enforce SSL certificates verification
Bug #996697 reported by
Yves-Alexis Perez
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Midori Web Browser |
Fix Released
|
High
|
Cris Dywan |
Bug Description
Hey,
SSL/TLS support and x509 certificate handling doesn't really exist right now in Midori. But until there's proper handling, and considering the current state, it should be safer to use libsoup strict ssl mode, so when the SSL status is bad, the connection won't be made at all. I know right now the url bar is set to red when a bad status is received, but it's already too late, cookies have been sent etc.
Attached patch does just that.
Changed in midori: | |
importance: | Undecided → High |
tags: | added: ssl |
Changed in midori: | |
assignee: | nobody → Christian Dywan (kalikiana) |
Changed in midori: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
https:/ /bugzilla. novell. com/show_ bug.cgi? id=760517 might have some insights too.