317754 – Mozilla - Redirects to resources with bad certificates cause URL redirects

Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 317754 - Mozilla - Redirects to resources with bad certificates cause URL redirects

Summary: Mozilla - Redirects to resources with bad certificates cause URL redirects

Status:	CLOSED WONTFIX

Alias:	None

Product:	Platform
Classification:	Eclipse Project
Component:	SWT (show other bugs)
Version:	4.0
Hardware:	All All

Importance:	P3 normal (vote)
Target Milestone:	---
Assignee:	Platform-SWT-Inbox
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2010-06-23 18:48 EDT by Ryan Levering
Modified:	2017-07-04 13:43 EDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ryan Levering

2010-06-23 18:48:03 EDT

Build Identifier: SWT3.6m7

If I have time to create a reproducer, I'll try, but it relies on an image on a webpage redirecting to location with a bad certificate and I get my bad certificates on my test proxy so I don't have an example in the wild.

The current handling in Mozilla.java for bad certificates uses setUrl with the last navigated url when you ignore a bad certificate.  I believe this last navigated URL is not being properly ignored when a resource (image/js/etc) is being redirected.

The end result is that if you accept the bad certificate, you end up staring at the image/resource.

Reproducible: Always

Steps to Reproduce:
1. Navigate to a page with an image that redirects (302) to a SSL url with a bad certificate

Comment 1 Alexander Kurtakov

2017-07-04 13:43:54 EDT

Mozilla support is removed in 4.8.