472703 – SSLUI presents Server Authentication dialog (sslui.cpp) with no ability to permanently block?

Bug 472703 - SSLUI presents Server Authentication dialog (sslui.cpp) with no ability to permanently block?

Summary: SSLUI presents Server Authentication dialog (sslui.cpp) with no ability to pe...

Status:	REPORTED

Alias:	None

Product:	frameworks-kio
Classification:	Frameworks and Libraries
Component:	general (show other bugs)
Version:	git master
Platform:	Other Linux

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	KIO Bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-07-27 15:02 UTC by boeroboy
Modified:	2023-09-18 17:18 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description boeroboy 2023-07-27 15:02:36 UTC

SUMMARY

I notice a few apps that occasionally check dodgy trackers or services with untrusted certs. These apps continuously pop up the SSLUI dialog saying a server failed authenticity check with the checkbox "do not ask again" which only has any effect when you hit "Continue" as opposed to traditional Yes/No buttons. I see in sslui.cpp#L48 a comment
```// ### We don't ask to permanently reject the certificate``` which is unfortunate as the dialog will just keep popping up. I would love the option to permanently cancel access to any bad certs from this dialog. Is it up to the apps to do this instead? I would love to see "yes/no/don't show again" buttons here and a ban list function if required.

https://github.com/KDE/kio/blob/b685528a6efb5150c379e9353d074c9488038af0/src/widgets/sslui.cpp#L48

Thoughts?

Comment 1 boeroboy 2023-09-18 17:18:38 UTC

I know the GH isn't monitored for PRs but this is my simple 3 line fix using an env var to always ignore unverified sites and skip the annoying dialog.
https://github.com/KDE/kio/pull/4