Closed
Bug 87182
Opened 23 years ago
Closed 23 years ago
Browser doesn't recognize site as secure this case
Categories
(Core Graveyard :: Security: UI, defect, P1)
Tracking
(Not tracked)
VERIFIED
FIXED
psm2.0
People
(Reporter: scalkins, Assigned: ddrinan0264)
References
()
Details
(Whiteboard: need sr=, need a=)
Attachments
(1 file)
858 bytes,
patch
|
Details | Diff | Splinter Review |
Saw this all platforms: Win32 2001-06-21-06 trunk Linux 2001-06-20-21 trunk Mac 2001-06-21-08 trunk Stesp to repro: 1)Launch browser 2)Go to http://www.etrade.com 3)Click on "Banking" tab on web page 4)Click on the yellow "Log On" button at upper left of resulting Page for banking tab. Actual results: The lock icon at the lower right orf the browser stays unlocked, implying an insecure connection. Note however that the URL bar shows the https:// in the front indicating a secure site. I am afraid to submit a password here for this reason, so this is dogfood for this use for me! The console seems to think it's not a secure site either, as it references the URLs as follows using steps in test case: Document http://www.etrade.com/ loaded successfully Document http://www.etrade.com/cgi-bin/gx.cgi/Applogic+TBHome loaded successfull y Document http://www.etradebank.com/logon.cfm loaded successfully Note that the URL bar in the browser itself shows the URL https://trading.etrade.com/cgi-bin/gx.cgi/applogic+tbbanktobrkg?appname=loginpage for step #4 of the test case. Expected results: The lock icon at the lower right of the browser engages and turns yellow to indicate a secure site
Nominating nsbranch.I am afraid to do online banking at this site with NS 6 till this is fixed. Another Note: If I go to www.etrade.com and then click directly on the Log ON icon before going to the Banking tab, it looks like it's seen as secure (Yellow locked lock on browser, and correct https url seen in console as well as browser)
Comment 2•23 years ago
|
||
->Crypto. Lock icon problems again?
Assignee: mstoltz → ddrinan
Component: Security: General → Security: Crypto
QA Contact: ckritzer → junruh
Comment 3•23 years ago
|
||
PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.0
Possibly a dup of bug 82437 Setting Target to 2.0.
Priority: -- → P1
Target Milestone: --- → 2.0
Assignee | ||
Comment 5•23 years ago
|
||
The problem is a http redirect to https. The PSM lock icon state machine is getting confused. I'll post a patch soon.
Assignee | ||
Comment 6•23 years ago
|
||
Comment 7•23 years ago
|
||
r=javi
Assignee | ||
Updated•23 years ago
|
Whiteboard: need sr=, need a=
Assignee | ||
Comment 8•23 years ago
|
||
Adding blizzard to cc-list. Chris, Please super-review. Also, this fix should be considered for the 0.9.2 branch since it fixes up a bunch of lock icon failures.
Comment 9•23 years ago
|
||
Steve, need approval for 0.9.2
Comment 10•23 years ago
|
||
sr=hyatt.
Comment 11•23 years ago
|
||
a= asa@mozilla.org for checkin to 0.9.2 branch. (on behalf of drivers)
Assignee | ||
Comment 12•23 years ago
|
||
Checked onto trunk and branch. Marking FIXED.
Assignee | ||
Comment 13•23 years ago
|
||
-> FIXED.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•