Closed
Bug 169289
Opened 22 years ago
Closed 21 years ago
No alert for Encrypted/Unencrypted mix and displays both during HTTPS session
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 135007
People
(Reporter: ramzewe, Assigned: ssaux)
References
Details
User-Agent: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.0.0) Gecko/20020529 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.0.0) Gecko/20020529 Mozilla 1.0 does not alert the user when viewing a page that contains encrypted and unencrypted data, worse it displays the unencrypted data. This is contrary to the correct behavior in Netscape 4.x which alerts the user and does NOT display unencrypted data Reproducible: Always Steps to Reproduce: 1.load the following link during an HTTPS session: <img src="http://images.00mm.net/metrowerks/images/spacer.gif" width="1" height="1" alt="" border="0"></td> (often ab-used for web bug email tracking...) Actual Results: 1. There WILL NOT be an alert indicating that "You have requested a secure document that contains some insecure information. The insecure information will not be shown." And the insecure information WILL be shown. Expected Results: Should produce the above alert and NOT show the insecure information, as would be the case using Netscape 4.x Netscape 7.0 using the Gecko engine is also susceptible. See bug #169085
ramzewe, are you using the same user profile in both Mozilla and Netscape 7? Please be aware that isn't supported and causes some problems. See the release notes for either browser.
Comment 2•22 years ago
|
||
*** Bug 177008 has been marked as a duplicate of this bug. ***
Comment 3•22 years ago
|
||
->PSM
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: Trunk → 2.4
Comment 4•21 years ago
|
||
I believe that the new policy is to allow gif files from http:// sources to be displayed without a security warning.
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
QA Contact: junruh → bmartin
Resolution: --- → WONTFIX
Comment 5•21 years ago
|
||
My understanding is: It is currently not seen as a high priority feature to check the security feature of images, but it is indeed wanted for a future release.
Status: RESOLVED → UNCONFIRMED
Resolution: WONTFIX → ---
Comment 6•21 years ago
|
||
*** This bug has been marked as a duplicate of 135007 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago → 21 years ago
Resolution: --- → DUPLICATE
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•