Closed Bug 919347 Opened 6 years ago Closed 6 years ago

Incorrect label for SSL Warnings preferences in Security Sockets Layer pane

Categories

(SeaMonkey :: Preferences, defect, major)

defect
Not set
major

Tracking

(Not tracked)

RESOLVED FIXED
seamonkey2.24

People

(Reporter: rsx11m.pub, Assigned: rsx11m.pub)

References

Details

Attachments

(1 file)

Edit > Preferences > Privacy & Security > SSL, center group: SSL Warnings.

The description states "Set SeaMonkey to show a warning [correct] and ask permission [mostly incorrect] before:".

This applies only to "Sending form data from an unencrypted page to an unencrypted page" which shows a modal dialog with the ability to cancel the operation, whereas the other three options only show notification bars presenting the warning after the fact.

Thus, the second part of that label should be removed or clarified and the Help content reviewed for any changes (specifically mention the ability to cancel for the single remaining case; similar dialogs were removed for the other options with bug 817441 but added a button to the settings).
Attached patch Proposed patchSplinter Review
This changes "show a warning and ask permission before:" to a more accurate description "show a warning when:" (getting rid of the "permission" part and being neutral on the time when the notification bar is shown, i.e., with the page rather than as a dialog before it).

Explaining the single special case of the insecure-form warning in the description itself should be tricky, thus it's better to add this behavior along with the general case of the notification bar to the Help contents.

I'll consolidate changes to the Help text for this pane in bug 904189, otherwise I'd keep bitrotting myself.
Assignee: nobody → rsx11m.pub
Status: NEW → ASSIGNED
Attachment #808362 - Flags: review?(iann_bugzilla)
Blocks: 904189
JFTR these strings were inherited from Netscape 6, the only difference is that the warnings used to be (non-cancelable) alerts until recently.
Oops, you are right. I dug out an old 2.15 build, and indeed the other options only provide a simple dialog box with an "Ok" but no "Cancel" button (and hitting the ESC key loads the page anyway). Thus, one more reason to finally correct the description not to create a user's expectation that he or she could always abort loading a page in all cases.
Attachment #808362 - Flags: review?(iann_bugzilla) → review+
Keywords: checkin-needed
https://hg.mozilla.org/comm-central/rev/412f68f827ec
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → seamonkey2.24
Well, you can still abort the insecure form submission...
Yes, that exception was covered in the Help updates by bug 904189.
You need to log in before you can comment on or make changes to this bug.