Description of problem:
When using the latest Firefox 88 on Fedora workspace 33 and 34 it automatically provides some default bookmarks like "Fedora Docs", "Fedora Magazine", ... and "Free Content". The free content folder contains a link "Open Clip Art" which links to https://www.openclipart.org/
When open this page Firefox shows an "Warning: Potential Security Risk Ahead" because the SSL certificate is only valid for https://openclipart.org/ (without www.) This invalid suffix should be removed in the default bookmarks.
Version-Release number of selected component (if applicable):
(This may affect also older versions.)
Steps to Reproduce:
1. Restore the default bookmarks. For example by resetting all Firefox settings (DANGEROUS!! Do this only if you use Firefox only for testing: rm -rf ~/.cache/mozilla/firefox ~/.mozilla/firefox)
2. Open Firefox
3. Open the bookmark "Free Content" -> "Open Clip Art"
Opens https://www.openclipart.org/ with "Warning: Potential Security Risk Ahead"
Opens https://openclipart.org/ without a warning.
I found that this invalid URL is part of the file /usr/lib64/firefox/browser/omni.ja. Unfortunately, I could not find which repository is responsible for this values so that I can provide a patch. If you guide me with some more infos I could try to provide a patch. If you just want to fix this yourself because this is much quicker, I'm also fine with this. :)
Hi, it's stored at 'fedora-bookmarks' package, there's only one html file with bookmarks. Don't forget to update timestamp.
Thanks Martin for the quick response and hint how to fix this.
(I was unable to push directly to a repo fork on https://src.fedoraproject.org/, but I could create a PR with a remote git repo.)
Here is a PR to fix this URL in the default-bookmarks.html: https://src.fedoraproject.org/rpms/fedora-bookmarks/pull-request/6
I hope this helps. I don't updated the changelog in fedora-bookmarks.spec. Let me know if I should update this file as well.