Bram de Boer wrote:
Bram de Boer wrote:
The page I was having trouble with is https://nosur.com [...]
Georg Koppen wrote:
I *cannot* connect to the site at the moment despite switching the pref as you did.
Thanks for trying. And can you access the website with TBB 3.6.5? If so, that confirms the behaviour I have been seeing.
I have found one difference between 3.6.5 and 3.6.6 that still consistently occurs; perhaps by-design?
- Preferences > Privacy > Use custom settings for history
- Untick "Always use private browsing mode". TB will now restart
- Visit website with self-signed certificate
- Tick "Permanently store this exception"
- Clicking [Confirm Security Exception] won't have any effect. The
button animates the click but nothing happens?!
This occurs with both https://www.patternsinthevoid.net and https://nosur.com. I have successfully used the flow described above with all previous TBB versions. Afterwards I immediately re-enable the "Always use private browsing mode" option and then have the permanent exception for the website.
Was this behaviour changed by design? If so, it might be user-friendlier to just disable the checkbox, rather than having a non-functional button.
That is part of the patch behind the "security.nocertdb" preference. I.e. if you set it to "false" your workaround is still supposed to work. That said it might be smarter to bind that preference to the private browsing mode (as the "Permanently store this exception"-checkbox already is) than messing with the checkbox itself. Do you mind opening a ticket at https://trac.torproject.org?
What is the recommended way to add a permanent exception (if at all, because that would obviously make the user uniquely fingerprintable).
There is no recommended way :) but as I said above switching "security.nocertdb" to "false" should help.
Georg