I agree on this. Overriding any security features whether its in FF or thunderbird is a very bad idea and it will only hurt the user in the long run.
Scott /"Those who cannot remember the past are condemned to repeat it."/ - George Santa Get Firefox 2! <http://www.spreadfirefox.com/?q=affiliates&id=69856&t=1> Boycott China Olympics <http://www.boycott-china-2008.info/> Konstantin Svist wrote: > I should hope that since this deals with website security, this > mechanism should not be easily overridden. > If you begin intercepting these requests with your extension, you would > be potentially opening a gaping hole in the browser's security. > > Just my $0.02 > > > Preet Shihn wrote: > >> I am not the owner of the website with that certificate. >> I am developing a xulrunner based application which has a browser >> component to it. The user could potentially visit any website with a >> certificate. >> >> I was hoping I could somehow intercept that request to feed back a >> default result. e.g for prompts, I have implemented a prompt service >> that I register with Mozilla service manager. This way whenever a prompt >> or alert or http credentials dialog needs to appear, my prompt service >> is notified, and I can deal with it however I want. Similarly, I would >> like more control over the certificate dialog. >> >> >> >> On 3/26/07, *Konstantin Svist* <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> wrote: >> >> The browser only asks this if the certificate is not authenticated by a >> known CA (Certificate Authority) >> >> You need to purchase an SSL certificate from a CA - then the browser >> will not pop up a dialog and will open the page right away. >> >> The message does not convey too well to the user that the certificate in >> question has a problem - either it was self-issued (which, incidentally, >> is perfectly okay for internal use, e.g. connecting to a computer on >> your own network) or has already expired. >> >> >> I bought a certificate from godaddy last year - it was pretty cheap >> (about $20/year) >> >> >> >> Hope this helps >> >> >> Preet Shihn wrote: >> > So, when I visit a https web site with a certificate, it asks for >> "do >> > you want to accept certificate" or "do you want to accept certificate >> > permanently", something along those lines.... >> > Is there a way to hook up into a mozilla service so that instead of >> > popping that dialog, it automatically accepts the certificate? >> > >> > Maybe I would have to implement some sort service provider that is >> > called to handle these dialogs, and I return back a value indicating >> > "accept this certificate". >> > >> > Somehow, I have a feeling it would be much more complicated. >> > >> > Any ideas/infor related to this would be appreciated. >> > >> > Merci ! >> > Preet >> > >> > >> > >> ------------------------------------------------------------------------ >> > >> > _______________________________________________ >> > Project_owners mailing list >> > [email protected] <mailto:[email protected]> >> > http://mozdev.org/mailman/listinfo/project_owners >> _______________________________________________ >> Project_owners mailing list >> [email protected] <mailto:[email protected]> >> http://mozdev.org/mailman/listinfo/project_owners >> >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Project_owners mailing list >> [email protected] >> http://mozdev.org/mailman/listinfo/project_owners >> > _______________________________________________ > Project_owners mailing list > [email protected] > http://mozdev.org/mailman/listinfo/project_owners > > _______________________________________________ Project_owners mailing list [email protected] http://mozdev.org/mailman/listinfo/project_owners
