1004234 - Page Rendered incorrectly when W7 returns from DisplayOff on page that forwarded.

Status: UNCONFIRMED

(Core :: General, defect)

Description

[macuc]

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 (Beta/Release)
Build ID: 20140421221237

Steps to reproduce:

Sorry I can not give you a page to look at since it is secured.  But this is what happened...

Setup: Windows 7 (patches up to 4/30/2014), Acer Aspire laptop, FF v29.0, Power settings = Balanced (plugged in, Dim=5min DisplayOff=10min Sleep=1Hr), FF window size at Maximum, 5 other tabs opened.

Steps:
1. Login to password protected web site. (Password page is http, but login form action goes to https page)
2. No activity for more than 15 minutes, but less than 1 hour (Display turns off but PC does not enter sleep mode)
3. Web site runs client-side Javascript that tests for 15 minute session timeout, uses window.location.assign() to send client back to login form on http page when session times out.


Actual results:

When I returned to my laptop and tapped the touchpad to turn the display back on I saw the password protected https page that I had been on before the session timeout and display turning off, and superimposed on top of that was the login form of the http page.


Expected results:

What I should have seen was just the login page with no remnants of the page I had been on before the session timer forwarded me back to the login page.

I am not trying to be an alarmist, but since I'm not sure if this is a security problem, I'm check-marking the 'hide from public' option until someone can review it.  It most likely is not a security issue at all as long as password protection on the display is used.