Closed Bug 1328708 Opened 7 years ago Closed 7 years ago

Github login is considered insecure, even though it uses HTTPS

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: clogged.drainpipe, Unassigned)

References

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0
Build ID: 20170104030214

Steps to reproduce:

Try to log in to Github (https://github.com/login)


Actual results:

Got an insecure password field warning.


Expected results:

No warning, the page uses HTTPS.
Blocks: 748193
I wasn't able to reproduce this.  Kamil, can you use the latest Nightly and see if you see this issue?

Thanks!
Flags: needinfo?(kjozwiak)
Can you please include steps to reproduce which include the site that sent you to GitHub? The GitHub login page could have had a non-secure opener browsing context[1] e.g. an HTTP page used window.open to open https://github.com/login.

[1] https://w3c.github.io/webappsec-secure-contexts/#examples-top-level
Flags: needinfo?(clogged.drainpipe)
It seems to be working fine right, now. Before I could easily reproduce, but now I cannot.
Maybe Github was temporarily doing something funky with their infrastructure?

Closing bug.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Flags: needinfo?(clogged.drainpipe)
Resolution: --- → WORKSFORME
Removing the ni?. I tried reproducing the issue with several different websites but couldn't reproduce either. Looking at comment#3, it seems like this isn't happening anymore.
Flags: needinfo?(kjozwiak)
You need to log in before you can comment on or make changes to this bug.