[qutebrowser] certificate errors
Florian Bruhin
me at the-compiler.org
Sun Apr 15 10:07:40 CEST 2018
On Sat, Apr 14, 2018 at 03:32:06PM -0400, Jay Kamat wrote:
> Hi Stephen!
>
> "Stephen Davies (sdavies)" <sdavies at umw.edu> writes:
>
> > Is there a way to disable these?
>
> I think you can do this with :set content.ssl_strict false
Or set it to "true" instead and see how that goes, where it silently
drops those connections.
> > Perhaps you'll tell me that it's dangerous and evil to do so. That's as
> > may be, but I do know that these are sites I check periodically, recognize the
> > content on, and have strong reason to believe are not compromised in any way.
> > Further, other browsers never complain about them.
>
> Yes, this is probably a very bad idea, since you wouldn't know if you're
> being MITM'd. I'm not sure why there are more SSL warnings in
> qutebrowser than in normal ones (I see them too). I think this might be
> qutebrowser using system certs rather than the built-in ones (but I'm
> not sure if that's the case).
Likely because other browsers only allow you to bypass it if it's a
toplevel navigation, while qutebrowser also asks for resources which are
loaded from a page with invalid certificate.
Related issue: https://github.com/qutebrowser/qutebrowser/issues/3418
Florian
--
https://www.qutebrowser.org | me at the-compiler.org (Mail/XMPP)
GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc
I love long mails! | https://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://listi.jpberlin.de/pipermail/qutebrowser/attachments/20180415/f104b740/attachment.asc>
More information about the qutebrowser
mailing list