Bug 472703

Summary: SSLUI presents Server Authentication dialog (sslui.cpp) with no ability to permanently block?
Product: [Frameworks and Libraries] frameworks-kio Reporter: boeroboy <boeroboy>
Component: generalAssignee: KIO Bugs <kio-bugs-null>
Status: REPORTED ---    
Severity: wishlist CC: kdelibs-bugs-null
Priority: NOR    
Version First Reported In: git master   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description boeroboy 2023-07-27 15:02:36 UTC 
SUMMARY

I notice a few apps that occasionally check dodgy trackers or services with untrusted certs. These apps continuously pop up the SSLUI dialog saying a server failed authenticity check with the checkbox "do not ask again" which only has any effect when you hit "Continue" as opposed to traditional Yes/No buttons. I see in sslui.cpp#L48 a comment
```// ### We don't ask to permanently reject the certificate``` which is unfortunate as the dialog will just keep popping up. I would love the option to permanently cancel access to any bad certs from this dialog. Is it up to the apps to do this instead? I would love to see "yes/no/don't show again" buttons here and a ban list function if required.

https://github.com/KDE/kio/blob/b685528a6efb5150c379e9353d074c9488038af0/src/widgets/sslui.cpp#L48

Thoughts?
Comment 1 boeroboy 2023-09-18 17:18:38 UTC 
I know the GH isn't monitored for PRs but this is my simple 3 line fix using an env var to always ignore unverified sites and skip the annoying dialog.
https://github.com/KDE/kio/pull/4