[Project_owners] auto certificate acceptance

Konstantin Svist fry.kun at gmail.com
Tue Mar 27 06:38:40 PST 2007


I should hope that since this deals with website security, this 
mechanism should not be easily overridden.
If you begin intercepting these requests with your extension, you would 
be potentially opening a gaping hole in the browser's security.

Just my $0.02


Preet Shihn wrote:
> I am not the owner of the website with that certificate.
> I am developing a xulrunner based application which has a browser 
> component to it. The user could potentially visit any website with a 
> certificate.
> 
> I was hoping I could somehow intercept that request to feed back a 
> default result. e.g for prompts, I have implemented a prompt service 
> that I register with Mozilla service manager. This way whenever a prompt 
> or alert or http credentials dialog needs to appear, my prompt service 
> is notified, and I can deal with it however I want. Similarly, I would 
> like more control over the certificate dialog.
> 
> 
> 
> On 3/26/07, *Konstantin Svist* <fry.kun at gmail.com 
> <mailto:fry.kun at gmail.com>> wrote:
> 
>     The browser only asks this if the certificate is not authenticated by a
>     known CA (Certificate Authority)
> 
>     You need to purchase an SSL certificate from a CA - then the browser
>     will not pop up a dialog and will open the page right away.
> 
>     The message does not convey too well to the user that the certificate in
>     question has a problem - either it was self-issued (which, incidentally,
>     is perfectly okay for internal use, e.g. connecting to a computer on
>     your own network) or has already expired.
> 
> 
>     I bought a certificate from godaddy last year - it was pretty cheap
>     (about $20/year)
> 
> 
> 
>     Hope this helps
> 
> 
>     Preet Shihn wrote:
>      > So, when I visit a https web site with a certificate, it asks for
>     "do
>      > you want to accept certificate" or "do you want to accept certificate
>      > permanently", something along those lines....
>      > Is there a way to hook up into a mozilla service so that instead of
>      > popping that dialog, it automatically accepts the certificate?
>      >
>      > Maybe I would have to implement some sort service provider that is
>      > called to handle these dialogs, and I return back a value indicating
>      > "accept this certificate".
>      >
>      > Somehow, I have a feeling it would be much more complicated.
>      >
>      > Any ideas/infor related to this would be appreciated.
>      >
>      > Merci !
>      > Preet
>      >
>      >
>      >
>     ------------------------------------------------------------------------
>      >
>      > _______________________________________________
>      > Project_owners mailing list
>      > Project_owners at mozdev.org <mailto:Project_owners at mozdev.org>
>      > http://mozdev.org/mailman/listinfo/project_owners
>     _______________________________________________
>     Project_owners mailing list
>     Project_owners at mozdev.org <mailto:Project_owners at mozdev.org>
>     http://mozdev.org/mailman/listinfo/project_owners
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Project_owners mailing list
> Project_owners at mozdev.org
> http://mozdev.org/mailman/listinfo/project_owners


More information about the Project_owners mailing list