Closed
Bug 1341068
Opened 8 years ago
Closed 3 years ago
Insecure Login Lock Icon displayed for http://www.alexa.com/ due to hidden <input type="password">
Categories
(Toolkit :: Password Manager: Site Compatibility, defect, P3)
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: u564464, Unassigned)
References
()
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:54.0) Gecko/20100101 Firefox/54.0
Build ID: 20170220110209
Steps to reproduce:
http://www.alexa.com/siteinfo/google.com
Actual results:
Shows insecure login lock icon as if there is an insecure login on the page. Password fields console warnings are also displayed.
Expected results:
While this page itself is not secure, the "Log in" link on the page redirects to a page with a secure connection. Since there is no visible login on this unsecured page, I wasn't expecting Firefox to show the insecure login lock icon.
Furthermore, Chrome does not show its "Not Secure" warning in the address bar for this page.
Comment 1•8 years ago
|
||
the page contains 7 hidden INPUT elements with type="password".
Component: Password Manager → Password Manager: Site Compatibility
Hardware: Unspecified → All
Summary: False Positive Insecure Login Lock Icon in Location Bar → Insecure Login Lock Icon displayed for http://www.alexa.com/ due to hidden <input type="password">
Updated•7 years ago
|
Priority: -- → P3
Site is now https and will be unavailable from March 1st, too
Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•