Comment 0 for bug 1377194

I've not done a proper review on this yet, but there are a few issues I've noticed just from using the browser:

- The certificate error UI is displayed for all errors, but it should only be displayed for main frame document errors (CertificateError.isMainFrame && !CertificateError.isSubresource). You can't override these errors anyway, and for subframes and subresources it is fine to just block the content (this is how Chrome and Firefox behave).

- When accepting an error, the certificate fingerprint seems to be whitelisted by the browser. This is not safe - what happens if the user navigates to a genuinely malicious site that happens to use the same certificate? If you want to whitelist them, you must also record the domain that the error originated from and the error code, and only automatically allow the error if the domain + error code + fingerprints match

- When accepting an error, there is no visual cue in the header bar that you're on a site with security errors.

- If you press the stop icon in the addressbar whilst the certificate error UI is displayed, the pending navigation is cancelled (returning to the previous committed navigation), but the certificate error UI is not removed. There is a CertificateError.cancelled signal for this purpose - I'm not sure if you're using it or not