"We have removed this functionality because we have decided that users are stupid."
-Kyle H 2008/6/24 Kai Engert <[EMAIL PROTECTED]>: > Pawel P wrote: >> >> I want to overwrite default mozilla 1.9 behavior in https flow. >> I want to be informed about certificates (especially bad). >> I'll show my own "certificate dialogs" to user and user will decide >> if accept certificate or not. >> >> In mozilla 1.8 I used nsIBadCertListener interface to do above. >> In mozilla 1.9... there is no such interface. There is >> nsIBadCertListener2, but it exports only one method that inform about >> certificate problem. >> No matter what will happen in this method ssl connection will be broken. >> >> Is there any way to change default https flow in new mozilla? >> > > Hi Pawel, > > what you see is exactly by design. > > We no longer support show-error-and-continue, because experience has shown: > Users will say simply OK to whatever dialog is presented. > > A certificate error will cause the connection to stop. > > The only workaround we offer at the embedding level is the use of > nsICertOverrideService. > > If you really must allow connections to servers with bad certificates, you > should require your users to go through a configuration for that server. You > could look at how this got implemented in Firefox (Add-Exception-Dialog). > > Kai > > > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
