Closed
Bug 195161
Opened 21 years ago
Closed 21 years ago
Security warning and corresponding preferences appear to be incorrect/contradictory
Categories
(Camino Graveyard :: General, defect)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: welch, Assigned: saari)
Details
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.0.1) Gecko/20030226 Chimera/0.6+ Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.0.1) Gecko/20030226 Chimera/0.6+ When I leave an encrypted page (e.g., logged into my account on www.dyndns.org) for an unencrypted page/site (e.g., www.apple.com), I get an expected "Security Warning" but the message in the dialog box (sheet) is not quite right. It says "You have requested an encrypted page that contains some unencrypted information." which is not true. I am leaving an encrypted page and entering unencrypted site, but there is no mixed encryption. Similarly the checkbox text on that same dialog box/sheet says "Alert me whenever I'm about to view an encrypted page that contains some unencrypted information." This is inappropriate because (again) I am not going to a mixed page, simply transitioning from encrypted to unencrypted. On a related not, the Security tab of the Preferences has an option to show a warning before "Leaving a page that supports encryption." I have this UNchecked and still get the above warning. If instead I uncheck the "Viewing a page with a mix of ...." I no longer get the warning. In summary, I think the mixed encryption dialogs and preferences are confused with the leaving-encrypted dialogs and preferences. Mozilla (2003021217) appears to include appropriate dialogs. It says you are leaving an encrypted site and warns you, and gives the option to disable the proper preference. Reproducible: Always Steps to Reproduce: 1. Make sure the "Viewing a page with a mix of ..." option is CHECKED in the Security pane of the Preferences. 2. Visit a secure site, e.g. log into (some account on) www.dyndns.org. 3. Enter the URL (or use a bookmark) http://www.apple.com. 4. You should see the Security Warning dialog/sheet. Actual Results: I dismiss the (inappropriate) dialog and go on my merry way. Expected Results: The dialog and preferences should talk about LEAVING an encrypted site for an unencrypted one, NOT entering a site with mixed encryption.
Confirmed using FizzillaMach/2003022103 going from <https://www.paypal.com/> to <http://www.apple.com/>. If the "leaving encrypted page" warning is enabled, that is shown. If that is then disabled and the test repeated, the "encrypted/unencrypted mix" warning is shown, even though it shouldn't be. It doesn't happen using FizzillaMach/2003022103.
Severity: trivial → normal
Status: UNCONFIRMED → NEW
Ever confirmed: true
You need to log in
before you can comment on or make changes to this bug.
Description
•