Bug 1746383 Comment 10 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

Original comment by
on 
I can reproduce the original issue. I think we should set the UrlBar property `pageproxystate`=`invalid` until we have the correct identity  state to show. Setting this state hides the identity icons and only shows the search icon.

From debugging I can see that we're getting 3 `onLocationChange` callbacks with different security states. The padlock state is derived from the security stated exposed via `gBrowser.securityUI.state`. Both the UrlBar state and the site identity state are updated on `onLocationChange` callbacks.

1. uri: `about:blank`, isSecure: `false`. The initial tab switch. This is an artifical `onLocationChange` callback invoked by the tabbrowser itself.
2. uri: `https://example.com`, isSecure: `false`. Called right when the load begins. The state flag is insecure, but the pageproxystate is valid, so we show the broken padlock.
(...) page loads
3. uri: `https://example.com`, isSecure: `true`. Called when page content is painted. The state flag is now correct, it shows secure. The broken padlock changes to a regular padlock.

I'm not sure why we get an additional `onLocationChange` callback here. This does not happen when loading tabs manually.
Revision 1 by
on 
I can reproduce the original issue. I think we should set the UrlBar property `pageproxystate`=`invalid` until we have the correct identity  state to show. Setting this state hides the identity icons and only shows the search icon.

From debugging I can see that we're getting 3 `onLocationChange` callbacks with different security states. The padlock state is derived from the security stated exposed via `gBrowser.securityUI.state`. Both the UrlBar state and the site identity state are updated on `onLocationChange` callbacks.

1. uri: `about:blank`, isSecure: `false`. The initial tab switch. This is an artifical `onLocationChange` callback invoked by the tabbrowser itself.
2. uri: `https://example.com`, isSecure: `false`. Called right when the load begins. The state flag is insecure, but the pageproxystate is valid, so we show the broken padlock.

(...) page loads

3. uri: `https://example.com`, isSecure: `true`. Called when page content is painted. The state flag is now correct, it shows secure. The broken padlock changes to a regular padlock.

I'm not sure why we get an additional `onLocationChange` callback here. This does not happen when loading tabs manually.

Back to Bug 1746383 Comment 10