Closed
Bug 180962
Opened 22 years ago
Closed 19 years ago
insecure form submission warning pops up twice (in the first tab)
Categories
(Firefox :: General, defect)
Firefox
General
Tracking
()
RESOLVED
FIXED
People
(Reporter: delphys_moz, Assigned: mconnor)
References
()
Details
(Keywords: regression, relnote)
Attachments
(1 file, 1 obsolete file)
1.26 KB,
patch
|
asa
:
approval-aviary1.1a1+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2b) Gecko/20021031 Phoenix/0.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3a) Gecko/20021108 Phoenix/0.4 Enter text in Google's main page INPUT TEXT box (http://www.google.com). In nightly (Win/binary) builds up to 20021031 hitting enter once got a single pop-up warning box. With builds 20021108,11,14 the pop-up warning occurs twice (i.e. ENTER must be hit 3 times in total to submit form.) - note I unfortunately don't have any of the builds between 10/31 and 11/08 to test (can do if someone can point me at them.) Reproducible: Always Steps to Reproduce: 1. Phoenix under XP ; surf to http://www.google.com 2. enter search term - e.g. phoenix 3. hit <ENTER> key 4. pop-up form submission warning - hit <ENTER> key - in 20021031 build, done. 5. in 200211nn builds get another popup warning (duplicate) 6. hit <ENTER> again, done. Actual Results: depending upon whether Phoenix version was 20021031 build or 20021108 and later ones gets either normal (single) pop-up form submission warning or duplicated warning (respectively.) Expected Results: Expected a single warning pop-up.
Reporter | ||
Comment 1•22 years ago
|
||
(delphys / 2002-11-19) bug report UPDATE - neglected to mention the following a) either MOUSE click or hitting <ENTER> key gets same (duplicate popup) behavior b) in all test cases the default unzipping of the Windows nightly build was used
Summary: repeated "ENTER" required for FORM Submit; single worked in 20021031 build; broken in 20021108/20021111/20021114 → repeated mouse click or "ENTER" key required for FORM Submit; single worked in 20021031 build; broken in 20021108/20021111/20021114
Comment 2•22 years ago
|
||
cleaning up summary. not a conformation.summaries should contain the kinds of information necessary for locating the bug with queries or within a buglist. builds affected or not affected belong as part of the description and not the summary. Was "repeated mouse click or "ENTER" key required for FORM Submit; single worked in 20021031 build; broken in 20021108/20021111/20021114"
Summary: repeated mouse click or "ENTER" key required for FORM Submit; single worked in 20021031 build; broken in 20021108/20021111/20021114 → form submission warning pops up multiple times
Comment 3•22 years ago
|
||
*** Bug 181528 has been marked as a duplicate of this bug. ***
Comment 4•22 years ago
|
||
*** Bug 183123 has been marked as a duplicate of this bug. ***
I can confirm this behavior on W98, build 20021204. I imagine this is caused by Satchel, as this bug only shows itself in the first tab; and Satchel only works in the first tab (bug 177797).
Comment 6•22 years ago
|
||
still there, phoenix 0.5 (20021207). can confirm comment 5 that it only occurs in the first tab. (btw, is it strange to anyone else that i get 10 votes for the main browser, 5 for chimera, and 100 for phoenix?)
Does this problem still exist? I just tested it using Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.3b) Gecko/20030204 Phoenix/0.5 and it seems to work - at least when I try the provided steps in a new browser-window (with no tabs) - or do I have to use tabbed browsing to reproduce the problem? Of course I need to uncheck the checkbox "Alert me whenever..." to get rid off the warning.
FYI, this bug is apparantly not related to bug 177797. I still see it on W98 with Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.3b) Gecko/20030224 Phoenix/0.5
This has nothing to do with either satchel or tabs (directly). The browser ctor attempts to initialize session history, global history, and the security UI (form submit warnings, etc). In Mozilla, apparantly none of these happen in the initial browser ctor, so they are (also) initialized in the navigator.js Startup() function. In Px, all three are also initialized in the browser.js Startup(), but the security UI turns out to have been initialized via the browser ctor already. Therefore, the security UI is initialized twice in the first browser instance, and you get 2 security dialogs. I disabled the init in the Startup() function and things seem to work. Tested in first tab, second tab, and a second window: 1) form submit appears once when submitting a form unencrypted 2) lock icon correctly appears and disappears when switching between secure and unsecure tabs 3) lock icon correctly appears and disappears when going to/from a secure site in a tab
Attachment #117837 -
Flags: review?(blaker)
Comment 10•21 years ago
|
||
*** Bug 200452 has been marked as a duplicate of this bug. ***
Comment 11•21 years ago
|
||
was the fix for this checked in? it seems to be working now, 20030504.
Comment 12•21 years ago
|
||
WFM now. Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4b) Gecko/20030511 Mozilla Firebird/0.6 It doesn't appear that my patch was checked in. I guess a trunk checkin inadvertently fixed this bug also.
Comment 13•21 years ago
|
||
Consensus seems to be WFM. Blake, close?
Comment 14•21 years ago
|
||
-> WFM
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → WORKSFORME
Attachment #117837 -
Flags: review?(blake)
Comment 15•20 years ago
|
||
IsoLnCHiP and I can both reproduce. Reopening.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
Comment 16•20 years ago
|
||
*** Bug 260674 has been marked as a duplicate of this bug. ***
Comment 17•20 years ago
|
||
Steps to reproduce: 1. In about:config, set security.warn_submit_insecure to true and security.warn_submit_insecure.show_once to true. This is the default configuration. 2. In the first tab of a browser window, submit Google search form. 3. When you get the first dialog, check the checkbox and click "Continue". Result: Another (identical) dialog appear. Double dialogs continue to appear whenever you submit insecure forms in the first tab of any window.
