https://bugs.kde.org/show_bug.cgi?id=420902
--- Comment #6 from TW3 <white.tw...@gmail.com> --- (In reply to Florian Bruhin from comment #5) > TW3: No, because there's no way to ask "does the current page... Exceptions are granted upon the domain not the page. It's a simple choice between maintaining a temporary or permanent, per-domain list of exceptions once a user chooses to ignore the cert error. The QWebEnginePage::certificateError signal could be used to double check the error type before the exception is created. It may simply be OK to put an exception list check behind a bool which becomes true the very first time the very first exception is granted or always if there is a permanent list. Encouraging users to just grant cert exceptions for sites actually defeats the purpose of ssl and should be very heavily discouraged. Thus there should be no issues with incurring a small performance penalty for doing so IMO. Using a valid cert for https is very important. Various reasons for doing so exist and Google explain it quite well here: https://support.google.com/webmasters/answer/6073543?hl=en Another way to solve the issue mentioned here is to prevent all exceptions. I'm not advocating to do that but the issue should be dealt with, with absolutely minimal work. Spending time supporting http without encryption is fairy counter intuitive at this point in time. Thanks. -- You are receiving this mail because: You are watching all bug changes.
