainly fine with this change for Firefox, and I think I'm fine with it for toolkit too, I just want to make sure that our reviewers and approvers noticed that this is a toolkit landing, where previous Larry icons have not been.
mozilla/docshell/resources/content/netError.xhtml 	1.28
mozilla/toolkit/themes/gnomestripe/global/jar.mn 	1.41
mozilla/toolkit/themes/gnomestripe/global/netError.css 	1.5
mozilla/toolkit/themes/gnomestripe/global/icons/sslWarning.png 	1.1
mozilla/toolkit/themes/pinstripe/global/jar.mn 	1.45
mozilla/toolkit/themes/pinstripe/global/netError.css 	1.10
mozilla/toolkit/themes/pinstripe/global/icons/sslWarning.png 	1.1
mozilla/toolkit/themes/winstripe/global/netError.css 	1.10 
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 3
>I just want to make sure that our reviewers and approvers
>noticed that this is a toolkit landing, where previous Larry icons have not
>been.

The red error level larry is used in toolkit for malware/phishing, so now toolkit has two states of larry, right?
Depends on: 444126
You need to log in before you can comment on or make changes to this bug.