Bug 775146 – Ignore TLS certificate errors when redirected by libhttpseverywhere

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 775146 - Ignore TLS certificate errors when redirected by libhttpseverywhere


Summary:	Ignore TLS certificate errors when redirected by libhttpseverywhere


Status:	RESOLVED WONTFIX

Product:	epiphany
Classification:	Core
Component:	General
Version:	3.23.x
Hardware:	Other Linux

Importance:	Normal blocker
Target Milestone:	---
Assigned To:	Michael Catanzaro
QA Contact:	libhttpseverywhere maintainer(s)

URL:
Whiteboard:

Depends on:
Blocks:	775575

Reported:	2016-11-26 16:46 UTC by Michael Catanzaro
Modified:	2018-03-30 16:30 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Michael Catanzaro 2016-11-26 16:46:52 UTC

When redirected to an https:// URI by libhttpseverywhere, we should ignore TLS certificate errors. Our use of libhttpseverywhere is not supposed to be some important security feature, just a quick best-effort privacy improvement. We need to be as robust as possible to outdated rulesets.

Comment 1 Michael Catanzaro 2016-11-28 23:33:54 UTC

Also need to either fix this here or file a new bug: need to try to load the page again without HTTPS Everywhere if we used HTTPS Everywhere and the first load fails.

Comment 2 Michael Catanzaro 2016-11-28 23:35:51 UTC

Test page: http://freedos.sourceforge.net/software/