Summary: form submission warning pops up multiple times → insecure form submission warning pops up twice (in the first tab)
Comment 18•20 years ago
|
||
This problem only occurs on the 1.0 Branch, not reproducible with 2004-11-03 mac trunk build -- on the trunk the dialogue has no checkbox at all, and it shows only the first time a form is encountered, and then disappears forever on any subsequent forms. Regression -- the problem is not reproducible with Firefox 0.9. Reproducible with 0.10.1, 1.0rc1, 1.0rc2. Bug is reproducible not only on Windows, but on Mac OS X too (tested with Firefox 0.10.1, 1.0rc2). This bug poses the user to either choose super annoying security (two messages instead of one) or be insecure (no messages at all). It should definitely be fixed for 1.0.
Flags: blocking-aviary1.0?
Keywords: regression
OS: Windows XP → All
Hardware: PC → All
Version: unspecified → 1.0 Branch
Comment 19•20 years ago
|
||
Ben, can you take a look at this and see if it's anything obvious? Seems kinda ugly.
Assignee: firefox → bugs
Status: REOPENED → NEW
Comment 20•20 years ago
|
||
Not going to block but we'd consider an ultralowrisk fix.
Flags: blocking-aviary1.0? → blocking-aviary1.0-
Keywords: relnote
Comment 21•20 years ago
|
||
This patch does fix the bug. The real fix shouldn't leave these lines commented out, just remove them.
Assignee: bugs → dveditz
Comment 22•20 years ago
|
||
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 Still had this bug on updating form 1.0PR . However applying the attached patch just now finally fixed the issue, so far no negative aspects to applying it.
Comment 23•20 years ago
|
||
I see the same effect (any "insecure submission" pop-up appears twice instead of once) in the official Firefox 1.0 release. The last Mozilla (1.7.3) does not show that effect. Both running on Windows/XP SP2 (and other fixes, just in case it would matter). I'm surprised that there isn't a fix already.
Comment 24•20 years ago
|
||
The bug of the first tab can be reproduced on the recent Firefox nightly trunk build too. (Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a6) Gecko/20050105 Firefox/1.0+)
Comment 25•20 years ago
|
||
(In reply to comment #23) > I see the same effect (any "insecure submission" pop-up appears twice instead of > once) in the official Firefox 1.0 release. The last Mozilla (1.7.3) does not > show that effect. Both running on Windows/XP SP2 (and other fixes, just in case > it would matter). I'm surprised that there isn't a fix already. As a matter of fact, there is a fix (its attached to this bug report). It just never gets integrated into the main builds, I really dont understand why. I personally considder this bug to be a major pain in the behind, as I like haveing the confirmation (often enough I've noticed something just after submitting and been glad I could just say cancel and correct the error) I have manually applyed the fix now allready on at least two computers, and it works fine, however its annoying to do (lots of possibiltys to make a mistake). Having this bug around has kept me from updating like more than a dozen computer from 0.9 to 1.0. Shows you I dont considder it a minor bug ;-)
Comment 26•20 years ago
|
||
Let's get this bugfix integrated into the main source and released. This is an ugly problem that detracts from the user experience and diminishes Firefox's reputation as a credible contender.
Updated•20 years ago
|
Flags: blocking-aviary1.1?
Comment 27•20 years ago
|
||
I can't reproduce this anymore in 1.0 or the trunk... what am I doing wrong?
Comment 28•20 years ago
|
||
Go to www.applerockies.com, select University of Colorado - Colorado Springs, choose Individual Purchases. Click the green "I Accept" button on the shopping agreement and notice the two "Security Warning" popups. Sorry for the crazy details, but it's where I noticed this bug!
Comment 29•20 years ago
|
||
This is actually critical, imo, per comments in bug 282784...
Severity: minor → critical
Version: 1.0 Branch → Trunk
Updated•20 years ago
|
Flags: blocking-aviary1.1? → blocking-aviary1.1+
Comment 30•19 years ago
|
||
So... I'd really like to get the bug this is blocking in for 1.8b2 (since it's an api change). Any chance of getting this bug fixed by then?
Assignee | ||
Comment 31•19 years ago
|
||
discussed this with bz, the fix for bug 138012 should have rendered this completely unneccessary. Requesting a= for 1.1a so we can take the API change in bug 282784 as well. If we get reports of bustage because the browser.xml ctor fails (extremely doubtful at this juncture) we can add a conditional re-init here before final, but we don't expect that will ever be necessary.
Assignee: dveditz → mconnor
Attachment #117837 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #180452 -
Flags: approval-aviary1.1a?
Comment 32•19 years ago
|
||
Comment on attachment 180452 [details] [diff] [review] patch to remove the re-init in browser.js a=asa
Attachment #180452 -
Flags: approval-aviary1.1a? → approval-aviary1.1a+
Assignee | ||
Comment 33•19 years ago
|
||
checked in.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago → 19 years ago
Resolution: --- → FIXED
Comment 34•19 years ago
|
||
*** Bug 294308 has been marked as a duplicate of this bug. ***
Comment 35•19 years ago
|
||
*** Bug 300167 has been marked as a duplicate of this bug. ***
You need to log in
before you can comment on or make changes to this bug.
Description
•