Created attachment 623107 [details] logs Firefox Native 14.0b1 build 3 Device: HTC Desire (Android 2.2) Steps to reproduce: 1. Go to https://fisheye.last.fm 2. Add a permanent SSL Certificate Error. 3. Try to clear the website preferences. Expected results: Since there is no certificate manager clearing the site preferences should clear the certificate exception. Actual results: The security certificate exceptions are not clear. Without a certificate manager clearing user settings should also clear the certificate since an exception is a "Site preference". Clearing private data also does not remove exceptions.
This is basically a dupe of bug 436076.
Summary: Clear site preferences does not clear permanent security certificate exception for the website → Request for certificate management
aaronmt: I think you've misunderstood this bug. It is not a request for a certificate management UI. It is saying that if you add an SSL cert exception for a site, and then "clear site preferences" for that site, it should clear the exception. Which, given that we now have a per-site preferences system (don't we?), I believe it should. Gerv
Summary: Request for certificate management → Clear site preferences does not clear permanent security certificate exception for the website
We talked about adding this to the site settings dialog. I can mentor someone through that (or a different solution if we come up with one...)
Whiteboard: [14.0b1] → [mentor=wesj][lang=js][lang=java]
Hi I am new to Mozilla. I would like to work on this. manoji
Wes is there additional info that would be helpful?
Sorry for the delay. First step is to get a build done. If you're still interested, have you done that? The instructions at https://wiki.mozilla.org/Mobile/Fennec/Android are long, but thorough. The rest of this is just me digging around to see how you could fix this. I wouldn't bother reading it until you've got a build going :) This clear site settings dialog is handled in the PermissionsHelper: http://mxr.mozilla.org/mozilla-central/source/mobile/android/chrome/content/PermissionsHelper.js#45 You'll need to add an object for the cert override, and specify some strings for it in the properties file: http://mxr.mozilla.org/mozilla-central/source/mobile/android/locales/en-US/chrome/browser.properties The next step will be to implement something in getPermission to handle checking if there is a cert override for this host/port: http://mxr.mozilla.org/mozilla-central/source/mobile/android/chrome/content/PermissionsHelper.js#122 I think we can use this getAllOverrideHostsWithPorts function from the certOverrideService. We'll have to loop over all the overrides and see if any matchthis page http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/nsICertOverrideService.idl#117 You can see some other examples of us getting and using the service here: http://mxr.mozilla.org/mozilla-central/source/mobile/android/chrome/content/exceptions.js#15 Finally, you'll need to actually clear the override when asked to. i.e. we'll have to special case this in here http://mxr.mozilla.org/mozilla-central/source/mobile/android/chrome/content/PermissionsHelper.js#152 and use the override service's clearValidityOverride method. That's a bit vague of a braindump of what I think should work. Hollar if you need guidence on your way through it. And thanks!
Yes, very much interested . I built firefox thanks to some help form gcp . I will work on it this weekend , thanks for the info :).
Whiteboard: [mentor=wesj][lang=js][lang=java] → [lang=js][lang=java]
You need to log in before you can comment on or make changes to this bug.