Closed Bug 169289 Opened 23 years ago Closed 23 years ago

No alert for Encrypted/Unencrypted mix and displays both during HTTPS session

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
PowerPC
Mac System 9.x
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 135007

People

(Reporter: ramzewe, Assigned: ssaux)

References

Details

User-Agent: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.0.0) Gecko/20020529 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.0.0) Gecko/20020529 Mozilla 1.0 does not alert the user when viewing a page that contains encrypted and unencrypted data, worse it displays the unencrypted data. This is contrary to the correct behavior in Netscape 4.x which alerts the user and does NOT display unencrypted data Reproducible: Always Steps to Reproduce: 1.load the following link during an HTTPS session: <img src="http://images.00mm.net/metrowerks/images/spacer.gif" width="1" height="1" alt="" border="0"></td> (often ab-used for web bug email tracking...) Actual Results: 1. There WILL NOT be an alert indicating that "You have requested a secure document that contains some insecure information. The insecure information will not be shown." And the insecure information WILL be shown. Expected Results: Should produce the above alert and NOT show the insecure information, as would be the case using Netscape 4.x Netscape 7.0 using the Gecko engine is also susceptible. See bug #169085
ramzewe, are you using the same user profile in both Mozilla and Netscape 7? Please be aware that isn't supported and causes some problems. See the release notes for either browser.
*** Bug 177008 has been marked as a duplicate of this bug. ***
->PSM
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: Trunk → 2.4
I believe that the new policy is to allow gif files from http:// sources to be displayed without a security warning.
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
QA Contact: junruh → bmartin
Resolution: --- → WONTFIX
My understanding is: It is currently not seen as a high priority feature to check the security feature of images, but it is indeed wanted for a future release.
Status: RESOLVED → UNCONFIRMED
Resolution: WONTFIX → ---
*** This bug has been marked as a duplicate of 135007 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → DUPLICATE
Verified dupe.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm2.4 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.