Ticket #542 (closed defect: fixed)

Opened 8 years ago

Last modified 6 years ago

Better (better? there are none!) dialog for SSL / https sites

Reported by: ywwg Owned by: erikos
Priority: high Milestone: 8.2.0 (was Update.2)
Component: browse-activity Version: Build 653
Keywords: Cc: rharrison, vorburger
Action Needed: never set Verified: yes
Deployments affected: Blocked By:
Blocking: #7421

Description

(btw, I thought I already filed this bug, but I can't find it. Sorry if this is a repeat)

My email is self-hosted, and I don't have an official web certificate for https. Because of this, mozilla pops up a confirmation dialog asking if I want to accept the certificate anyway. In the web activity, the OK / Cancel buttons in this dialog are non-functional, preventing me from getting to the website and checking my email.

Steps to reproduce:

  1. go to my webmail server.
  2. olpc asks if you want to accept the certificate
  3. click OK

Expected results:

  1. dialog is dismissed, website loads

actual results:

  1. nothing happens.

Other notes: other ok/cancel dialogs popped up by the mozilla component do work, but I can't remember an example right now :(.

Attachments

PageLoadError.png (52.4 kB) - added by rharrison 7 years ago.
Page Load Error screen shot

Change History

  Changed 8 years ago by marco

  • milestone changed from BTest-2 to BTest-3

  Changed 8 years ago by dcbw

  • owner changed from dcbw to marco

  Changed 8 years ago by jg

  • keywords relnote added
  • priority changed from normal to high

This one is pretty high priority...

  Changed 7 years ago by cshields

I ran into this one today trying out the B2 (Build 239). Our online registration system for new wireless devices uses a self signed cert (ugh) and this came up where I was unable to accept the certificate. I have since updated to build 299 and will try it again next time I am in the office.. Testing it here with the new build, it seems to accept with no question at all the link that ywwg provides now (as opposed to any popup at all about the cert).

Also, tested against a self-signed cert site with an expired cert (usually throws 2 dialog boxes for acceptance in other browsers) and the Web activity accepts no questions asked. This may or may not be the desired outcome, but as for the original bug reported it is no longer the case in 299.

Cheers!

-Corey

  Changed 7 years ago by cjb

Marco, can you tell us whether accepting unverifiable SSL certs was the intention here?

follow-up: ↓ 8   Changed 7 years ago by marco

Not intentional, this should just work as it does in firefox. Do you still see it on the latest image?

  Changed 7 years ago by JeremyVisser

I could reproduce this on one of the demo XO machines at linux.conf.au while trying to access the Internet.

linux.conf.au used a hotspot-style authentication, which required you to log on over a self-signed SSL connection before accessing the Internet. Because I couldn't accept the certificate, I couldn't get onto the 'net.

in reply to: ↑ 6   Changed 7 years ago by AlbertCahalan

Replying to marco:

Not intentional, this should just work as it does in firefox. Do you still see it on the latest image?

Regular firefox does this in a most user-unfriendly way. It can throw at least 2 complicated dialog boxes at the user, probably even 3.

Good behavior would be to simply do whatever crypto is required to make the server happy. Any sort of security icon should of course indicate that the connection is NOT trusted, despite the crypto. (eh, there doesn't seem to be any such icon at all, so no problem with wrongly claiming trust but this isn't a good situation either)

  Changed 7 years ago by marco

  • owner changed from marco to tomeu
  • verified unset

Reassign to tomeu since he is working on hooking up the XUL dialogs in hulahop.

  Changed 7 years ago by marco

  • milestone changed from BTest-4 to Trial-2

  Changed 7 years ago by tomeu

  • owner changed from tomeu to Eben

Right now we'll load the site without asking anything.

Eben: should we implement something like the non-modal alert in http://wiki.laptop.org/go/Image:Activity_browse_alert.jpg?

  Changed 7 years ago by marco

I'd say to just use whatever mozilla give us for Gen1, it's a side case anyway. The mozilla security UI needs to be redesigned, but that needs to happen upstream.

  Changed 7 years ago by tomeu

  • keywords relnote removed
  • priority changed from high to normal
  • component changed from sugar to web browser
  • milestone changed from Trial-2 to FRS

We're now using standard mozilla dialogs. Will implement Eben's ideas after Trial2.

  Changed 7 years ago by kimquirk

  • priority changed from normal to high
  • milestone changed from FRS to Trial-3

Moving to Trial-3; I think it should be high priority.

  Changed 7 years ago by Eben

  • owner changed from Eben to marco

The alert referenced by Tomeu above and in the screenshot on the wiki would be a great way to handle this. As such, I think this is now an implementation ticket, regardless of how soon we can actually get it into the builds.

  Changed 7 years ago by marco

  • summary changed from SSL / https sites without official certificate not accessible in web activity to Better dialog for SSL / https sites
  • milestone changed from Trial-3 to Untriaged

Updating the title to match the status. Resetting to untriaged. (It would be better to just open separate tickets in these cases IHMO).

I suggest punting this to Gen2.

