[Bugs] #4245 Browse NORM: Browse: show a error if ssl certificate is wrong

Sugar Labs Bugs bugtracker-noreply at sugarlabs.org
Wed Nov 28 14:31:14 EST 2012

Previous message: [Bugs] #4245 Browse NORM: Browse: show a error if ssl certificate is wrong
Next message: [Bugs] #4245 Browse NORM: Browse: show a error if ssl certificate is wrong
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#4245: Browse: show a error if ssl certificate is wrong
----------------------------+-----------------------------------------------
    Reporter:  godiard      |          Owner:  humitos    
        Type:  defect       |         Status:  accepted   
    Priority:  Normal       |      Milestone:  0.98       
   Component:  Browse       |        Version:  Unspecified
    Severity:  Unspecified  |       Keywords:  r-         
Distribution:  Unspecified  |   Status_field:  Unconfirmed
----------------------------+-----------------------------------------------
Changes (by humitos):

  * keywords:  r? => r-


Comment:

 Well, the patch looks good and works like it says. I checked the sites
 that are mentioned on this ticket and some others as well, like Facebook,
 PayPal and some SSL cert sellers. It shows a broken lock when the SSL is
 invalid for the site visited and show a lock when the SSL is valid.

 There is just a little issue in the log file when a PDF tab is opened:
 {{{
 Traceback (most recent call last):
   File "/home/olpc/Activities/Browse.activity/webtoolbar.py", line 352, in
 __switch_page_cb
     self._connect_to_browser(tabbed_view.props.current_browser)
   File "/home/olpc/Activities/Browse.activity/webtoolbar.py", line 369, in
 _connect_to_browser
     self._set_security_status(self._browser.security_status)
 AttributeError: 'DummyBrowser' object has no attribute 'security_status'
 /home/olpc/Activities/Browse.activity/webtoolbar.py:356: Warning:
 gsignal.c:2576: instance `0x12fa730' has no handler with id `15343'
   self._browser.disconnect(self._uri_changed_hid)
 }}}

 I know that we discussed about this yesterday and we want a simple
 solution similar how Epiphany works but I'd like to add two comments on
 this patch to consider them in the future:

  1. {{{ssl-use-system-ca-file}}}: setting this property to {{{True}}} we
 are trusting on the ca-files that we have on our system. In some way this
 could be dangerous if the user has an invalid CA file on his system.
  1. {{{widget.get_main_frame()}}}: we are checking the certificate just
 for the main frame. So, if the main frame has a valid certificate we are
 saying that you are in a trusted site when that is not totally true
 because the "real website" could be inside an iframe or doing something
 weird via javascript.

 I'd say, fix the traceback issue, push this patch and go back later in the
 future with the best solution considering all the possibilities.

-- 
Ticket URL: <http://bugs.sugarlabs.org/ticket/4245#comment:12>
Sugar Labs <http://sugarlabs.org/>
Sugar Labs bug tracking system

Previous message: [Bugs] #4245 Browse NORM: Browse: show a error if ssl certificate is wrong
Next message: [Bugs] #4245 Browse NORM: Browse: show a error if ssl certificate is wrong
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Bugs mailing list