Closed Bug 87182 Opened 23 years ago Closed 23 years ago

Browser doesn't recognize site as secure this case

Categories

(Core Graveyard :: Security: UI, defect, P1)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
psm2.0

People

(Reporter: scalkins, Assigned: ddrinan0264)

References

(
URL
)

Details

(Whiteboard: need sr=, need a=)

Attachments

(1 file)

Patch. Javi, please review.
858 bytes, patch
Details | Diff | Splinter Review 
Saw this all platforms:
Win32 2001-06-21-06 trunk
Linux 2001-06-20-21 trunk
Mac 2001-06-21-08 trunk

Stesp to repro:
1)Launch browser
2)Go to http://www.etrade.com
3)Click on "Banking" tab on web page
4)Click on the yellow "Log On" button at upper left of resulting Page for
banking tab.

Actual results: The lock icon at the lower right orf the browser stays unlocked,
implying an insecure connection. Note however that the URL bar shows the
https:// in the front indicating a secure site. I am afraid to submit a password
here for this reason, so this is dogfood for this use for me!
The console seems to think it's not a secure site either, as it references the
URLs as follows using steps in test case:

Document http://www.etrade.com/ loaded successfully
Document http://www.etrade.com/cgi-bin/gx.cgi/Applogic+TBHome loaded successfull
y
Document http://www.etradebank.com/logon.cfm loaded successfully

Note that the URL bar in the browser itself shows the URL
https://trading.etrade.com/cgi-bin/gx.cgi/applogic+tbbanktobrkg?appname=loginpage
for step #4 of the test case.

Expected results: The lock icon at the lower right of the browser engages and
turns yellow to indicate a secure site
Nominating nsbranch.I am afraid to do online banking at this site with NS 6 till
this is fixed.

Another Note: If I go to www.etrade.com and then click directly on the Log ON
icon before going to the Banking tab, it looks like it's seen as secure (Yellow
locked lock on browser, and correct https url seen in console as well as browser)
Keywords: nsBranch, nsdogfood
->Crypto. Lock icon problems again?
Assignee: mstoltz → ddrinan
Component: Security: General → Security: Crypto
QA Contact: ckritzer → junruh
PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.0
Possibly a dup of bug 82437

Setting Target to 2.0.
Priority: -- → P1
Target Milestone: --- → 2.0
The problem is a http redirect to https. The PSM lock icon state machine is 
getting confused. I'll post a patch soon.

    
    

    
  
r=javi

    
  
Whiteboard: need sr=, need a=

    
    

    
  
Adding blizzard to cc-list.

Chris,

Please super-review. Also, this fix should be considered for the 0.9.2 branch 
since it fixes up a bunch of lock icon failures.

    
    

    
  
Steve, need approval for 0.9.2

    
    

    
  
sr=hyatt.

    
    

    
  
a= asa@mozilla.org for checkin to 0.9.2 branch.
(on behalf of drivers)

    
    

    
  
Checked onto trunk and branch. Marking FIXED.

    
    

    
  
-> FIXED.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED

    
    

    
  
Verified.
Status: RESOLVED → VERIFIED

    
  
Product: PSM → Core

    
  
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: