Clear site preferences does not clear permanent security certificate exception for the website

Assigned to



6 years ago
2 years ago


(Reporter: AdrianT, Assigned: manoj0011989)


14 Branch

Firefox Tracking Flags

(Not tracked)


(Whiteboard: [lang=js][lang=java])


(1 attachment)



6 years ago
Created attachment 623107 [details]

Firefox Native 14.0b1 build 3
Device: HTC Desire (Android 2.2)

Steps to reproduce:
1. Go to
2. Add a permanent SSL Certificate Error.
3. Try to clear the website preferences. 

Expected results:
Since there is no certificate manager clearing the site preferences should clear the certificate exception.

Actual results:
The security certificate exceptions are not clear. Without a certificate manager clearing user settings should also clear the certificate since an exception is a "Site preference".
Clearing private data also does not remove exceptions.
This is basically a dupe of bug 436076.


6 years ago
Summary: Clear site preferences does not clear permanent security certificate exception for the website → Request for certificate management
Whiteboard: [14.0b1]


6 years ago
Severity: normal → enhancement
aaronmt: I think you've misunderstood this bug. It is not a request for a certificate management UI. It is saying that if you add an SSL cert exception for a site, and then "clear site preferences" for that site, it should clear the exception. Which, given that we now have a per-site preferences system (don't we?), I believe it should.

Summary: Request for certificate management → Clear site preferences does not clear permanent security certificate exception for the website
We talked about adding this to the site settings dialog. I can mentor someone through that (or a different solution if we come up with one...)
Whiteboard: [14.0b1] → [mentor=wesj][lang=js][lang=java]

Comment 4

5 years ago
Hi I am new to Mozilla. I would like to work on this.



5 years ago
Assignee: nobody → manoj0011989
Wes is there additional info that would be helpful?
Flags: needinfo?(wjohnston)
Sorry for the delay. First step is to get a build done. If you're still interested, have you done that? The instructions at are long, but thorough. The rest of this is just me digging around to see how you could fix this. I wouldn't bother reading it until you've got a build going :)

This clear site settings dialog is handled in the PermissionsHelper:

You'll need to add an object for the cert override, and specify some strings for it in the properties file:

The next step will be to implement something in getPermission to handle checking if there is a cert override for this host/port:

I think we can use this getAllOverrideHostsWithPorts function from the certOverrideService. We'll have to loop over all the overrides and see if any matchthis page

You can see some other examples of us getting and using the service here:

Finally, you'll need to actually clear the override when asked to. i.e. we'll have to special case this in here and use the override service's clearValidityOverride method.

That's a bit vague of a braindump of what I think should work. Hollar if you need guidence on your way through it. And thanks!
Flags: needinfo?(wjohnston)

Comment 7

5 years ago
Yes, very much interested . I built firefox thanks to some help form gcp . I will work on it this weekend , thanks for the info :).
Mentor: wjohnston
Whiteboard: [mentor=wesj][lang=js][lang=java] → [lang=js][lang=java]
Mentor: wjohnston2000
You need to log in before you can comment on or make changes to this bug.