User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0 Build ID: 20141013200257 Steps to reproduce: 1.Go to: https://p.fleetonlinesolutions.com/ 2.Login with your creds 3.Verify that the site doesn't render properly (content misformated) Actual results: The site doesn't render properly - the content is misformated. Tables and menus are unusable. Expected results: The site should render properly.
I used the excellent mozregression tool and got this result: 16:36.38 LOG: MainThread Bisector INFO Last good revision: 40a228f74389 (2013-04-05) 16:36.38 LOG: MainThread Bisector INFO First bad revision: 768af8d8fad4 (2013-04-06) 16:36.38 LOG: MainThread Bisector INFO Pushlog: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=40a228f74389&tochange=768af8d8fad4
I found during the bissection that in some versions Firefox would popup this message: "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party. Are you sure you want to continue sending this information?" so I wonder if this is security related. I'm attaching an archive with the html/css/js content.
I got it: https://bugzilla.mozilla.org/show_bug.cgi?id=834836 security.mixed_content.block_active_content was set to true by default -> therefore this web portal stopped working.
I will report this to the website owner. The information on this bug will help other users of the same portal technology.
Created attachment 8537120 [details] Secure Connection Failed error bugday-20141216 : Secure Connection Failed Error occurs for https://p.fleetonlinesolutions.com/ on firefox.
@firstname.lastname@example.org That website has yet another problem which is the ssl version that is considered to be unsafe and no longer accepted by default from Firefox 34 on! So, to even reach the login screen one must set security.tls.version.min -> 0
Component: Untriaged → Security: PSM
Product: Firefox → Core
That site has a huge list of things wrong with it: https://www.ssllabs.com/ssltest/analyze.html?d=p.fleetonlinesolutions.com (one of which is it only uses SSL 3.0, which is not secure)
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Version: 33 Branch → unspecified
Morphing this bug to be specific to https://p.fleetonlinesolutions.com, because so far all comments have been specific to this site. Regardless, the site now supports TLS 1.0 (but still has other issues).
https://www.ssllabs.com/ssltest/analyze.html?d=p.fleetonlinesolutions.com Still a lot of issues. The markup of this page is… interesting. :) SAP Netweaver Portal It's a portal system which has its templates pre-2000 I guess EPCF: Component com.sap.portal.runtime.logon.certlogon, phlpeidpcfdmhelnjkcfbdfgneobpldk /irj/portalapps/com.sap.portal.design.portaldesigndata/themes/portal/FOS_com_goodyear/prtl_std/prtl_std_nn7.css?126.96.36.199.2 The why I was looking at that is we will be able to find contact information AND on our chances to get it fixed. If not we can close it as WONTFIX. At least the domain really belongs to Goodyear. There is an email address for the domain name email@example.com There is a contact form https://corporate.goodyear.com/en-US/about/contact-goodyear-corporate.html for customer assistance. I will switch to contactready feel free to contact them and change the keyword to sitewait when done.
I completed the contact form and provided information about this bug report. I'm not very optimistic that this will get fixed, but it's worth trying.
Assignee: nobody → astevenson
Status: NEW → ASSIGNED
Whiteboard: [contactready] → [sitewait]
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.