[userstory] CC: Warning for password on non-secure connection for developers

RESOLVED FIXED

Status

()

Firefox
General
RESOLVED FIXED
2 years ago
a year ago

People

(Reporter: MarcoM, Unassigned)

Tracking

Trunk
Points:
---
Dependency tree / graph
Bug Flags:
firefox-backlog +

Firefox Tracking Flags

(firefox42 affected)

Details

(Whiteboard: [fxprivacy] [userstory])

User Story

Summary:
* As a user, I expect Firefox to warn me before submitting my password when the browser knows my connection isn’t secure, because I don’t want my account to be hacked.

Acceptance Criteria: 
* The Control Center security I.D. block displays the crossed-out lock icon alongside the existing text that says “This Connection is Not Secure”
* Main panel reads: “Your login could be compromised.”
* Subpanel reads: “This website’s connection is not secure and your login could be compromised. Firefox does not recommend entering your password on (SITE NAME).”
* Text is styled according to design mockup.

Attachments

(1 attachment)

(Reporter)

Description

2 years ago
Created attachment 8639531 [details]
Warning for password on non-secure connection.jpg
Flags: firefox-backlog+
Depends on: 748193
This looks like a duplicate of bug 1179961.
This is just a user story bug to track work. No work will be done in this bug.
Depends on: 1179961

Updated

2 years ago
Depends on: 1193336

Updated

2 years ago
Depends on: 1193338

Updated

2 years ago
Depends on: 1193339

Updated

2 years ago
Depends on: 1193341

Updated

2 years ago
Depends on: 1193343

Updated

2 years ago
Depends on: 1193344
(Reporter)

Updated

2 years ago
Depends on: 1204486
(In reply to Marco Mucci [:MarcoM] from comment #0)
> Created attachment 8639531 [details]
> Warning for password on non-secure connection.jpg
Is this enabled in current Nightly?

Updated

2 years ago
Keywords: dev-doc-needed, user-doc-needed
(In reply to Paul Silaghi, QA [:pauly] from comment #3)
> Is this enabled in current Nightly?

Yes. Some new outlets are already covering this and people are tweeting.

Posted the site compatibility document for Web developers: https://www.fxsitecompat.com/en-US/docs/2015/non-https-sites-containing-login-form-will-be-marked-insecure/
> Some new outlets are already covering this and people are tweeting.

s/new/media/
Moving the keywords over Bug 1179961.
Keywords: dev-doc-needed, user-doc-needed
(Reporter)

Updated

2 years ago
Depends on: 1212520
Tanvi, you mentioned that there is a bug that holds this on Nightly - which bug is that? I'd like to make sure we don't ship this on Fennec if it's not ready - I didn't realize that this feature had a Nightly flag on it, oops.

Also, I've noticed that there are a lot of websites where there isn't even a password in the "View source" that trigger this - this is very true of any webcomics that have a Disqus login (which pops up a separate https window for logging in).

e.g., http://www.headlessbliss.com/comic/page-96#disqus_thread

Is this expected, and if it is, is there some way we can scale this back? I think over-firing is pretty bad in this case, because it erodes the impact of this signal.
Flags: needinfo?(tanvi)
(In reply to Chenxia Liu [:liuche] from comment #7)
> Tanvi, you mentioned that there is a bug that holds this on Nightly - which
> bug is that? I'd like to make sure we don't ship this on Fennec if it's not
> ready - I didn't realize that this feature had a Nightly flag on it, oops.

Hi Chenxia,

Sorry, this all happened kind of last minute.  Bug https://bugzilla.mozilla.org/show_bug.cgi?id=1217156 adds a pref for insecure password warnings.  It is restricted to Nightly right now.  I want to turn it on in Developer Edition soon but need two bugs fixed first to avoid warning fatigue by developers:
https://bugzilla.mozilla.org/show_bug.cgi?id=1217766 - don't warn for pdf.js
https://bugzilla.mozilla.org/show_bug.cgi?id=1217133 - don't warn for localhost

I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1221206 to turn the feature on for dev edition.

> 
> Also, I've noticed that there are a lot of websites where there isn't even a
> password in the "View source" that trigger this - this is very true of any
> webcomics that have a Disqus login (which pops up a separate https window
> for logging in).
> 
> e.g., http://www.headlessbliss.com/comic/page-96#disqus_thread
> 
> Is this expected, and if it is, is there some way we can scale this back? I
> think over-firing is pretty bad in this case, because it erodes the impact
> of this signal.

The warning appears if there is a password field anywhere on the page or in its subframes, even if it is hidden.  This bug was proposed to change that behavior:
https://bugzilla.mozilla.org/show_bug.cgi?id=1216802


And this was also filed to show some more context when the user is actually about to enter into the password field:
https://bugzilla.mozilla.org/show_bug.cgi?id=1217150
https://bugzilla.mozilla.org/show_bug.cgi?id=1217162

For mobile, I think you should also turn the pref off for everything but nightly and uplift.  Please let me know if you have any other questions.  Thanks Chenxia!
Flags: needinfo?(tanvi)
Depends on: 1185145
(Reporter)

Updated

2 years ago
No longer depends on: 748193
(Reporter)

Updated

2 years ago
No longer depends on: 1193343
(Reporter)

Updated

2 years ago
Depends on: 1217133
(Reporter)

Updated

2 years ago
Depends on: 1217766
(Reporter)

Updated

2 years ago
Depends on: 1217165
(Reporter)

Updated

2 years ago
Duplicate of this bug: 1217142
(Reporter)

Updated

2 years ago
No longer depends on: 748193
(Reporter)

Updated

2 years ago
No longer depends on: 1215344
(Reporter)

Updated

2 years ago
No longer depends on: 1216699
(Reporter)

Updated

2 years ago
No longer depends on: 1216802

Comment 10

2 years ago
I think the key point is that this is a HOSTING problem, not a software problem. Typically the maintainers of Disqus, Joomla or whatever Web software do not have any control over whether http or https is used on client installations, so there nothing to be gained by saying their software is insecure. It is neither secure nor insecure in this context, because it is not the service component at fault. The webhost is the service component lacking security.  

I guess CMS authors could include a trap which prevents their software being run on non-https connections, but doing so would be a foot-shooting exercise.
(Reporter)

Updated

2 years ago
No longer depends on: 1185145
(Reporter)

Updated

2 years ago
No longer depends on: 1217152
Summary: [userstory] CC: Warning for password on non-secure connection → [userstory] CC: Warning for password on non-secure connection for developers
(Reporter)

Updated

a year ago
No longer depends on: 1217162
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.