After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 158453 - wrong certificate information shown
wrong certificate information shown
Status: RESOLVED FIXED
Product: galeon
Classification: Deprecated
Component: User interface
1.3.18
Other Linux
: High major
: 1.3.19
Assigned To: galeon-maint
galeon-maint
Depends on:
Blocks:
 
 
Reported: 2004-11-16 13:29 UTC by Sven Neuhaus
Modified: 2004-12-22 21:47 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Sven Neuhaus 2004-11-16 13:29:48 UTC 
1. Go to
https://www.bankingonline.de/sparda-banking/view/index.jsp?blz=20690500&graphics=true
2. Click on the closed lock icon in the lower right corner
   Note that it says 'The web site "www.bankingonline.de" supports...'
3. Click the "View Certificate" button
4. You see the certificate information for a script included in the page (common
name cn: seal.verisign.com), but not of the page itself. This can obviously be
exploited.

It should show the certificate of the page itself. It works OK in Mozilla 1.7.3
Comment 1 Crispin Flowerday (not receiving bugmail) 2004-11-16 23:44:07 UTC 
Thanks very much for this bug report, I have a patch for this, ported from a
patch for epiphany (by chpe):

http://patches.theflowerdays.com/d/galeon_correct_cert.diff
Comment 2 Crispin Flowerday (not receiving bugmail) 2004-11-20 20:34:20 UTC 
This is now fixed in CVS:

http://mail.gnome.org/archives/cvs-commits-list/2004-November/msg04201.html