Update for "Improving the cert-error pages for Firefox" [Outreachy project, 2018]

Trisha Gupta tgupta at mozilla.com
Tue Aug 14 12:11:02 UTC 2018


Hello all,

I am Trisha Gupta (:trisha), an Outreachy intern for the summer cohort. I
have been working on improving the certificate error pages for Firefox
along with my mentor, Johann Hofmann (:johannh).

I am extremely pleased to inform you that we have enabled the new
cert-error pages by default in Nightly, and we plan to let them ride the
trains with Firefox 64.

Project meta bug: <https://bugzilla.mozilla.org/show_bug.cgi?id=1458007>
https://bugzilla.mozilla.org/show_bug.cgi?id=1463693

The project aimed at: changing the design and copy of the certificate error
pages. We also added a clock skew error page for when we are 100% sure
about there being a system clock error.

We also had some button behavior changes. For instance, changing the
behavior of the “Add exception” button where earlier, a dialog opened up
and then could the user add exception. Whereas now, by simply clicking on
“Accept the Risk and Add Exception” the user can add an exception to the
site.

To revert to the old certificate error experience, you can flip the
“browser.security.newcerterrorpage.enabled” pref to false, for now. We plan
to remove this pref eventually.

We hope that the new pages are more informative about the error and will
enable the user to make an informed browsing choice for an unsafe URL.

The project tasks were as follows:

   -

   Fork and pref-off the new cert-error pages: 1463748
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1463748>
   -

   Updating the design of the certificate error pages: 1463755
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1463755>
   -

   Changing the copy of the certificate error pages: 1463759
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1463759>
   -

   Implementing a new clock skew error page: 1476509
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1476509>
   -

   Change the “Add Exception” button behavior: 1474820
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1474820>
   -

   Update the “Advanced…” button: 1477313
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1477313>
   -

   Enable the new cert-error pages by default in Nightly: 1477310
   <https://bugzilla.mozilla.org/show_bug.cgi?id=1477310>


We also had some meetings where we have planned to add telemetry for these
error pages. This will give us a better idea about how our changes affected
the users’ choice to choose safer options. For instance, the clock skew
error page is a new page and we would love to see telemetry responses for
that!

Today’s officially the last day of my Outreachy internship, and I would
like to take this opportunity to thank my mentor, everyone else involved
with the project, and the Mozilla community for being extremely helpful. I
learnt a lot from this internship and I hope to stick around with Mozilla
in future!

Thanks,

Trisha Gupta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/firefox-dev/attachments/20180814/86eae09a/attachment.html>


More information about the firefox-dev mailing list