[prev in list] [next in list] [prev in thread] [next in thread]
List: konq-bugs
Subject: [konqueror] [Bug 333364] New: Konqueror allows user to view a site with a revoked TLS certificate
From: Matthew Flaschen <matthew.flaschen () gatech ! edu>
Date: 2014-04-13 3:31:39
Message-ID: bug-333364-5021 () http ! bugs ! kde ! org/
[Download RAW message or body]
https://bugs.kde.org/show_bug.cgi?id=333364
Bug ID: 333364
Summary: Konqueror allows user to view a site with a revoked
TLS certificate
Classification: Unclassified
Product: konqueror
Version: unspecified
Platform: Debian stable
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
Assignee: konq-bugs@kde.org
Reporter: matthew.flaschen@gatech.edu
For example, try https://www.cloudflarechallenge.com/ . This was deliberately
revoked (after the Heartbleed challenge) to test brower behavior
(http://blog.cloudflare.com/certificate-revocation-and-heartbleed).
Firefox correctly blocks the user from visiting the site.
Reproducible: Always
Steps to Reproduce:
1. Visit a site with a revoked TLS certificate.
Actual Results:
It loads normally.
Expected Results:
It does not load, and notifies the user of the security problem.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Konq-bugs mailing list
Konq-bugs@kde.org
https://mail.kde.org/mailman/listinfo/konq-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic