Closed Bug 1252972 Opened 4 years ago Closed 4 years ago

Show grey lock with yellow warning in identity box for sites with both a user overridden cert and blocked mixed active content

Categories

(Firefox :: General, defect, P1)

defect

Tracking

()

VERIFIED FIXED
Firefox 47
Iteration:
47.3 - Mar 7
Tracking Status
firefox47 --- verified

People

(Reporter: nhnt11, Assigned: nhnt11)

References

()

Details

(Whiteboard: [fxprivacy])

Attachments

(1 file)

Tanvi said in bug 1201437 comment 54:

In the mixed active content blocked + certificate override case, we should show the grey lock with the yellow triangle in the location bar.

* mixed active content blocked by itself - green lock with the grey warning triangle.
* certificate override case by itself - grey lock with the yellow warning triangle.
* mixed active content blocked + certificate override - the policy is to show the most degraded security indicator, so in this case, its the grey lock with yellow warning triangle.
I tested the patch in a shallow manner - without the patch, when the identity box has both the mixedActiveBlocked and certUserOverridden classes, it shows the green lock with gray triangle. With the patch, it shows the gray lock and yellow triangle.

Paul, could you please test the patch and confirm that it fixes the issue? Could you also please let me know how you're testing this? I couldn't reproduce with the site in your screenshot (https://www.onlinesearches.com).

Thanks!
Flags: needinfo?(paul.silaghi)
(In reply to Nihanth Subramanya [:nhnt11] from comment #2)
> Paul, could you please test the patch and confirm that it fixes the issue?
Sure. Could you make me a try build please?

> Could you also please let me know how you're testing this? I couldn't
> reproduce with the site in your screenshot (https://www.onlinesearches.com).
https://www.onlinesearches.com reproduces the issue for me (47.0a1 (2016-03-02) Win 7 x64). Make sure you use "https" in the beginning.
Flags: needinfo?(paul.silaghi)
Comment on attachment 8725812 [details]
MozReview Request: Bug 1252972 - Move identity box icon rules for the cert override case below the others to give it priority. r=paolo

The solution looks good and clean, the user overridden state takes priority over the other states for the connection security icon. I haven't tested locally since I see Paul is helping with this. Thanks!
Attachment #8725812 - Flags: review?(paolo.mozmail) → review+
Never mind, I was able to test it myself - navigating to https://www.onlinesearches.com results in a cert error for me on a fresh profile (but not on my existing ones!). I'll investigate that separately.
https://hg.mozilla.org/integration/fx-team/rev/6cf4691637dd061ab899ad984b17af92cb1e8d6e
Bug 1252972 - Move identity box icon rules for the cert override case below the others to give it priority. r=paolo
https://hg.mozilla.org/mozilla-central/rev/6cf4691637dd
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 47
Iteration: --- → 47.3 - Mar 7
Flags: qe-verify?
Priority: -- → P1
What happens when you disable mixed content blocking protection?  You should go from the grey lock + yellow triangle to the grey lock with a red strikethrough.
Flags: needinfo?(nhnt11)
(In reply to Tanvi Vyas out til 3/14 [:tanvi] from comment #8)
> What happens when you disable mixed content blocking protection?  You should
> go from the grey lock + yellow triangle to the grey lock with a red
> strikethrough.

This is indeed the case, though it also results in no indication at all that there is a cert override (filed bug 1253771).
Flags: needinfo?(nhnt11)
Verified fixed FX 47.0a1 (2016-03-06) Win 7.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.