799847 - Temporary certificate exception is silently used permanently

Status: RESOLVED DUPLICATE of bug 660749

(Core :: Networking: Cache, defect)

Description

[pinkisntwell]

User Agent: Mozilla/5.0 (Windows NT 5.1; rv:16.0) Gecko/20100101 Firefox/16.0
Build ID: 20121005155445

Steps to reproduce:

I navigated the https://japan.indymedia.org/ . Firefox gave the "invalid certificate" dialog (the problem is that the site's certificate was granted for a different domain, namely rootless.org).

I chose to add an exception, but did NOT click "Permanently store this exception".


Actual results:

Firefox added the certificate exception. I could see it in the Options->Advanced->Encryption->View Certificates->Servers list, listed as "Temporary". I then restarted the browser, verified that in Options->Advanced->Encryption->View Certificates->Servers the previously added Temporary exception was no longer listed and navigated to https://japan.indymedia.org/ again.

Firefox did not give any warnings this time.


Expected results:

Firefox should have given the same warning that was given when I first visited the website.

Comment 1

[Matthias Versen [:Matti]]

I can confirm this behavior with Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0 
The issue is not that the exception is stored but the page is in the cache and you get the cached entry !
You should get the warning again if you hit ctrl+f5

I think that we have a dupe somewhere

Comment 2

[pinkisntwell]

Indeed, I get the warning again if I do ctrl+F5. 

I think the intuitive behaviour from a user perspective is to delete the cached page when the exception is deleted.

Comment 3

[Matthias Versen [:Matti]]

sorry for the noise, i found the other bug