Closed
Bug 1490982
Opened 6 years ago
Closed 6 years ago
The green padlock disappears (or "Not Secure" is shown) after opening and closing a notification about a reported profile on Twitter
Categories
(Core :: Security: PSM, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla64
Tracking | Status | |
---|---|---|
geckoview62 | --- | unaffected |
firefox-esr60 | --- | unaffected |
firefox62 | --- | unaffected |
firefox63 | --- | unaffected |
firefox64 | --- | fixed |
People
(Reporter: jan, Assigned: keeler)
References
(Regression, )
Details
(Keywords: nightly-community, regression, Whiteboard: [psm-assigned])
Attachments
(3 files)
From my perception it is a regression from the last week. I have custom security prefs. I try to find STR. Maybe someone of you has seen the same.
Flags: needinfo?(jan)
Comment 1•6 years ago
|
||
I'm not sure what this bug is supposed to tell me :)
Reporter | ||
Comment 2•6 years ago
|
||
Reporter | ||
Comment 3•6 years ago
|
||
Flags: needinfo?(jan)
Reporter | ||
Comment 4•6 years ago
|
||
1. Set security.insecure_connection_icon.enabled;true and security.insecure_connection_text.enabled;true 2. Open https://twitter.com/i/notifications and log in. 3. Click on a notification about a reported profile and close it. Without those two prefs the green lock just disappears, so Fx 64 is affected. mozregression --good 2018-07-01 --bad 2018-09-13 --pref security.insecure_connection_icon.enabled:true security.insecure_connection_text.enabled:true -a https://twitter.com/i/notifications > 16:10.26 INFO: Last good revision: 7056aff16fb8124f1d6043538b9947017c4623e4 > 16:10.26 INFO: First bad revision: 2f4adf14e6231a1668558dd78ecbe56a421591b6 > 16:10.26 INFO: Pushlog: > https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=7056aff16fb8124f1d6043538b9947017c4623e4&tochange=2f4adf14e6231a1668558dd78ecbe56a421591b6 > 2f4adf14e623 Dana Keeler — bug 832834 - reimplement nsSecureBrowserUIImpl r=franziskus,Felipe
Blocks: 832834
status-firefox62:
--- → unaffected
status-firefox63:
--- → unaffected
status-firefox-esr60:
--- → unaffected
status-geckoview62:
--- → unaffected
Flags: needinfo?(dkeeler)
Keywords: nightly-community
Summary: "Not Secure" on Twitter after browsing a while on it → The green padlock disappears (or "Not Secure" is shown) after opening and closing a notification about a reported profile on Twitter
Assignee | ||
Comment 5•6 years ago
|
||
Is "security.ssl.treat_unsafe_negotiation_as_broken" set to true in your profile? If you can still reproduce this, running with the environment variable "nsSecureBrowserUI" set to "5" might provide some useful output. Alternatively, have you found another way to reproduce this? I don't happen to have a notification about a reported profile in my twitter account.
Flags: needinfo?(dkeeler) → needinfo?(jan)
Assignee | ||
Comment 6•6 years ago
|
||
(In reply to Dana Keeler [:keeler] (she/her) (use needinfo) from comment #5) > running with the environment variable > "nsSecureBrowserUI" set to "5" Er, rather - that should be the environment variable "MOZ_LOG" set to "nsSecureBrowserUI:5".
Reporter | ||
Comment 7•6 years ago
|
||
> mozregression --launch 2018-09-13 security.ssl.treat_unsafe_negotiation_as_broken is false (default). Just report someone (e.g. https://twitter.com/neildeb0 as fake of https://twitter.com/elonmusk) and wait until you get "We received your report over the past hour" after some time. :D MOZ_LOG=nsSecureBrowserUI:5 mozregression -B debug --launch 2018-09-11 -a https://twitter.com/i/notifications > 0:58.25 INFO: Assertion failure: aValue.isObject(), at /builds/worker/workspace/build/src/dom/bindings/BindingUtils.cpp:3440 Newer debug builds seem to be unusable. :( MOZ_LOG=nsSecureBrowserUI:5 mozregression -B debug --launch 2018-09-06 -a https://twitter.com/i/notifications page is loaded: > 1:28.87 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI GetState 0x7fac1553add0 > 1:28.87 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI mState: 82002 > 1:29.10 INFO: [Child 14403, Main Thread] WARNING: '!window', file /builds/worker/workspace/build/src/dom/cache/CacheStorage.cpp, line 596 > 1:29.26 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI GetState 0x7fac1553add0 > 1:29.26 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI mState: 82002 closed the notification: > 1:46.69 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI we have a channel 0x7fac013f1878 > 1:46.69 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI we have a security info 0x7fac0092a010 > 1:46.69 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI set mTopLevelSecurityInfo > 1:46.69 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI have sslStatus 0x7fac0d2f0d60 > 1:46.69 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI calling OnSecurityChange 0x7fac013f1878 80002 > 1:47.33 INFO: [Child 14403, Main Thread] WARNING: '!window', file /builds/worker/workspace/build/src/dom/cache/CacheStorage.cpp, line 596 > 1:49.87 INFO: ++DOMWINDOW == 24 (0x7fac0c468800) [pid = 14403] [serial = 61] [outer = 0x7fac008b1c00] > 1:49.87 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI 0x7fac1553add0 OnLocationChange: 0x7fac0adb2028 0x7fac0094c358 about:blank 0 > 1:49.87 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI we have a channel 0x7fac0094c358 > 1:49.87 INFO: [Child 14403: Main Thread]: D/nsSecureBrowserUI calling OnSecurityChange 0x7fac0094c358 4
Flags: needinfo?(jan)
Assignee | ||
Comment 8•6 years ago
|
||
Ok - thanks. I can reproduce this now.
Reporter | ||
Comment 9•6 years ago
|
||
I think there's another STR, but I wasn't able to narrow it down yet.
Assignee | ||
Comment 10•6 years ago
|
||
Looks like loading an iframe and then navigating it to about:blank is sufficient to reproduce.
Assignee: nobody → dkeeler
Component: Site Identity and Permission Panels → Security: PSM
Priority: -- → P1
Product: Firefox → Core
Whiteboard: [psm-assigned]
Assignee | ||
Comment 11•6 years ago
|
||
Updated•6 years ago
|
Attachment #9009296 -
Attachment description: bug 1490982 - filter out OnLocationChange events that aren't for our window in nsSecureBrowserUIImpl r?felipe → bug 1490982 - filter out OnLocationChange events that aren't top-level in nsSecureBrowserUIImpl r?Gijs
Comment 14•6 years ago
|
||
Comment on attachment 9009296 [details] bug 1490982 - filter out OnLocationChange events that aren't top-level in nsSecureBrowserUIImpl r?Gijs :Gijs (he/him) has approved the revision.
Attachment #9009296 -
Flags: review+
Assignee | ||
Comment 15•6 years ago
|
||
Thanks for the reviews! (Also thank you Jan for working with me to figure this out!) https://treeherder.mozilla.org/#/jobs?repo=try&revision=8b494f9d1e2c40c954c3e349934a4be354cf3d09
Comment 16•6 years ago
|
||
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/eeac0b5dbb25 filter out OnLocationChange events that aren't top-level in nsSecureBrowserUIImpl r=Gijs
Comment 17•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/eeac0b5dbb25
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Updated•5 years ago
|
Updated•2 years ago
|
Has Regression Range: --- → yes
You need to log in
before you can comment on or make changes to this bug.
Description
•