Closed
Bug 36435
Opened 25 years ago
Closed 22 years ago
https redirect should check against certs.
Categories
(Core Graveyard :: Security: UI, defect, P3)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 154616
Future
People
(Reporter: dougt, Assigned: ddrinan0264)
References
()
Details
(Keywords: qawanted)
No description provided.
Reporter | ||
Updated•25 years ago
|
Target Milestone: --- → M17
Reporter | ||
Comment 1•24 years ago
|
||
Reassigning all https/cartman/security bugs to valeski. He will be finding new
owner(s). This shift is so that I can focus on embedding issues. If the new
owner has questions that can not be resovled, I may be able to lend a (quick)
hand.
over to valeski....
Assignee: dougt → valeski
Reporter | ||
Comment 2•24 years ago
|
||
going from an https page to another https page, we should verify certs before
throwing a dialog. currenly this does not happen.
Also, I don't remember if we even warn in this case.
Assignee | ||
Comment 3•24 years ago
|
||
Re-assigning all valeski PSM bugs to ddrinan.
Assignee: valeski → ddrinan
Comment 6•24 years ago
|
||
Resolved as later.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → LATER
Comment 7•24 years ago
|
||
reopening and marking future
Status: RESOLVED → REOPENED
Resolution: LATER → ---
Assignee | ||
Updated•24 years ago
|
Component: Security: Crypto → Client Library
Product: Browser → PSM
Target Milestone: Future → ---
Version: other → 2.0
Can someone please provide a test case here?
Setting to PSM 2.0.
Target Milestone: --- → 2.0
Updated•23 years ago
|
Keywords: nsenterprise
Comment 12•23 years ago
|
||
P3
After discussing it with ddrinan, we decided that this is not a must have.
Keywords: nsenterprise
Priority: P1 → P3
Comment 13•23 years ago
|
||
Here's a url that on comunicator, pops up a dialog (that can't be preferenced
out).
https://beaver.red.iplanet.com/stores/bug36435.cgi
bug36435.cgi reads:
#!/bin/ksh
cat <<EOF
Location: https://store.aolshopdirect.com
EOF
exit 0
And can be installed on any https server.
Updated•23 years ago
|
Target Milestone: 2.1 → Future
Comment 14•23 years ago
|
||
Move to future. Won't have time to fix these for 2.1
Updated•23 years ago
|
QA Contact: ckritzer → junruh
Comment 15•22 years ago
|
||
I don't see clear what this bug is about. Let's try to enhance the problem
description.
I placed a new test case at https://www.kuix.de/misc/test30
(Accept my server's cert before continuing.)
The bug summary asks for "cert checking".
I believe we correctly check the certificate of the final destination site,
after the redirect. What kind of check did you ask for?
I see that with communicator, a warning message is shown, that you are being
redirected to a different server. This warning is no longer shown in Mozilla. Is
that what this bug is asking for? A warning for https-server-redirection?
If only the latter is the case, this bug is a duplicate of bug 154616.
Comment 16•22 years ago
|
||
*** This bug has been marked as a duplicate of 154616 ***
Status: REOPENED → RESOLVED
Closed: 24 years ago → 22 years ago
Resolution: --- → DUPLICATE
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•