Closed
Bug 138863
Opened 22 years ago
Closed 22 years ago
"entering/leaving secure website" warning should be shown and acknowledged before any packet transfer is permitted by browser
Categories
(Core :: Security, defect)
Tracking
()
People
(Reporter: jvender, Assigned: security-bugs)
References
()
Details
From Bugzilla Helper: User-Agent: BuildID: 2002041711 In the Preferences Panel, when the Privacy-Security/SSL/SSL Warnings/ "Loading a Page that Supports Encryption" and "Leaving a Page that Supports Encryption" options are checked and the browser is loading or leaving a page that supports encryption, The security warning is not displayed until at least some of the content is allowed to pass through the browser, usually a lot of content. Reproducible: Always Steps to Reproduce: 1.browse to a page that supports encryption. 2.packets flow before the security warning is displayed. 3.Leave a page that supports encryption to a page that doesn't. 4. packets flow before the security warning is displayed. Actual Results: The security warning wasn't displayed until the page had already partially loaded into the browser and cache. Expected Results: The browser should immediately recognize the change to/from SSL status of the site and display a security warning which must be acknowledged before ANY packets are allowed to pass to or from the browser for that particular webpage. This bug is reminiscent of a bug in a popular firewall in which an "accept traffic?" dialog box would open for traffic which didn't fit any rule and all the while the traffic was flowing until the user denied the traffic.
dup of bug 62178 (by way of dup bug 99252) *** This bug has been marked as a duplicate of 62178 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•