Closed Bug 126446 Opened 18 years ago Closed 18 years ago

msn.com - routes Mozilla sign-in through unsecured form

Categories

(Tech Evangelism Graveyard :: English US, defect, major)

x86
Windows XP
defect
Not set
major

Tracking

(Not tracked)

VERIFIED INVALID

People

(Reporter: jconrad, Assigned: doronr)

References

()

Details

Browse http://www.msn.com and click on "My MSN" tab (http://go.msn.com/0/11).


MSN takes Mozilla to (what appears to my untrained eye to be) an unsecured form
that transmits the .NET passport account and password without encryption.  The
URL for my form is:
 
http://login.passport.com/login.asp?id=6528&ru=http%3a%2f%2fmy.msn.com%2fpassport%2fppset.ashx%3fmsnru%3dhttp%3a%2f%2fmy.msn.com%2fmy.ashx%26msnruend%3d1&tw=1000000&kv=2&ct=1014141087&ems=1&ver=2.0.0248.1&tpf=b97a99e1e7cc90446744812287ea42a2


IE6 is displaying a completely different dialog (script?) for the .NET passport
sign-in to MSN.  IE6 continues to display the http://www.msn.com URL during this
dialog.

Mozilla and IE6 login to MSN (through .NET passport) differently.  The Mozilla
Build 2002020406 login is unencrypted.

Thanks.   JimC
whoa!  ->Tech Evang
Assignee: asa → doronr
Severity: enhancement → major
Component: Browser-General → US General
Product: Browser → Tech Evangelism
QA Contact: doronr → zach
Version: other → unspecified
Blocks: MS
Keywords: evang500
Summary: MSN routes Mozilla sign-in through unsecured form → msn.com - routes Mozilla sign-in through unsecured form
A look at the source shows that the form is submitted to a secure https:// URL.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → INVALID
Verified
2002040303/WinXP
Status: RESOLVED → VERIFIED
Depends on: 136207
No longer depends on: 136207
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in before you can comment on or make changes to this bug.