Open
Bug 635803
Opened 14 years ago
Updated 3 years ago
Make hyperlink in ssl_error_bad_cert_domain error page more prominent when the difference is caused by a www/no-www mismatch
Categories
(Firefox :: Security, enhancement)
Firefox
Security
Tracking
()
NEW
People
(Reporter: briansmith, Unassigned)
References
Details
When the user enters https://amazon.com into the address bar, we should see that the cert is for "www.amazon.com" and provide a link to www.amazon.com. The link should be more prominent than the "add an exception" UI because navigating to https://www.amazon.com is almost always what the user really wants to do.
Similarly, if the user entered https://www.example.org and the certificate is for example.org, provide a link to https://example.org.
I am not recommending this behavior for any subdomains other than "www".
|
Reporter | |
Updated•14 years ago
|
Summary: When cert is for www.example.org and user enters https://example.org (or vice versa), provide a click-through to the other site → When cert is for www.example.org and user enters https://example.org (or vice versa), provide a click-through to https://www.example.org
This is a duplicate of bug 364667, which was WONTFIXed at the time (and bug 620834 was recently duped to that one as well).
|
|
Reporter | |
Comment 2•14 years ago
|
||
The link should be made more prominent. Right now it is buried ~100 words down the page, but it should be near the top. For example, add a separate white section above the "This connection is untrusted" section with title "Did you mean *https://www.amazon.com*?" with the text inside the box saying "The certificate provided by *amazon.com* is only valid for *www.amazon.com*", where both occurrences of "www.amazon.com" are hyperlinks.
Summary: When cert is for www.example.org and user enters https://example.org (or vice versa), provide a click-through to https://www.example.org → Make hyperlink in ssl_error_bad_cert_domain error page more prominent when the difference is caused by a www/no-www mismatch
Ok, then bug 402210 would be the correct reference, actually (I was mislead by the previous summary, obviously).
It's not a duplicate, then, but a request for changing the solution proposed in bug 402210 comment 15 (attachment 318670 [details] [diff] [review]).
|
||
Updated•14 years ago
|
Component: Security: PSM → Security: UI
QA Contact: psm → ui
|
||
Updated•9 years ago
|
Component: Security: UI → Security
Product: Core → Firefox
|
||
Comment 5•6 years ago
|
||
Hey @johannh, can I take this up? I am an Outreachy applicant. Please guide me on this.
|
||
Comment 6•5 years ago
|
||
Hello all,
Is this still an issue? If so, I'd like to work on it. Thanks!
-Lupita
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•