Closed Bug 506724 Opened 13 years ago Closed 13 years ago
outdated UI described in section Website Certified by an Unknown Authority
User-Agent: Mozilla/5.0 (X11; U; Linux i686; pl; rv:184.108.40.206pre) Gecko/20090717 SeaMonkey/2.0b1 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; pl; rv:220.127.116.11pre) Gecko/20090717 SeaMonkey/2.0b1 As mcsmurf said to me on IRC, UI has changed. There is no more pop-up window. Instead it "Untrusted Connection" page is displayed like in Firefox. Reproducible: Always Steps to Reproduce: 1. Visit page with selfsigned certificate. 2. Error page shows in browser. 3. Different behaviour than described in help - in cert_dialog_help.xhtml file.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Linux → All
Hardware: x86 → All
Version: unspecified → Trunk
Ian or Stefan, can we get help corrected there? I'm not sure we should block the actual release on help updates, but Neil marked it this way, so I'd really like to see some traction here. If you know someone else who can do the work, please feel free to defer it, but I'd like to get down to zero blocker by the freeze time.
Working on it, just finished a rewrite from scratch, will merge it with applicable parts of the existing over the next few days. Does anyone around know a list of sites with different kinds of broken certificates/chains? So far I have: - https://www.ansir.ca/janalyticslive.jsp (cert expired) - https://secure.cacert.org/index.php?id=4 (issuer cert not trusted) I'd still want to have at least one example for "domain name mismatch". Of course none of those will go into the actual patch, but they should be here on this bug for reference. A link to a website containing a list would be fine, too. :-)
Assignee: nobody → jh
Status: NEW → ASSIGNED
https://en-us.add-ons.mozilla.org/ has a domain mismatch.
This is it. Some notes: 1. please check the result *first*. I tried really hard to make the whole section consistent rather than minimizing changes. After all the whole concept changed (from dialogs with options to pages with only a hidden-by-default Add Exception button). 2. I explicitly added "Page" and "Dialog" in the headings to differentiate between page and dialog (yes, one of each exists with a heading/title of "Secure Connection Failed"!) and be consistent with all three. The welcome side-effect is that it's also clear from the search results which is what. 3. I explicitly didn't list all possible cases for which an error page can appear. First because I think we don't want to keep up with additions to the backend and second because I think there's no point in describing something hardly anyone will hit. 4. I know there's a hidden pref to expand the subsections by default but also think that it's not relevant as far as Help is concerned. 5. I replaced "Certificate Manager" by &brandShortName; where I found that the latter fits better. 6. I deliberately removed the two paragraphs targeting at server administrators because I think it's irrelevant for the majority of people (our audience). If a user happens to be a server administrator he or she can find more and better information elsewhere anyway.
Attachment #403852 - Flags: review?(iann_bugzilla)
Comment on attachment 403852 [details] [diff] [review] patch v1 >--- a/suite/locales/en-US/chrome/common/help/cert_dialog_help.xhtml >+<p>When you attempt to go to a website that supports the use of >+ <a href="glossary.xhtml#ssl">SSL</a> for > <a href="glossary.xhtml#authentication">authentication</a> >+ <a href="glossary.xhtml#encryption">encryption</a>, it may occur that you >+ will be faced with an error page. There are two types, one called Keep it simple - "...you may be faced with an error page." >+<h3 id="secure_connection_failed_page">Secure Connection Failed Page</h3> > >+<p>In case you disabled the SSL protocol (e.g. through "In the case where you have disabled..." >+ <a href="ssl_help.xhtml#ssl_settings">SSL Settings</a>) or if the site uses an "...or the site that you are accessing is using an..." >+ older, insecure version of the SSL protocol you will be presented with a page "...then you will be..." >+ titled "Secure Connection Failed". That page contains some basic background Use " for quotation marks. >+<h3 id="secure_connection_failed_dialog">Secure Connection Failed Dialog</h3> > >+<p>In cases where &brandShortName; cannot determine the actual cause of the >+ problem a dialog titled "Secure Connection Failed" is shown in addition to the Use " for quotation marks. >+ Untrusted Connection page. That dialog includes a <strong>View Is it worth linking back to that section here? (i.e. Untrusted Connection page) You seem to have added/changed lots of ids but there are no additions/changes to the index? Are you missing changes to suite-toc? r- due to possible missing changes.
Attachment #403852 - Flags: review?(iann_bugzilla) → review-
(In reply to comment #5) > >+ Untrusted Connection page. That dialog includes a <strong>View > Is it worth linking back to that section here? (i.e. Untrusted Connection page) Definitely, since it's a new subsection. > You seem to have added/changed lots of ids but there are no additions/changes > to the index? Are you missing changes to suite-toc? I was first about to say you're wrong but when I looked at the patch the changes were indeed missing. I guess my Lua script which should create a patch from all open SciTE tabs needs a little more love... ;-)
Comment on attachment 404062 [details] [diff] [review] patch v1a >--- a/suite/locales/en-US/chrome/common/help/cert_dialog_help.xhtml >+<h3 id="untrusted_connection_page">Untrusted Connection Page</h3> >+ >+<p>If SSL itself is enabled the error page you will be presented with will be Hmmm, I somehow managed to delete my comment on this part previously. I would suggest "If SSL itself is enabled then the error page that you will be..." r=me with that change (or something similar)
Attachment #404062 - Flags: review?(iann_bugzilla) → review+
Comment on attachment 404101 [details] [diff] [review] patch v1b [Checkin: Comment 9] http://hg.mozilla.org/comm-central/rev/bade7e00c557
Attachment #404101 - Attachment description: patch v1b → patch v1b [Checkin: Comment 9]
You need to log in before you can comment on or make changes to this bug.