  Changed 7 years ago by jg

  • milestone changed from Untriaged to First Deployment

  Changed 7 years ago by marco

  • owner changed from marco to Eben
  • component changed from web browser to interface-design

Eben, I'm not sure how much flexibility the firefox API give us here. But anyway we need a concrete design and then try to figure that out. i.e. what is the dialog going to ask to the user, which informations are going to be displayed etc.

I'd suggest to play with the current UI and list the changes you would like to make.

  Changed 7 years ago by tomeu

Just for reference, I think this is the hook that mozilla gives to us for this:

http://www.xulplanet.com/references/xpcomref/ifaces/nsIBadCertListener.html

Somewhat related, perhaps we can use this other one for other alerts:

http://www.xulplanet.com/references/xpcomref/ifaces/nsIPromptService.html

But yeah, we need first to decide what kind of interaction we can have with the user, related to certificates.

  Changed 7 years ago by Eben

  • owner changed from Eben to erikos

So, using the alert style spec'd in #2822, I think we'll want to make the text more concise. Glancing at the API linked above, here's my tentative suggestions:

Alert Title (for all):

  • Untrusted Website

Alert Descriptions:

  • The certificate for <url> has expired.
  • The supplied certificate for <url> does not include <url>.
  • The issuer of the certificate for <url> isn't known.
  • The certificate for <url> may be revoked.

Buttons:

  • Continue: Trust the certificate temporarily (for this session) and continue to the website
  • Inspect: View the certificate in detail (may require non-modal/fullscreen alert support?)
  • Cancel: Don't trust the certificate; remain at the current page.

Should we offer a "Always trust" option in any manner? The spec for the non-modal alerts doesn't support adding other controls (such as a checkbox), but that might not be a problem. It doesn't seem unreasonable to force one to inspect the certificate to verify it before always trusting it, and the design for the modal fullscreen alert should be more like a palette, supporting any kind of controls inside it. In any case, I think the "always trust" option is an enhancement for the future, even though we're technically obliged to show the details of the certificate...

  Changed 7 years ago by jg

I ran into this one at MIT today (just trying to get to their web page to authorize web access).

I think in self defense we'd better fix this one pretty soon, since it can so completely block access to some web sites...

  Changed 7 years ago by jg

  • component changed from interface-design to browse-activity

  Changed 7 years ago by ywwg

with the changes to mozilla this bug is a big issue again in the latest joyrides. Now there's an error page that tells me I can add an exception, but when I click that link the error page just tells me I'm supposed to go to my preferences page to make the exception. Since browse-activity doesn't have a preferences page, this bug is blocking me again.

Changed 7 years ago by rharrison

Page Load Error screen shot

  Changed 7 years ago by rharrison

This bug seems to be preventing me from accessing the wireless network here at work. Our CA cert isn't included in the normal default certs. Since I'm not given a pop up dialog I can't accept the cert to continue and get onto our guest wireless network login page. I had to download the opera browser rpms to a usb key and using it instead to log on.

Tested with builds 650 and 653. This seems like a pretty critical bug that needs to be addressed in Update.1 as many sites will cause this error.

Page Load Error screen shot

  Changed 7 years ago by rharrison

  • cc rharrison added
  • version set to Build 653

  Changed 7 years ago by sj

see also #5534 for a related set of issues with alerts. We should also document how users can hack around this problem.

  Changed 6 years ago by vorburger

  • cc vorburger added
  • verified set
  • summary changed from Better dialog for SSL / https sites to Better (better? there are none!) dialog for SSL / https sites

This problem really is a pain! Priority Blocker may be a bit harsh, but it does "block" you to get online at Wireless access networks that have some kind of web sign-up and use a self-signed cert. Just happened to me when presenting the XO at a university campus.

This is probably plainly simply a duplicate of #5534... (or #5534 should be a duplicate of this #542, because this one is older) - this isn't about "Better dialog for SSL / https sites" but about handling it at all. At least in Build 656, Browse does NOT "ask if you want to accept the certificate" anymore (as the initial description above says) but gives that Mozilla error described at e.g. http://wiki.laptop.org/go/Ask_OLPC_a_Question_about_the_XO#Browser_issue_with_SSL_warning_about_invalid_security_certificate

I took the liberty to at least change the Summary. Somebody else should do the duplication and close this (or the other way), I don't dare.

PS: A hack around this problem seems to be described at http://wiki.laptop.org/go/Talk:Browse#Adding_Authorities_for_SSL_support by somebody.

PPS: I put links on http://wiki.laptop.org/go/Ask_OLPC_a_Question_about_the_XO#Browser_issue_with_SSL_warning_about_invalid_security_certificate

  Changed 6 years ago by cscott

  • blocking 7421 added

  Changed 6 years ago by erikos

  • status changed from new to closed
  • next_action set to never set
  • resolution set to fixed

This works fine for me in joyride 2107 which contains the latest version of hulahop which is needed and with the latest version of browse Web-91. I tested with https://nic.mit.edu:444 with https://mozilla.org and with linuxtag.org/vcc.

The interface to add exceptions is the same F3 is using.

Note: See TracTickets for help on using tickets.