>
> > When psm receives a request which results in a bad certificate error,
> > it sends a callback through the psm-glue interface. The psm-glue
> > functionality wants to display a window (using the appshell's hidden
> > window as a parent) to permit the user to accept or deny the
> > certificate. Because I am building a background process dll, I had
> > disconnected the hidden window. I'm currently investigating whether
> > it is possible to mimic the behavior of windows InternetOpenUrl with
> > the flag INTERNET_FLAG_NO_UI within necko. Do you know of any
> > preference settings that can assist me in this effort? Otherwise I'll
> > just have to hang out for the SilentDownloader.
Yeah, that hidden window sucks really bad. It really breaks the embedder
like yourself. There is not any flag that you can pass to bypass this
dialog as it is forced on you by PSM. (CC-ing the security newsgroup.)
What I think we need is (a) a way to have PSM not display these dialogs.
Instead the client should receive some kind of callback so that it can
determine if the user should see a dialog. Maybe this is what the psm UI
handler turns into?
(b) We need to be able to pass client context per request which will be
passed back to us in these callback. Right now, you only have one client
context for every connection. There will be no way to pass the requesting
window around so that we can display module dialogs without this prerequest
client context.
I think that both of these are in the works. Javi or David could comment on
the timeframe they are currently looking at.
