Closed Bug 1750195 Opened 3 years ago Closed 3 years ago

Background not displayed on certain test case

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Platform:
Desktop
All
Type:
defect

Tracking

()

Status:
RESOLVED INVALID
Tracking Flags:
Tracking Status
firefox-esr91 --- wontfix
firefox96 --- wontfix
firefox97 --- wontfix
firefox98 --- wontfix

People

(Reporter: atrif, Unassigned)

References

(Regression)

Details

(Keywords: regression)

Attachments

(1 file)

screenshot
180.47 KB, image/png
Details
Attached image screenshot

Affected versions

  • 98.0a1 (20220113215749)
  • 97.0b3 (20220113185849)
  • 96.0.1 (20220113185450)
  • 92.5.0esr (20220105212146)

Affected platforms

  • Windows 10x64
  • Windows 7x64
  • macOS 10.15

Steps to reproduce

  1. Open Firefox and https://codepen.io/SoftwareRVGdesignS/pen/OXkOWj.

Expected result

  • Background containing the Firefox logo is displayed..

Actual result

  • White background is displayed.

Regression range

Notes

  • Screenshot attached.
Has Regression Range: --- → yes
Has STR: --- → yes
Component: Graphics → DOM: Security

Hey Alexandru, thanks for filing. FWIW, Firefox is not going to do auto upgrading which would fix broken websites that are not using https subresources in https contexts (hence Bug 1703847: Disable Mixed Content Auto-upgrading in Nightly (and in general).

In this particular case the Page CSP blocked the load:
Content Security Policy: Blocking insecure request ‘http://articles-images.sftcdn.net/wp-content/uploads/sites/2/2014/10/firefox-android-header-664x374.png’.

The best way to fix the website is to update the image-request from http: to https:. Please note that Chrome is shipping mixed-content-auto upgrading and therefore this works in Chrome. However, it's a website problem, not a browser problem.

Flags: needinfo?(alexandru.trif)

(In reply to Christoph Kerschbaumer [:ckerschb] from comment #1)

Hey Alexandru, thanks for filing. FWIW, Firefox is not going to do auto upgrading which would fix broken websites that are not using https subresources in https contexts (hence Bug 1703847: Disable Mixed Content Auto-upgrading in Nightly (and in general).

In this particular case the Page CSP blocked the load:
Content Security Policy: Blocking insecure request ‘http://articles-images.sftcdn.net/wp-content/uploads/sites/2/2014/10/firefox-android-header-664x374.png’.

The best way to fix the website is to update the image-request from http: to https:. Please note that Chrome is shipping mixed-content-auto upgrading and therefore this works in Chrome. However, it's a website problem, not a browser problem.

Hello and thank you for the explanation, Christoph. I think it's good to close this as Invalid based on the above.

Status: NEW → RESOLVED
Closed: 3 years ago
Flags: needinfo?(alexandru.trif)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: