Open
Bug 1342476
Opened 8 years ago
Updated 2 years ago
The insecure password support page can't be accessed using only the keyboard
Categories
(Firefox :: Security, defect, P5)
Firefox
Security
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox51 | --- | unaffected |
| firefox52 | --- | wontfix |
| firefox53 | --- | affected |
| firefox54 | --- | affected |
People
(Reporter: JuliaC, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: access, Whiteboard: [fxprivacy])
[Affected versions]:
- latest Nightly 54.0a1 (2017-02-24)
- latest Aurora 53.0a2 (2017-02-24)
- 52.0b9 build2 (20170223185858)
[Affected platforms]:
- Windows 10 x64
- Windows 7 x64
- Ubuntu 16.04 x64
- Mac OS 10.11.6
[Steps to reproduce]:
1. Launch Firefox
2. Go to a http site that requires a login process (e.g. http://imgur.com/login)
3. Focus the username / email field (if it is not already autofocused)
4. Use the keyboard (up/down arrow) in order to focus the insecure contextual warning
5. Use the keyboard (hit Enter) in order to access the insecure password support page
6. Repeat steps 3, 4 and 5 for the password field
[Expected result]:
- [step 5] [step6] A new tab is opened and the user is redirected to Mozilla Support: https://support.mozilla.org/en-US/kb/insecure-password-warning-firefox?as=u&utm_source=inproduct
[Actual result]:
- The insecure contextual warning is dismissed
- The insecure password support page is not opened
[Regression range]:
- I will investigate this as soon as possible
[Additional notes]:
- The issue is not e10s related
I guess it is not a regression, but because of the introduction of the feature.
Has STR: --- → yes
Keywords: regression,
regressionwindow-wanted
|
Reporter | |
Comment 2•8 years ago
|
||
Yes, indeed, this is not a regression, as is reproducible starting with 53.0a1 (20170104030214), when bug 1217152 was fixed.
|
||
Comment 3•8 years ago
|
||
Ryan, what's your input on this? How important is this to fix?
It may be an accessibility issue, but actually clicking the learn more link would likely only be useful once.
Also, it may conflict with users' flows whereby they have muscle memory (hitting Enter would open a new tab).
It mostly stems from having a Learn More link in the autocomplete row.
Flags: needinfo?(rfeeley)
|
||
Comment 4•8 years ago
|
||
I believe that MattN had some reasons for not including. I'm worried that it will be triggered accidentally more often than not, which is distracting as it opens a web page.
The original plan was to open control center to connection subview, less harmful (and what Chrome is doing).
Matt, can you clarify what the current status is?
Flags: needinfo?(rfeeley) → needinfo?(MattN+bmo)
|
||
Updated•8 years ago
|
Whiteboard: [fxprivacy] [triage] → [fxprivacy]
|
||
Comment 5•8 years ago
|
||
Mass wontfix for bugs affecting firefox 52.
|
||
Comment 6•7 years ago
|
||
It is complicated to implement this because of the two separate processes. I believe we found an approach for form autofill's footer that works okay so we can use that same approach for this warning.
Flags: needinfo?(MattN+bmo)
|
||
Updated•5 years ago
|
Priority: -- → P5
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•