Description of problem: When using the latest Firefox 88 on Fedora workspace 33 and 34 it automatically provides some default bookmarks like "Fedora Docs", "Fedora Magazine", ... and "Free Content". The free content folder contains a link "Open Clip Art" which links to https://www.openclipart.org/ When open this page Firefox shows an "Warning: Potential Security Risk Ahead" because the SSL certificate is only valid for https://openclipart.org/ (without www.) This invalid suffix should be removed in the default bookmarks. Version-Release number of selected component (if applicable): firefox.x86_64 88.0-5.fc34 firefox-pkcs11-loader.x86_64 3.13.6-5.fc34 firefox-testresults.x86_64 88.0-5.fc34 firefox-wayland.x86_64 88.0-5.fc34 firefox-x11.x86_64 88.0-5.fc34 (This may affect also older versions.) How reproducible: Always Steps to Reproduce: 1. Restore the default bookmarks. For example by resetting all Firefox settings (DANGEROUS!! Do this only if you use Firefox only for testing: rm -rf ~/.cache/mozilla/firefox ~/.mozilla/firefox) 2. Open Firefox 3. Open the bookmark "Free Content" -> "Open Clip Art" Actual results: Opens https://www.openclipart.org/ with "Warning: Potential Security Risk Ahead" Expected results: Opens https://openclipart.org/ without a warning. Additional info: None
I found that this invalid URL is part of the file /usr/lib64/firefox/browser/omni.ja. Unfortunately, I could not find which repository is responsible for this values so that I can provide a patch. If you guide me with some more infos I could try to provide a patch. If you just want to fix this yourself because this is much quicker, I'm also fine with this. :)
Hi, it's stored at 'fedora-bookmarks' package, there's only one html file with bookmarks. Don't forget to update timestamp.
Thanks Martin for the quick response and hint how to fix this. (I was unable to push directly to a repo fork on https://src.fedoraproject.org/, but I could create a PR with a remote git repo.) Here is a PR to fix this URL in the default-bookmarks.html: https://src.fedoraproject.org/rpms/fedora-bookmarks/pull-request/6 I hope this helps. I don't updated the changelog in fedora-bookmarks.spec. Let me know if I should update this file as well.
Hi Martin, did you see any option to get this merged via https://src.fedoraproject.org/rpms/fedora-bookmarks/pull-request/6 ? You can cherry-pick this commit also from GitHub: https://github.com/jerolimov/fedora-bookmarks/tree/bz-1956215
FEDORA-2021-fbf5408b20 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-fbf5408b20
FEDORA-2021-fbf5408b20 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-fbf5408b20` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-fbf5408b20 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-fbf5408b20 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.