| 2014-10-03 15:03:03 |
Chris Coulson |
bug |
|
|
added bug |
| 2014-10-03 15:03:30 |
Chris Coulson |
description |
I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:
- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override these errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).
- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match
- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.
- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not |
I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:
- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override other errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).
- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match
- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.
- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not |
|
| 2014-10-03 15:04:18 |
Chris Coulson |
description |
I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:
- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override other errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).
- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match
- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.
- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not |
I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:
- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override other errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).
- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match
- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.
- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not
- There doesn't seem to be any indicator when you go to a site that has an EV certificate |
|
| 2014-10-03 15:09:04 |
Chris Coulson |
bug |
|
|
added subscriber Ubuntu Security Team |
| 2014-10-03 15:24:02 |
Olivier Tilloy |
webbrowser-app: status |
New |
Triaged |
|
| 2014-10-03 15:24:05 |
Olivier Tilloy |
webbrowser-app: importance |
Undecided |
High |
|
| 2014-10-03 15:24:30 |
Olivier Tilloy |
webbrowser-app: assignee |
|
Michael Sheldon (michael-sheldon) |
|
| 2014-10-03 18:32:03 |
Jamie Strandboge |
information type |
Public |
Public Security |
|
| 2014-10-03 18:32:11 |
Jamie Strandboge |
tags |
|
rtm14 |
|
| 2014-10-03 18:32:24 |
Jamie Strandboge |
tags |
rtm14 |
ota-1 |
|
| 2014-11-11 15:57:33 |
Olivier Tilloy |
webbrowser-app: assignee |
Michael Sheldon (michael-sheldon) |
Olivier Tilloy (osomon) |
|
| 2014-11-11 16:21:06 |
Olivier Tilloy |
webbrowser-app: status |
Triaged |
In Progress |
|
| 2014-11-11 16:21:09 |
Launchpad Janitor |
branch linked |
|
lp:~osomon/webbrowser-app/certificate-error-fixes |
|
| 2014-11-12 11:12:54 |
Olivier Tilloy |
bug task added |
|
webbrowser-app (Ubuntu) |
|
| 2014-11-12 11:13:03 |
Olivier Tilloy |
webbrowser-app (Ubuntu): status |
New |
In Progress |
|
| 2014-11-12 11:13:10 |
Olivier Tilloy |
bug task added |
|
webbrowser-app (Ubuntu RTM) |
|
| 2014-11-12 11:13:15 |
Olivier Tilloy |
webbrowser-app (Ubuntu RTM): status |
New |
Confirmed |
|
| 2014-11-21 15:05:30 |
Olivier Tilloy |
webbrowser-app (Ubuntu): assignee |
|
Olivier Tilloy (osomon) |
|
| 2014-11-21 15:05:32 |
Olivier Tilloy |
webbrowser-app (Ubuntu RTM): assignee |
|
Olivier Tilloy (osomon) |
|
| 2014-11-21 16:16:57 |
Olivier Tilloy |
bug task added |
|
ubuntu-ux |
|
| 2014-11-21 16:17:10 |
Olivier Tilloy |
summary |
Various issues with security UI's |
[browser] Various issues with security UI's |
|
| 2014-11-24 10:16:19 |
Giorgio Venturi |
ubuntu-ux: status |
New |
Triaged |
|
| 2014-11-24 10:16:23 |
Giorgio Venturi |
ubuntu-ux: assignee |
|
Giorgio Venturi (giorgio-venturi) |
|
| 2014-11-24 10:16:41 |
Giorgio Venturi |
ubuntu-ux: importance |
Undecided |
High |
|
| 2014-11-24 15:18:51 |
Giorgio Venturi |
description |
I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:
- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override other errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).
- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match
- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.
- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not
- There doesn't seem to be any indicator when you go to a site that has an EV certificate |
I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:
- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override other errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).
- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match
- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.
- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not
- There doesn't seem to be any indicator when you go to a site that has an EV certificate
--- UX Comment ---
Additional wireframe for top bar displaying warning when certificate identity is not verified
https://docs.google.com/a/canonical.com/presentation/d/1Qrd4Flfs3EH-fI79IfrYgLdAx2nce-L7ve8NKLCX324/edit#slide=id.g3503834cf_01
For EV certificate, just display EV information in the pop-over |
|
| 2014-11-24 15:18:56 |
Giorgio Venturi |
ubuntu-ux: status |
Triaged |
Fix Committed |
|
| 2014-12-05 12:54:42 |
Olivier Tilloy |
bug task added |
|
canonical-devices-system-image |
|
| 2014-12-15 10:48:27 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/vivid-proposed/webbrowser-app |
|
| 2014-12-15 11:11:54 |
Launchpad Janitor |
webbrowser-app (Ubuntu): status |
In Progress |
Fix Released |
|
| 2014-12-15 15:48:32 |
Olivier Tilloy |
webbrowser-app: status |
In Progress |
Fix Released |
|
| 2015-01-12 11:19:16 |
Launchpad Janitor |
branch linked |
|
lp:~osomon/webbrowser-app/rtm-backport-security-UI |
|
| 2015-01-16 21:13:09 |
Launchpad Janitor |
webbrowser-app (Ubuntu RTM): status |
Confirmed |
Fix Released |
|
| 2015-01-16 21:24:42 |
Pat McGowan |
canonical-devices-system-image: milestone |
|
ww05-2015 |
|
| 2015-01-16 21:24:45 |
Pat McGowan |
canonical-devices-system-image: status |
New |
Fix Released |
|
| 2015-01-19 08:49:48 |
Olivier Tilloy |
canonical-devices-system-image: assignee |
|
Olivier Tilloy (osomon) |
|
| 2015-01-19 10:01:31 |
Launchpad Janitor |
branch linked |
|
lp:webbrowser-app/rtm-14.09 |
|
| 2015-04-08 13:27:52 |
Magdalena Mirowicz |
ubuntu-ux: assignee |
Giorgio Venturi (giorgio-venturi) |
Rae Shambrook (raecontreras) |
|
| 2015-04-09 16:25:26 |
Rae Shambrook |
ubuntu-ux: status |
Fix Committed |
Fix Released |
|
