Closed Bug 139948 Opened 23 years ago Closed 23 years ago

SSL Tooltip not updated when going from one ssl site to another

Categories

(Core Graveyard :: Security: UI, defect, P1)

1.0 Branch
x86
Linux
defect

Tracking

(Not tracked)

VERIFIED FIXED
psm2.3

People

(Reporter: kitame, Assigned: KaiE)

References

Details

(Whiteboard: [adt1])

Attachments

(2 files)

on 1.0RC1 and trunk (2002-04-23). Go to https://mail.epost.de/ this is a SSL site signed by verisign (check with tooltip of over the lock icon). Now go to https://www.entrust.net/ have a look at the tooltip. Hey, why do entrust.net have their website signed by verisign? Now a more dangerous case: go to https://ssl.drinsama.de/ and accept the certificate. check with the tooltip that you still are on a site sigend by verisign!
->PSM
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: other → 2.3
kai. Can you take a look at this asap?
Assignee: ssaux → kaie
Priority: -- → P1
Target Milestone: --- → 2.3
It might be of some use to note that Galeon had a bug very similar to this, which was basically the result of some wise guy who said "Why should we update the security icon if we're going from one secure site to another??" -- unfortunately, the same function that updated the security icon also updated the security tooltip. Someone fix this soon so Debian can apply the patch to 1.0 rc1 before releasing Woody on May 1 :P
confirming and accepting bug
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Jared, I agree, the problem is similar. I trace the code and see, the security code correctly updates its internal information to contain the correct new tooltip string. However, currently security code does not actively push that information to the UI. Instead, the UI is fetching the string, and seems to cache that string until the security state changes. Currently the security code will only notify others when the security state changes. Obviously this is not correct, it must notify whenever a page finished loading, and the tooltip text could have potentially changed, to allow the UI to refetch the tooltip text. I'm attaching a simple patch, that fixes the problem for me.
Blocks: lockicon
Attached patch Suggested fixSplinter Review
This patch shows that the change only consists of moving one bracket. It has the effect that the notifying code will be executed in any case a document loading stops (no longer only if the state differs from the previous state).
Javi, can you please review? Jag, can you please superreview?
Keywords: nsbeta1+
Whiteboard: [adt1]
Comment on attachment 81452 [details] [diff] [review] Same Patch with bigger context and ignoring whitespace r=javi
Attachment #81452 - Flags: review+
Attachment #81452 - Flags: superreview+
sr=jag
Keywords: adt1.0.0
Nominating for mozilla 1.0.
Keywords: mozilla1.0
Comment on attachment 81452 [details] [diff] [review] Same Patch with bigger context and ignoring whitespace a=rjesup@wgate.com for branch checkin; please make sure it's in trunk as well
Attachment #81452 - Flags: approval+
Checked in to trunk, fixed.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
adding adt1.0.0+. Please check this into the branch and add the fixed1.0.0 keyword.
Keywords: adt1.0.0adt1.0.0+
fixed-on-branch
Keywords: adt1.0.0+fixed1.0.0
Verified on branch.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm2.3 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: