If a certificate error is allowed, sub-resources are still blocked
Bug #1503035 reported by
Chris Coulson
This bug affects 11 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Oxide |
Triaged
|
High
|
Unassigned | ||
Bug Description
If an application overrides a certificate error for a page, the page is loaded with sub-resources blocked if those subresource loads are affected by the same error with the same certificate. This behaviour is different to both Chromium and Firefox.
What's missing in Oxide is that we need to remember the application decision for a pre-determined amount of time, so that we can check this decision in our implementation of content:
| Changed in oxide: | |
| importance: | Undecided → Medium |
| status: | New → Triaged |
Revision history for this message
| Olivier Tilloy (osomon) wrote | #1 |
| Changed in oxide: | |
| importance: | Medium → High |
Revision history for this message
| Laryllan (laryllan) wrote | #2 |
Revision history for this message
| Olivier Tilloy (osomon) wrote | #3 |
Revision history for this message
| icewater (a-ubuntu) wrote | #4 |
To post a comment you must log in.
Concrete use-case: it’s been reported that users who set up their owncloud instance with a self-signed certificate cannot log in to it, because the log-in page loads jquery and other JS libs as subresources, which fails, and thus the page is broken. See bug #1523261.