Opened 9 years ago
Last modified 8 years ago
#4895 new defect
Browse does not warn of expired certs
| Reported by: | SAMdroid | Owned by: | |
|---|---|---|---|
| Priority: | Unspecified by Maintainer | Milestone: | Unspecified |
| Component: | Browse | Version: | Unspecified |
| Severity: | Critical | Keywords: | |
| Cc: | Distribution/OS: | Fedora | |
| Bug Status: | Unconfirmed |
Description
How to reproduce:
- Go to site with expired cert (eg. https://dev.laptop.org/)
Result:
- Padlock in urlbar has an ! next to it
Expected result:
- Users are warned of the dangers and scared out of going there
- Click the padlock with the ! warns the about the dangers again
Notes:
Epiphany has this feature. They have awsome copy too:
Look out! This might not be the real **dev.laptop.org**. When you try to connect securely, websites present identification to prove that your connection has not been maliciously intercepted. There is something wrong with this website’s identification: This website’s identification is too old to trust. Check the date on your computer’s calendar. A third party may have hijacked your connection. You should continue only if you know there is a good reason why this website does not use trusted identification. **Legitimate banks, stores, and other public sites will not ask you to do this.**
Note: See
TracTickets for help on using
tickets.
related: https://bugs.sugarlabs.org/ticket/4625