Closed Bug 349209 Opened 18 years ago Closed 14 years ago

Secure lock icon shown on pages with insecure content

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Version:
1.8 Branch
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: bugzilla, Assigned: dveditz)

References

(Blocks 1 open bug,
URL
)

Details

Attachments

(3 files)

image
127.88 KB, image/png
Details
image2
82.12 KB, image/png
Details
image3
83.83 KB, image/png
Details 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060818 BonEcho/2.0b2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060818 BonEcho/2.0b2

The secure-site icon is appearing for websites and can be "bypassed" if necessary as well.  If you navigate to the website in my URL field you can login 

Reproducible: Always

Steps to Reproduce:
1. navigate to the website in the URL field
2. login
3. refresh the page, then head to http://webmail.optonline.net again (make sure cookies are enabled "save session" is ticked off when you log into the website)

Actual Results:  
upon refresh/login the site will display a secure logo instead.

Expected Results:  
The secure site icon should be consistent with what is discovered by the browser.  It should not change it's mind after refreshing the mail page itself.  If it is true that the mail-server itself has a secure certificate, then the browser should have loaded the new certificate anyways and the icon should be adopted the new secure appearance.

If someone cannot be found who does not have an account with Optimum Online, I'll be more than happy to provide you with an e-mail address so that it can be tested out.

Thanks to Dave Townsend for helping me write this long winded bug report :-)
Attached image image 

    
    

    
  

      
      
      
      

        Attached image
          
        image2
      

    


  

    
    

    
  
*** Bug 349208 has been marked as a duplicate of this bug. ***

    
    

    
  

      
      
      
      

        Attached image
          
        image3
      

    


  

    
  
Version: Trunk → 1.8 Branch

    
  
Blocks: lockicon
Summary: Secure icon shown on pages with insecure content → Secure lock icon shown on pages with insecure content

    
    

    
  
Is this bug really valid? The location bar looses its yellow background the lock icon present is the broken lock icon, which indicates a broken security state on that site. Isn't that exactly what's supposed to happen?

    
    

    
  
Nevermind, I didn't read the report carefully enough to fully understand what's going on. Sorry for the bugspam.

    
    

    
  
Resolving unconfirmed bugs older than a year with no activity as INCOMPLETE.  Please reopen or file a new bug if you can still reproduce the bug.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → INCOMPLETE

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: